> Your best bet is to increment the reference count directly, there's no > existing SSL_SESSION API function for doing this.
Well, I did look around for about an hour to make sure I wasn't missing something before I wrote. I just hate accessing structure internals directly, in case they are changed later on and fail to work. > If you want to make > your code thread-safe in case it gets reused later under threading > circumstances, then wrap it with the appropriate locking; > > CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION); > sess->references++; > CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION); It's nsock, used as part of nmap, and is by design never going to use threads. If it were to be threaded, it'd need a complete code review anyway, and adding in the hooks for OpenSSL would be trivial compared to checking out the rest of it. > Oh, and thanks for making me look at this - I've just realised the locking > in ssl/ssl_sess.c is wrong ... commiting a fix shortly. :-) No prob. But while you've decreased my workload with your response, seems I've added to yours. Sorry. ;-) -- Brian Hatch "If you are going to kill me, Systems and then do so. Otherwise, I have Security Engineer considerable work to do." http://www.ifokr.org/bri/ Every message PGP signed
pgp00000.pgp
Description: PGP signature
