[openssl-dev] OpenSSL 1.1 SSL_CTX issues

Howard Chu hyc at highlandsun.com
Thu Jan 21 17:33:51 UTC 2016

In OpenLDAP we've been using
   CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX)
to manage our own SSL_CTXs but this is not possible with current 1.1. Making 
the structures opaque is a good move, but please provide methods to manipulate 

Currently ssl_lib.c appears to bump the ctx refcount twice, in SSL_new. Why is 


   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the openssl-dev mailing list