On Wed, 7 Mar 2007, Shmulik Regev wrote:

> Enclosed is a patch to support SSL_CTX caching and reuse. It deserves some
> explanation on both implementation and usage.

First, we really do need a fine addition to the docs when we get a
contribution such as this, so that others can have a chance of using it. And
the code indentation "rules" weren't very closely followed.

But more importantly, I think this approach hides a few problems that we need
to consider:

- Share objects are set to easy handles. It makes different easy handles share
   whatever they are told to.

- Connections are stored in a connection cache. Each easy handle has its own
   connection cache to start with, but when you add the easy handle to a multi
   handle, it gets to use the combined connection cache used for the whole
   multi handle. It could be numerous easy handles sharing that same connection
   cache.

- The SSL_CTX sharing is set in the share object, and thus per easy-handle.
   But still, you need to store the pointer to the share in the connection
   struct just to be able to find it again even after the easy handle is
   gone... *and* when it cleanups, it even uses the "cache" without locking
   since the easy handle is gone. This is bound to cause problems and weirdness
   if in fact the connection is re-used by a new handle that may not even use
   the same shared SSL_CTX cache!

The fact that connections are separated from the easy handles is what causes
this complication. At this moment, I don't have any quick fixes for this
dilemma. I just wanted to first post my discoveries from reviewing this patch.

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html