Hans Leidekker : winhttp: Use a process global SSL context instead of per connection. - wine-commits

8 Sep 2008

Module: wine
Branch: master
Commit: 2fb746783f363b8a34f87476c997ba55ccb1c90f
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=2fb746783f363b8a34f87476c9...
Author: Hans Leidekker hans@codeweavers.com
Date:   Sun Sep  7 21:35:07 2008 +0200
winhttp: Use a process global SSL context instead of per connection.
---
dlls/winhttp/net.c             |   16 +++++++---------
 dlls/winhttp/winhttp_private.h |    1 -
 2 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/dlls/winhttp/net.c b/dlls/winhttp/net.c
index e2c6cd6..1abfbdd 100644
--- a/dlls/winhttp/net.c
+++ b/dlls/winhttp/net.c
@@ -83,6 +83,7 @@ static void *libssl_handle;
 static void *libcrypto_handle;
static SSL_METHOD *method;
+static SSL_CTX *ctx;
#define MAKE_FUNCPTR(f) static typeof(f) * p##f
@@ -90,7 +91,6 @@ MAKE_FUNCPTR( SSL_library_init );
 MAKE_FUNCPTR( SSL_load_error_strings );
 MAKE_FUNCPTR( SSLv23_method );
 MAKE_FUNCPTR( SSL_CTX_new );
-MAKE_FUNCPTR( SSL_CTX_free );
 MAKE_FUNCPTR( SSL_new );
 MAKE_FUNCPTR( SSL_free );
 MAKE_FUNCPTR( SSL_set_fd );
@@ -207,7 +207,6 @@ BOOL netconn_init( netconn_t *conn, BOOL secure )
     LOAD_FUNCPTR( SSL_load_error_strings );
     LOAD_FUNCPTR( SSLv23_method );
     LOAD_FUNCPTR( SSL_CTX_new );
-    LOAD_FUNCPTR( SSL_CTX_free );
     LOAD_FUNCPTR( SSL_new );
     LOAD_FUNCPTR( SSL_free );
     LOAD_FUNCPTR( SSL_set_fd );
@@ -240,8 +239,6 @@ BOOL netconn_init( netconn_t *conn, BOOL secure )
     pBIO_new_fp( stderr, BIO_NOCLOSE );
method = pSSLv23_method();
-    conn->ssl_ctx = pSSL_CTX_new( method );
-
 #else
     WARN("SSL support not compiled in.\n");
     set_last_error( ERROR_WINHTTP_SECURE_CHANNEL_ERROR );
@@ -312,13 +309,14 @@ BOOL netconn_secure_connect( netconn_t *conn )
     X509 *cert;
     long res;
-    if (!pSSL_CTX_set_default_verify_paths( conn->ssl_ctx ))
+    ctx = pSSL_CTX_new( method );
+    if (!pSSL_CTX_set_default_verify_paths( ctx ))
     {
         ERR("SSL_CTX_set_default_verify_paths failed: %s\n", pERR_error_string( pERR_get_error(), 0 ));
         set_last_error( ERROR_OUTOFMEMORY );
         return FALSE;
     }
-    if (!(conn->ssl_conn = pSSL_new( conn->ssl_ctx )))
+    if (!(conn->ssl_conn = pSSL_new( ctx )))
     {
         ERR("SSL_new failed: %s\n", pERR_error_string( pERR_get_error(), 0 ));
         set_last_error( ERROR_OUTOFMEMORY );
@@ -488,8 +486,8 @@ BOOL netconn_get_next_line( netconn_t *conn, char *buffer, DWORD *buflen )
 #ifdef SONAME_LIBSSL
         long timeout;
-        timeout = pSSL_CTX_get_timeout( conn->ssl_ctx );
-        pSSL_CTX_set_timeout( conn->ssl_ctx, DEFAULT_RECEIVE_TIMEOUT );
+        timeout = pSSL_CTX_get_timeout( ctx );
+        pSSL_CTX_set_timeout( ctx, DEFAULT_RECEIVE_TIMEOUT );
while (recvd < *buflen)
         {
@@ -506,7 +504,7 @@ BOOL netconn_get_next_line( netconn_t *conn, char *buffer, DWORD *buflen )
             }
             if (buffer[recvd] != '\r') recvd++;
         }
-        pSSL_CTX_set_timeout( conn->ssl_ctx, timeout );
+        pSSL_CTX_set_timeout( ctx, timeout );
         if (ret)
         {
             buffer[recvd++] = 0;
diff --git a/dlls/winhttp/winhttp_private.h b/dlls/winhttp/winhttp_private.h
index 05a9e54..6d9a142 100644
--- a/dlls/winhttp/winhttp_private.h
+++ b/dlls/winhttp/winhttp_private.h
@@ -91,7 +91,6 @@ typedef struct
 {
     int socket;
     BOOL secure; /* SSL active on connection? */
-    void *ssl_ctx;
     void *ssl_conn;
     char *peek_msg;
     char *peek_msg_mem;

    