Changeset def3650 for lib/ssl_openssl.c

Timestamp:

2012-12-24T13:28:02Z (11 years ago)

Author:

Wilmer van der Gaast <wilmer@…>

Branches:

master

Children:

9b67285

Parents:

3f661849

Message:

In the OpenSSL module, keep only one global SSL context instead of recreating
one for every connection.

File:

• lib/ssl_openssl.c (modified) (6 diffs)

lib/ssl_openssl.c

@@ -2 +2 @@
   * BitlBee -- An IRC to other IM-networks gateway                     *
   *                                                                    *
-  * Copyright 2002-2004 Wilmer van der Gaast and others                *
+  * Copyright 2002-2012 Wilmer van der Gaast and others                *
   \********************************************************************/
 
@@ -52 +52 @@
         int lasterr;            /* Necessary for SSL_get_error */
         SSL *ssl;
-        SSL_CTX *ssl_ctx;
 };
+
+static SSL_CTX *ssl_ctx;
 
 static void ssl_conn_free( struct scd *conn );
@@ -63 +64 @@
 void ssl_init( void )
 {
+        const SSL_METHOD *meth;
+        
+        SSL_library_init();
+        
+        meth = TLSv1_client_method();
+        ssl_ctx = SSL_CTX_new( meth );
+        
         initialized = TRUE;
-        SSL_library_init();
-        // SSLeay_add_ssl_algorithms();
 }
 
@@ -122 +128 @@
 {
         struct scd *conn = data;
-        const SSL_METHOD *meth;
         
         if( conn->verify )
@@ -142 +147 @@
         }
         
-        meth = TLSv1_client_method();
-        conn->ssl_ctx = SSL_CTX_new( meth );
-        if( conn->ssl_ctx == NULL )
+        
+        if( ssl_ctx == NULL )
                 goto ssl_connected_failure;
         
-        conn->ssl = SSL_new( conn->ssl_ctx );
+        conn->ssl = SSL_new( ssl_ctx );
         if( conn->ssl == NULL )
                 goto ssl_connected_failure;
@@ -251 +255 @@
 {
         SSL_free( conn->ssl );
-        SSL_CTX_free( conn->ssl_ctx );
         g_free( conn->hostname );
         g_free( conn );