perform cleanup of GnuTLS structures across targets

assignment-client/src/AssignmentClient.cpp

@@ -109,6 +109,10 @@ AssignmentClient::AssignmentClient(int &argc, char **argv) :
             this, &AssignmentClient::handleAuthenticationRequest);
 }
 
+AssignmentClient::~AssignmentClient() {
+    gnutls_global_deinit();
+}
+
 void AssignmentClient::sendAssignmentRequest() {
     if (!_currentAssignment) {
         NodeList::getInstance()->sendAssignment(_requestAssignment);

assignment-client/src/AssignmentClient.h

@@ -17,6 +17,7 @@ class AssignmentClient : public QCoreApplication {
     Q_OBJECT
 public:
     AssignmentClient(int &argc, char **argv);
+    ~AssignmentClient();
 private slots:
     void sendAssignmentRequest();
     void readPendingDatagrams();

domain-server/src/DomainServer.cpp

@@ -78,6 +78,20 @@ DomainServer::DomainServer(int argc, char* argv[]) :
     }
 }
 
+DomainServer::~DomainServer() {
+    if (_x509Credentials) {
+        gnutls_certificate_free_credentials(*_x509Credentials);
+        gnutls_priority_deinit(*_priorityCache);
+        gnutls_dh_params_deinit(*_dhParams);
+        
+        delete _x509Credentials;
+        delete _priorityCache;
+        delete _dhParams;
+        delete _cookieKey;
+    }
+    gnutls_global_deinit();
+}
+
 bool DomainServer::optionallySetupDTLS() {
     if (readX509KeyAndCertificate()) {
         if (_x509Credentials) {

domain-server/src/DomainServer.h

@@ -31,6 +31,7 @@ class DomainServer : public QCoreApplication, public HTTPRequestHandler {
     Q_OBJECT
 public:
     DomainServer(int argc, char* argv[]);
+    ~DomainServer();
     
     bool handleHTTPRequest(HTTPConnection* connection, const QUrl& url);
     

interface/src/Application.cpp

@@ -393,6 +393,8 @@ Application::~Application() {
     delete _glWidget;
     
     AccountManager::getInstance().destroy();
+    
+    gnutls_global_deinit();
 }
 
 void Application::restoreSizeAndPosition() {

libraries/shared/src/DTLSClientSession.cpp

@@ -8,20 +8,17 @@
 
 #include "DTLSClientSession.h"
 
-gnutls_certificate_credentials_t* DTLSClientSession::x509CACredentials() {
-    static gnutls_certificate_credentials_t x509Credentials;
-    static bool credentialsInitialized = false;
-    
-    if (!credentialsInitialized) {
-        gnutls_certificate_allocate_credentials(&x509Credentials);
-    }
-    
-    return &x509Credentials;
-}
-
 DTLSClientSession::DTLSClientSession(QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket) :
     DTLSSession(GNUTLS_CLIENT, dtlsSocket, destinationSocket)
 {
+    // _x509 as a member variable and not global/static assumes a single DTLSClientSession per client
+    gnutls_certificate_allocate_credentials(&_x509Credentials);
+    
     gnutls_priority_set_direct(_gnutlsSession, "PERFORMANCE", NULL);
-    gnutls_credentials_set(_gnutlsSession, GNUTLS_CRD_CERTIFICATE, *x509CACredentials());
-}
+    gnutls_credentials_set(_gnutlsSession, GNUTLS_CRD_CERTIFICATE, _x509Credentials);
+}
+
+DTLSClientSession::~DTLSClientSession() {
+    gnutls_certificate_free_credentials(_x509Credentials);
+}
+

libraries/shared/src/DTLSClientSession.h

@@ -14,8 +14,9 @@
 class DTLSClientSession : public DTLSSession {
 public:
     DTLSClientSession(QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket);
-    
-    static gnutls_certificate_credentials_t* x509CACredentials();
+    ~DTLSClientSession();
+private:
+    gnutls_certificate_credentials_t _x509Credentials;
 };
 
 #endif /* defined(__hifi__DTLSClientSession__) */