[squid-dev] [PATCH] initial GnuTLS support for encrypted server connections
Christos Tsantilas
christos at chtsanti.net
Thu Feb 2 09:32:09 UTC 2017
On 02/02/2017 03:16 πμ, Alex Rousskov wrote:
> On 02/01/2017 01:42 PM, Christos Tsantilas wrote:
>> must take in account that some openSSL calls
>> returns locket objects, and some other unlocked objects.
>
> Does the patch start using shared pointers for any objects in the
> second, "returned unlocked" category? AFAICT, only the SSL connection
> object (shared_ptr<SSL>) is currently affected. That object is always
> given to Squid locked by OpenSSL, right?
Yes.
However this patch changes Security::SessionPointer from a
LockingPointer which was actually a wrapper for OpenSSL locking system
to be a shared_ptr<> which uses its own locking system.
It should not exist any problem (this is why I did not make more tests),
just I am referring to this.
>
> We would have to remember to ask ourselves these questions for every new
> OpenSSL-lockable type that we start using inside a shared_ptr, of
> course, but if OpenSSL always returns locked SSL objects, those should
> be "safe to share" AFAICT.
>
> Thank you,
>
> Alex.
>
More information about the squid-dev
mailing list