These are reference counted so it is important to retain symmetry between the calls. Failure to do so will result in bad memory access and crashes.tags/v1.7.90
@@ -67,21 +67,14 @@ StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file", "", ConfViewer | |||
static LogWriter vlog("TLS"); | |||
void CSecurityTLS::initGlobal() | |||
{ | |||
static bool globalInitDone = false; | |||
if (!globalInitDone) { | |||
gnutls_global_init(); | |||
globalInitDone = true; | |||
} | |||
} | |||
CSecurityTLS::CSecurityTLS(bool _anon) : session(0), anon_cred(0), | |||
anon(_anon), fis(0), fos(0) | |||
{ | |||
cafile = X509CA.getData(); | |||
crlfile = X509CRL.getData(); | |||
if (gnutls_global_init() != GNUTLS_E_SUCCESS) | |||
throw AuthFailureException("gnutls_global_init failed"); | |||
} | |||
void CSecurityTLS::setDefaults() | |||
@@ -125,8 +118,6 @@ void CSecurityTLS::shutdown(bool needbye) | |||
if (session) { | |||
gnutls_deinit(session); | |||
session = 0; | |||
gnutls_global_deinit(); | |||
} | |||
} | |||
@@ -142,6 +133,8 @@ CSecurityTLS::~CSecurityTLS() | |||
delete[] cafile; | |||
delete[] crlfile; | |||
gnutls_global_deinit(); | |||
} | |||
bool CSecurityTLS::processMsg(CConnection* cc) | |||
@@ -150,8 +143,6 @@ bool CSecurityTLS::processMsg(CConnection* cc) | |||
rdr::OutStream* os = cc->getOutStream(); | |||
client = cc; | |||
initGlobal(); | |||
if (!session) { | |||
if (!is->checkNoWait(1)) | |||
return false; |
@@ -62,8 +62,6 @@ namespace rfb { | |||
CConnection *client; | |||
private: | |||
static void initGlobal(); | |||
gnutls_session_t session; | |||
gnutls_anon_client_credentials_t anon_cred; | |||
gnutls_certificate_credentials_t cert_cred; |
@@ -48,23 +48,15 @@ StringParameter SSecurityTLS::X509_KeyFile | |||
static LogWriter vlog("TLS"); | |||
void SSecurityTLS::initGlobal() | |||
{ | |||
static bool globalInitDone = false; | |||
if (!globalInitDone) { | |||
if (gnutls_global_init() != GNUTLS_E_SUCCESS) | |||
throw AuthFailureException("gnutls_global_init failed"); | |||
globalInitDone = true; | |||
} | |||
} | |||
SSecurityTLS::SSecurityTLS(bool _anon) : session(0), dh_params(0), | |||
anon_cred(0), cert_cred(0), | |||
anon(_anon), fis(0), fos(0) | |||
{ | |||
certfile = X509_CertFile.getData(); | |||
keyfile = X509_KeyFile.getData(); | |||
if (gnutls_global_init() != GNUTLS_E_SUCCESS) | |||
throw AuthFailureException("gnutls_global_init failed"); | |||
} | |||
void SSecurityTLS::shutdown() | |||
@@ -94,8 +86,6 @@ void SSecurityTLS::shutdown() | |||
if (session) { | |||
gnutls_deinit(session); | |||
session = 0; | |||
gnutls_global_deinit(); | |||
} | |||
} | |||
@@ -111,6 +101,8 @@ SSecurityTLS::~SSecurityTLS() | |||
delete[] keyfile; | |||
delete[] certfile; | |||
gnutls_global_deinit(); | |||
} | |||
bool SSecurityTLS::processMsg(SConnection *sc) | |||
@@ -121,8 +113,6 @@ bool SSecurityTLS::processMsg(SConnection *sc) | |||
vlog.debug("Process security message (session %p)", session); | |||
if (!session) { | |||
initGlobal(); | |||
if (gnutls_init(&session, GNUTLS_SERVER) != GNUTLS_E_SUCCESS) | |||
throw AuthFailureException("gnutls_init failed"); | |||
@@ -54,8 +54,6 @@ namespace rfb { | |||
void setParams(gnutls_session_t session); | |||
private: | |||
static void initGlobal(); | |||
gnutls_session_t session; | |||
gnutls_dh_params_t dh_params; | |||
gnutls_anon_server_credentials_t anon_cred; |