Skip to content
This repository
Browse code

[fix] ssl: create an ssl context for each connect/listen

  • Loading branch information...
commit 720382329a55bdb3d8cb652e02210f59198b6934 1 parent fe62571
Hugo Heuzard authored

Showing 1 changed file with 6 additions and 6 deletions. Show diff stats Hide diff stats

  1. +6 6 libsecurity/sslAS.ml
12 libsecurity/sslAS.ml
@@ -210,14 +210,14 @@ let ssl_init = lazy (
210 210 )
211 211
212 212 (* Create an SSL server context *)
213   -let ssl_server_context = lazy (
  213 +let ssl_server_context() =
214 214 Lazy.force ssl_init;
215   - Ssl.create_context Ssl.SSLv23 Ssl.Server_context)
  215 + Ssl.create_context Ssl.SSLv23 Ssl.Server_context
216 216
217 217 (* Create an SSL client context *)
218   -let ssl_client_context = lazy (
  218 +let ssl_client_context() =
219 219 Lazy.force ssl_init;
220   - Ssl.create_context Ssl.SSLv23 Ssl.Client_context)
  220 + Ssl.create_context Ssl.SSLv23 Ssl.Client_context
221 221
222 222 (* Digest name and size used for fingerprint *)
223 223 let digest_name, digest_size = (* "SHA1", 40 *) "SHA256", 64 (* "SHA512", 128 *)
@@ -284,7 +284,7 @@ let get_listen_callback sched (server_params, client_params) server_fun =
284 284 | _ -> false, false, false in
285 285 let has_server_ca = Option.is_some server_params.cert_cafile || Option.is_some server_params.cert_capath in
286 286 info "glc" "ctx...";
287   - let ctx = Lazy.force ssl_server_context in
  287 + let ctx = ssl_server_context() in
288 288 info "glc" "ctx ok";
289 289 if server_params.cert_password <> "" then
290 290 Ssl.set_password_callback ctx (fun _ -> server_params.cert_password);
@@ -400,7 +400,7 @@ let get_err_cont sched conn err_cont =
400 400
401 401
402 402 let connect sched conn (client_certificate, verify_cert) ?err_cont cont =
403   - let ctx = Lazy.force ssl_client_context in
  403 + let ctx = ssl_client_context() in
404 404 (* Provide this client certificate if asked *)
405 405 let err_cont = get_err_cont sched conn err_cont in
406 406 begin match client_certificate with

0 comments on commit 7203823

Please sign in to comment.
Something went wrong with that request. Please try again.