diff --git a/panda/src/downloader/httpClient.I b/panda/src/downloader/httpClient.I index fff1f5d647..508d4ee908 100644 --- a/panda/src/downloader/httpClient.I +++ b/panda/src/downloader/httpClient.I @@ -47,16 +47,6 @@ operator = (const HTTPClient ©) { _proxy = copy._proxy; } -//////////////////////////////////////////////////////////////////// -// Function: HTTPClient::Destructor -// Access: Published -// Description: -//////////////////////////////////////////////////////////////////// -INLINE HTTPClient:: -~HTTPClient() { - SSL_CTX_free(_ssl_ctx); -} - //////////////////////////////////////////////////////////////////// // Function: HTTPClient::set_proxy // Access: Published diff --git a/panda/src/downloader/httpClient.cxx b/panda/src/downloader/httpClient.cxx index d61d85176e..b0f26f20c9 100644 --- a/panda/src/downloader/httpClient.cxx +++ b/panda/src/downloader/httpClient.cxx @@ -31,6 +31,19 @@ #endif bool HTTPClient::_ssl_initialized = false; +SSL_CTX *HTTPClient::_ssl_ctx = NULL; + + +//////////////////////////////////////////////////////////////////// +// Function: HTTPClient::Destructor +// Access: Published +// Description: +//////////////////////////////////////////////////////////////////// +HTTPClient:: +~HTTPClient() { + // Since the context is temporarily shared among all clients. + // SSL_CTX_free(_ssl_ctx); +} //////////////////////////////////////////////////////////////////// // Function: HTTPClient::load_certificates @@ -112,6 +125,12 @@ make_ctx() { if (!_ssl_initialized) { initialize_ssl(); } + + if (_ssl_ctx != (SSL_CTX *)NULL) { + // Since the context is temporarily shared among all clients. + return; + } + _ssl_ctx = SSL_CTX_new(SSLv23_client_method()); #if defined(SSL_097) && !defined(NDEBUG) diff --git a/panda/src/downloader/httpClient.h b/panda/src/downloader/httpClient.h index a017408774..b7af7b37a6 100644 --- a/panda/src/downloader/httpClient.h +++ b/panda/src/downloader/httpClient.h @@ -84,10 +84,13 @@ private: #endif URLSpec _proxy; - SSL_CTX *_ssl_ctx; bool _verify_ssl; static bool _ssl_initialized; + + // This is temporarily static, shared among all clients, to work + // around the loading certificates problem. + static SSL_CTX *_ssl_ctx; }; #include "httpClient.I"