proper cleanup of CA credentials on DTLSClientSession side

2025-04-20 12:04:18 +02:00 · 2014-04-07 09:47:51 -07:00 · 2014-04-07 09:47:51 -07:00 · 69504b0a9d
commit 69504b0a9d
parent efcf506383
4 changed files with 22 additions and 12 deletions
--- a/assignment-client/src/AssignmentClient.cpp
+++ b/assignment-client/src/AssignmentClient.cpp
@ -33,7 +33,7 @@ AssignmentClient::AssignmentClient(int &argc, char **argv) :
    QCoreApplication(argc, argv),
    _currentAssignment()
 {
-    gnutls_global_init();
+    DTLSClientSession::globalInit();
    
    setOrganizationName("High Fidelity");
    setOrganizationDomain("highfidelity.io");
@ -110,7 +110,7 @@ AssignmentClient::AssignmentClient(int &argc, char **argv) :
 }

 AssignmentClient::~AssignmentClient() {
-    gnutls_global_deinit();
+    DTLSClientSession::globalDeinit();
 }

 void AssignmentClient::sendAssignmentRequest() {
--- a/interface/src/Application.cpp
+++ b/interface/src/Application.cpp
@ -167,7 +167,7 @@ Application::Application(int& argc, char** argv, timeval &startup_time) :
        _logger(new FileLogger(this))
 {
    // init GnuTLS for DTLS with domain-servers
-    gnutls_global_init();
+    DTLSClientSession::globalInit();
    
    // read the ApplicationInfo.ini file for Name/Version/Domain information
    QSettings applicationInfo(Application::resourcesPath() + "info/ApplicationInfo.ini", QSettings::IniFormat);
@ -396,7 +396,7 @@ Application::~Application() {

    AccountManager::getInstance().destroy();
    
-    gnutls_global_deinit();
+    DTLSClientSession::globalDeinit();
 }

 void Application::restoreSizeAndPosition() {
--- a/libraries/shared/src/DTLSClientSession.cpp
+++ b/libraries/shared/src/DTLSClientSession.cpp
@ -8,20 +8,26 @@

 #include "DTLSClientSession.h"

-gnutls_certificate_credentials_t* DTLSClientSession::x509CACredentials() {
-    static gnutls_certificate_credentials_t x509Credentials;
-    static bool credentialsInitialized = false;
+gnutls_certificate_credentials_t DTLSClientSession::_x509CACredentials;
+
+void DTLSClientSession::globalInit() {
+    static bool initialized = false;
    
-    if (!credentialsInitialized) {
-        gnutls_certificate_allocate_credentials(&x509Credentials);
+    if (!initialized) {
+        gnutls_global_init();
+        gnutls_certificate_allocate_credentials(&_x509CACredentials);
    }
+}
+
+void DTLSClientSession::globalDeinit() {
+    gnutls_certificate_free_credentials(_x509CACredentials);
    
-    return &x509Credentials;
+    gnutls_global_deinit();
 }

 DTLSClientSession::DTLSClientSession(QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket) :
    DTLSSession(GNUTLS_CLIENT, dtlsSocket, destinationSocket)
 {
    gnutls_priority_set_direct(_gnutlsSession, "PERFORMANCE", NULL);
-    gnutls_credentials_set(_gnutlsSession, GNUTLS_CRD_CERTIFICATE, *x509CACredentials());
+    gnutls_credentials_set(_gnutlsSession, GNUTLS_CRD_CERTIFICATE, _x509CACredentials);
 }
--- a/libraries/shared/src/DTLSClientSession.h
+++ b/libraries/shared/src/DTLSClientSession.h
@ -15,7 +15,11 @@ class DTLSClientSession : public DTLSSession {
 public:
    DTLSClientSession(QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket);
    
-    static gnutls_certificate_credentials_t* x509CACredentials();
+    static void globalInit();
+    static void globalDeinit();
+    
+    static gnutls_certificate_credentials_t _x509CACredentials;
+    static bool _wasGloballyInitialized;
 };

 #endif /* defined(__hifi__DTLSClientSession__) */