On 06/13/2014 10:46 PM, Alex Rousskov wrote:
> On 04/25/2014 01:46 AM, Amos Jeffries wrote:
>
>> On 25/04/2014 12:56 p.m., Alex Rousskov wrote:
>>> Do not leak fake SSL certificate context cache when reconfigure
>>> changes port addresses.
>
>> This requires the guarantee that all connections using the storage are
>> closed right?
>
>
> Hi Christos,
>
> My understanding is that deleting a cached LocalContextStorage object
> does not actually affect connections that use the corresponding SSL_CTX
> and certificate because any SSL object using those things increments
> their sharing counter and deleting LocalContextStorage only decrements
> that counter. The [cached] SSL_CTX object is not destroyed by
> SSL_CTX_free until that sharing counter reaches zero. Is my
> understanding flawed?
This is true. The SSL_CTX objects are not destroyed.
>
> Do we have any code that stores SSL_CTX pointers for asyncrhonous use
> (i.e., across many main loop iterations) but does not increment the
> sharing counter?
Nope.
I hope I am not loosing anything. In any case if such case found it
should be considered as bug, and must fixed...
>
>
> Thank you,
>
> Alex.
>
>
Received on Sun Jun 15 2014 - 11:00:37 MDT
This archive was generated by hypermail 2.2.0 : Mon Jun 16 2014 - 12:00:11 MDT