git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Tue, 16 Dec 2025 14:42:00 +0000 (15:42 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Tue, 16 Dec 2025 17:20:06 +0000 (18:20 +0100)
commit	44dd39b3ef3980019277e7612fd5bc9cbd4d3e65
tree	91d914f6af7ebdbc7764bea405efbc128634c461	tree
parent	18d1b1fe008a4bbfd5a56ca7bb59f6f8cb58114a	commit \| diff

Change ssl_ctx in struct tls_options to be a pointer

The SSL CTX is shared between all of the instances. So any change to the
SSL CTX will affect all instances. Currently the CRL is also reloaded
potentially multiple times as each copy of tls_root_ctx has its own
crl_last_mtime and crl_last_size values that will be checked if the CRL
reload is necessary.

Changing it to a pointer will make it more clear that this is shared
and also the CRL being reloaded multiple times.

Change-Id: I21251a42f94fa1d9de083d2acd95b887658c5760
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: MaxF <max@max-fillinger.net>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1431
Message-Id: <20251216144207.12171-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35116.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/init.c		diff \| blob \| blame \| history
src/openvpn/openvpn.h		diff \| blob \| blame \| history
src/openvpn/ssl.c		diff \| blob \| blame \| history
src/openvpn/ssl.h		diff \| blob \| blame \| history
src/openvpn/ssl_common.h		diff \| blob \| blame \| history
src/openvpn/ssl_mbedtls.c		diff \| blob \| blame \| history
src/openvpn/ssl_openssl.c		diff \| blob \| blame \| history
src/openvpn/ssl_verify_mbedtls.c		diff \| blob \| blame \| history
src/openvpn/ssl_verify_openssl.c		diff \| blob \| blame \| history