winhttp: Use a process global SSL context instead of per connection.

2fb74678 · Hans Leidekker · Alexandre Julliard · 520b6e81 · 2fb74678 · 2fb74678
Commit 2fb74678 authored Sep 07, 2008 by Hans Leidekker Committed by Alexandre Julliard Sep 08, 2008
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 10 deletions

net.c dlls/winhttp/net.c +7 -9

winhttp_private.h dlls/winhttp/winhttp_private.h +0 -1

No files found.
--- a/dlls/winhttp/net.c
+++ b/dlls/winhttp/net.c
@@ -83,6 +83,7 @@ static void *libssl_handle;
 static void *libcrypto_handle;
 static SSL_METHOD *method;
+static SSL_CTX *ctx;
 #define MAKE_FUNCPTR(f) static typeof(f) * p##f
@@ -90,7 +91,6 @@ MAKE_FUNCPTR( SSL_library_init );
 MAKE_FUNCPTR( SSL_load_error_strings );
 MAKE_FUNCPTR( SSLv23_method );
 MAKE_FUNCPTR( SSL_CTX_new );
-MAKE_FUNCPTR( SSL_CTX_free );
 MAKE_FUNCPTR( SSL_new );
 MAKE_FUNCPTR( SSL_free );
 MAKE_FUNCPTR( SSL_set_fd );
@@ -207,7 +207,6 @@ BOOL netconn_init( netconn_t *conn, BOOL secure )
    LOAD_FUNCPTR( SSL_load_error_strings );
    LOAD_FUNCPTR( SSLv23_method );
    LOAD_FUNCPTR( SSL_CTX_new );
-    LOAD_FUNCPTR( SSL_CTX_free );
    LOAD_FUNCPTR( SSL_new );
    LOAD_FUNCPTR( SSL_free );
    LOAD_FUNCPTR( SSL_set_fd );
@@ -240,8 +239,6 @@ BOOL netconn_init( netconn_t *conn, BOOL secure )
    pBIO_new_fp( stderr, BIO_NOCLOSE );
    method = pSSLv23_method();
-    conn->ssl_ctx = pSSL_CTX_new( method );
 #else
    WARN("SSL support not compiled in.\n");
    set_last_error( ERROR_WINHTTP_SECURE_CHANNEL_ERROR );
@@ -312,13 +309,14 @@ BOOL netconn_secure_connect( netconn_t *conn )
    X509 *cert;
    long res;
-    if (!pSSL_CTX_set_default_verify_paths( conn->ssl_ctx ))
+    ctx = pSSL_CTX_new( method );
+    if (!pSSL_CTX_set_default_verify_paths( ctx ))
    {
        ERR("SSL_CTX_set_default_verify_paths failed: %s\n", pERR_error_string( pERR_get_error(), 0 ));
        set_last_error( ERROR_OUTOFMEMORY );
        return FALSE;
    }
-    if (!(conn->ssl_conn = pSSL_new( conn->ssl_ctx )))
+    if (!(conn->ssl_conn = pSSL_new( ctx )))
    {
        ERR("SSL_new failed: %s\n", pERR_error_string( pERR_get_error(), 0 ));
        set_last_error( ERROR_OUTOFMEMORY );
@@ -488,8 +486,8 @@ BOOL netconn_get_next_line( netconn_t *conn, char *buffer, DWORD *buflen )
 #ifdef SONAME_LIBSSL
        long timeout;
-        timeout = pSSL_CTX_get_timeout( conn->ssl_ctx );
+        timeout = pSSL_CTX_get_timeout( ctx );
-        pSSL_CTX_set_timeout( conn->ssl_ctx, DEFAULT_RECEIVE_TIMEOUT );
+        pSSL_CTX_set_timeout( ctx, DEFAULT_RECEIVE_TIMEOUT );
        while (recvd < *buflen)
        {
@@ -506,7 +504,7 @@ BOOL netconn_get_next_line( netconn_t *conn, char *buffer, DWORD *buflen )
            }
            if (buffer[recvd] != '\r') recvd++;
        }
-        pSSL_CTX_set_timeout( conn->ssl_ctx, timeout );
+        pSSL_CTX_set_timeout( ctx, timeout );
        if (ret)
        {
            buffer[recvd++] = 0;

--- a/dlls/winhttp/winhttp_private.h
+++ b/dlls/winhttp/winhttp_private.h
@@ -91,7 +91,6 @@ typedef struct
 {
    int socket;
    BOOL secure; /* SSL active on connection? */
-    void *ssl_ctx;
    void *ssl_conn;
    char *peek_msg;
    char *peek_msg_mem;