+ {
+ /* This function is (usually) called only once, by
+ * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c).
+ * That function uses locking, so we don't (usually)
+ * have to worry about locking here. For the whole cruel
+ * truth, see crypto/ex_data.c */
+ x509_store_ctx_num++;
+ return CRYPTO_get_ex_new_index(x509_store_ctx_num-1,