Return-Path: 
 <dev-return-55654-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-dev-archive@www.apache.org
Received: (qmail 70832 invoked from network); 6 Dec 2006 14:55:05 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 6 Dec 2006 14:55:05 -0000
Received: (qmail 84698 invoked by uid 500); 6 Dec 2006 14:55:09 -0000
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 84655 invoked by uid 500); 6 Dec 2006 14:55:09 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 84644 invoked by uid 99); 6 Dec 2006 14:55:09 -0000
Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Dec 2006 06:55:09 -0800
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (herse.apache.org: domain of
 darryl-mailinglists@netbauds.net designates 62.232.161.102 as permitted
 sender)
Received: from [62.232.161.102] (HELO mail-1.netbauds.net) (62.232.161.102)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Dec 2006 06:54:57 -0800
Received: from host86-128-143-177.range86-128.btcentralplus.com
 ([86.128.143.177]:20920
	"EHLO [172.16.32.4]" smtp-auth: "darryl" TLS-CIPHER: "DHE-RSA-AES256-SHA
	keybits 256/256 version TLSv1/SSLv3" TLS-PEER-CN1: <none>)
	by mail-1.netbauds.net with ESMTPSA id S346181AbWLFOye (ORCPT
	<rfc822;dev@httpd.apache.org>); Wed, 6 Dec 2006 14:54:34 +0000
Message-ID: <4576D9A9.7020307@netbauds.net>
Date: Wed, 06 Dec 2006 14:54:33 +0000
From: Darryl Miles <darryl-mailinglists@netbauds.net>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB;
 rv:1.8.0.8) Gecko/20061109 SeaMonkey/1.0.6
MIME-Version: 1.0
To: dev@httpd.apache.org
Subject: Re: Creating a thread safe module and the problem of calling of
 'CRYPTO_set_locking_callback'
 twice!
References: <4575DA7C.9030301@x09.de>	<20061205221943.3cb9f936@grimnir>
	<4575F753.7060808@rowe-clan.net>	<4576825C.2090307@x09.de>
 <20061206140052.390b78d9@grimnir>
In-Reply-To: <20061206140052.390b78d9@grimnir>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked by ClamAV on apache.org

Nick Kew wrote:
> Unless OpenSSL nomenclature is rather confusing here, an SSL_CTX
> sounds like the kind of thing you would instantiate per-connection
> or per-request.  Does your module act on a request or a connection?

Maybe a bit of background reading and examination of reference 
implementations would be a better help for you right now.


SSL_CTX_new(3): SSL_CTX_new - create a new SSL_CTX object as framework 
for TLS/SSL enabled functions

SSL_new(3): SSL_new - create a new SSL structure for a connection


The SSL_CTX is a template/configuration holder to stamp out your 
connection instances from.  This saves configuring certificates, cipher 
specs, etc... for every connection.


Darryl