Re: [openssl-dev] OpenSSL 1.1 SSL_CTX issues

2016-01-26 Thread Matt Caswell
On 21/01/16 17:57, Viktor Dukhovni wrote: > On Thu, Jan 21, 2016 at 05:33:51PM +, Howard Chu wrote: > >> In OpenLDAP we've been using >> CRYPTO_add(>references, 1, CRYPTO_LOCK_SSL_CTX) >> to manage our own SSL_CTXs but this is not possible with current 1.1. Making >> the structures opaque

Re: [openssl-dev] OpenSSL 1.1 SSL_CTX issues

2016-01-21 Thread Viktor Dukhovni
On Thu, Jan 21, 2016 at 05:33:51PM +, Howard Chu wrote: > In OpenLDAP we've been using > CRYPTO_add(>references, 1, CRYPTO_LOCK_SSL_CTX) > to manage our own SSL_CTXs but this is not possible with current 1.1. Making > the structures opaque is a good move, but please provide methods to >

[openssl-dev] OpenSSL 1.1 SSL_CTX issues

2016-01-21 Thread Howard Chu
In OpenLDAP we've been using CRYPTO_add(>references, 1, CRYPTO_LOCK_SSL_CTX) to manage our own SSL_CTXs but this is not possible with current 1.1. Making the structures opaque is a good move, but please provide methods to manipulate refcounts. Currently ssl_lib.c appears to bump the ctx