From 69504b0a9df5ecef878db505ec84d25863cda46d Mon Sep 17 00:00:00 2001 From: Stephen Birarda Date: Mon, 7 Apr 2014 09:47:51 -0700 Subject: [PATCH] proper cleanup of CA credentials on DTLSClientSession side --- assignment-client/src/AssignmentClient.cpp | 4 ++-- interface/src/Application.cpp | 4 ++-- libraries/shared/src/DTLSClientSession.cpp | 20 +++++++++++++------- libraries/shared/src/DTLSClientSession.h | 6 +++++- 4 files changed, 22 insertions(+), 12 deletions(-) diff --git a/assignment-client/src/AssignmentClient.cpp b/assignment-client/src/AssignmentClient.cpp index c370c78132..222cb0ce9a 100644 --- a/assignment-client/src/AssignmentClient.cpp +++ b/assignment-client/src/AssignmentClient.cpp @@ -33,7 +33,7 @@ AssignmentClient::AssignmentClient(int &argc, char **argv) : QCoreApplication(argc, argv), _currentAssignment() { - gnutls_global_init(); + DTLSClientSession::globalInit(); setOrganizationName("High Fidelity"); setOrganizationDomain("highfidelity.io"); @@ -110,7 +110,7 @@ AssignmentClient::AssignmentClient(int &argc, char **argv) : } AssignmentClient::~AssignmentClient() { - gnutls_global_deinit(); + DTLSClientSession::globalDeinit(); } void AssignmentClient::sendAssignmentRequest() { diff --git a/interface/src/Application.cpp b/interface/src/Application.cpp index b3bb085cdc..cfe920bf40 100644 --- a/interface/src/Application.cpp +++ b/interface/src/Application.cpp @@ -167,7 +167,7 @@ Application::Application(int& argc, char** argv, timeval &startup_time) : _logger(new FileLogger(this)) { // init GnuTLS for DTLS with domain-servers - gnutls_global_init(); + DTLSClientSession::globalInit(); // read the ApplicationInfo.ini file for Name/Version/Domain information QSettings applicationInfo(Application::resourcesPath() + "info/ApplicationInfo.ini", QSettings::IniFormat); @@ -396,7 +396,7 @@ Application::~Application() { AccountManager::getInstance().destroy(); - gnutls_global_deinit(); + DTLSClientSession::globalDeinit(); } void Application::restoreSizeAndPosition() { diff --git a/libraries/shared/src/DTLSClientSession.cpp b/libraries/shared/src/DTLSClientSession.cpp index 73daa4e03a..5762038a20 100644 --- a/libraries/shared/src/DTLSClientSession.cpp +++ b/libraries/shared/src/DTLSClientSession.cpp @@ -8,20 +8,26 @@ #include "DTLSClientSession.h" -gnutls_certificate_credentials_t* DTLSClientSession::x509CACredentials() { - static gnutls_certificate_credentials_t x509Credentials; - static bool credentialsInitialized = false; +gnutls_certificate_credentials_t DTLSClientSession::_x509CACredentials; + +void DTLSClientSession::globalInit() { + static bool initialized = false; - if (!credentialsInitialized) { - gnutls_certificate_allocate_credentials(&x509Credentials); + if (!initialized) { + gnutls_global_init(); + gnutls_certificate_allocate_credentials(&_x509CACredentials); } +} + +void DTLSClientSession::globalDeinit() { + gnutls_certificate_free_credentials(_x509CACredentials); - return &x509Credentials; + gnutls_global_deinit(); } DTLSClientSession::DTLSClientSession(QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket) : DTLSSession(GNUTLS_CLIENT, dtlsSocket, destinationSocket) { gnutls_priority_set_direct(_gnutlsSession, "PERFORMANCE", NULL); - gnutls_credentials_set(_gnutlsSession, GNUTLS_CRD_CERTIFICATE, *x509CACredentials()); + gnutls_credentials_set(_gnutlsSession, GNUTLS_CRD_CERTIFICATE, _x509CACredentials); } \ No newline at end of file diff --git a/libraries/shared/src/DTLSClientSession.h b/libraries/shared/src/DTLSClientSession.h index a81daf6d74..ad5b0cd55b 100644 --- a/libraries/shared/src/DTLSClientSession.h +++ b/libraries/shared/src/DTLSClientSession.h @@ -15,7 +15,11 @@ class DTLSClientSession : public DTLSSession { public: DTLSClientSession(QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket); - static gnutls_certificate_credentials_t* x509CACredentials(); + static void globalInit(); + static void globalDeinit(); + + static gnutls_certificate_credentials_t _x509CACredentials; + static bool _wasGloballyInitialized; }; #endif /* defined(__hifi__DTLSClientSession__) */