workaround for multiple certificates problem

panda/src/downloader/httpClient.I

@@ -47,16 +47,6 @@ operator = (const HTTPClient &copy) {
   _proxy = copy._proxy;
 }
 
-////////////////////////////////////////////////////////////////////
-//     Function: HTTPClient::Destructor
-//       Access: Published
-//  Description:
-////////////////////////////////////////////////////////////////////
-INLINE HTTPClient::
-~HTTPClient() {
-  SSL_CTX_free(_ssl_ctx);
-}
-
 ////////////////////////////////////////////////////////////////////
 //     Function: HTTPClient::set_proxy
 //       Access: Published

panda/src/downloader/httpClient.cxx

@@ -31,6 +31,19 @@
 #endif
 
 bool HTTPClient::_ssl_initialized = false;
+SSL_CTX *HTTPClient::_ssl_ctx = NULL;
+
+
+////////////////////////////////////////////////////////////////////
+//     Function: HTTPClient::Destructor
+//       Access: Published
+//  Description:
+////////////////////////////////////////////////////////////////////
+HTTPClient::
+~HTTPClient() {
+  // Since the context is temporarily shared among all clients.
+  //  SSL_CTX_free(_ssl_ctx);
+}
 
 ////////////////////////////////////////////////////////////////////
 //     Function: HTTPClient::load_certificates
@@ -112,6 +125,12 @@ make_ctx() {
   if (!_ssl_initialized) {
     initialize_ssl();
   }
+
+  if (_ssl_ctx != (SSL_CTX *)NULL) {
+    // Since the context is temporarily shared among all clients.
+    return;
+  }
+
   _ssl_ctx = SSL_CTX_new(SSLv23_client_method());
 
 #if defined(SSL_097) && !defined(NDEBUG)

panda/src/downloader/httpClient.h

@@ -84,10 +84,13 @@ private:
 #endif
 
   URLSpec _proxy;
-  SSL_CTX *_ssl_ctx;
   bool _verify_ssl;
 
   static bool _ssl_initialized;
+
+  // This is temporarily static, shared among all clients, to work
+  // around the loading certificates problem.
+  static SSL_CTX *_ssl_ctx;
 };
 
 #include "httpClient.I"