/* Release SSL and free resources Will be automatically executed by mysql_server_end() function SYNOPSIS my_gnutls_end() void RETURN VALUES void */ void ma_ssl_end() { pthread_mutex_lock(&LOCK_gnutls_config); if (ma_ssl_initialized) { gnutls_certificate_free_keys(GNUTLS_xcred); gnutls_certificate_free_cas(GNUTLS_xcred); gnutls_certificate_free_crls(GNUTLS_xcred); gnutls_certificate_free_ca_names(GNUTLS_xcred); gnutls_certificate_free_credentials(GNUTLS_xcred); gnutls_global_deinit(); ma_ssl_initialized= FALSE; } pthread_mutex_unlock(&LOCK_gnutls_config); pthread_mutex_destroy(&LOCK_gnutls_config); return; }
/** * gnutls_certificate_free_credentials - Used to free an allocated gnutls_certificate_credentials_t structure * @sc: is an #gnutls_certificate_credentials_t structure. * * This structure is complex enough to manipulate directly thus * this helper function is provided in order to free (deallocate) it. * * This function does not free any temporary parameters associated * with this structure (ie RSA and DH parameters are not freed by * this function). **/ void gnutls_certificate_free_credentials (gnutls_certificate_credentials_t sc) { gnutls_certificate_free_keys (sc); gnutls_certificate_free_cas (sc); gnutls_certificate_free_ca_names (sc); #ifdef ENABLE_PKI gnutls_certificate_free_crls (sc); #endif #ifndef KEYRING_HACK if (_E_gnutls_openpgp_keyring_deinit) _E_gnutls_openpgp_keyring_deinit( sc->keyring); #else _gnutls_free_datum( &sc->keyring); #endif gnutls_free (sc); }
static void infinoted_plugin_certificate_auth_deinitialize(gpointer plugin_info) { InfinotedPluginCertificateAuth* plugin; InfRequest* remove_acl_account_request; InfCertificateCredentials* creds; guint i; plugin = (InfinotedPluginCertificateAuth*)plugin_info; /* Remove super user account. Note that this is not strictly necessary, * since the acocunt is transient and therefore is not written to disk, * so will not be re-created at the next server start. However, to be sure, * we explicitly remove the account at this point. */ if(plugin->super_id != 0) { remove_acl_account_request = inf_browser_remove_acl_account( INF_BROWSER(infinoted_plugin_manager_get_directory(plugin->manager)), plugin->super_id, infinoted_plugin_certificate_auth_remove_acl_account_cb, plugin ); /* This should be instantaneous: if we are not called back within the call * to inf_browser_remove_acl_account(), then we don't care about the * result, since we are being deinitialized. */ if(remove_acl_account_request != NULL) { inf_signal_handlers_disconnect_by_func( plugin->set_acl_request, G_CALLBACK(infinoted_plugin_certificate_auth_remove_acl_account_cb), plugin ); } } if(plugin->set_acl_request != NULL) { inf_signal_handlers_disconnect_by_func( plugin->set_acl_request, G_CALLBACK(infinoted_plugin_certificate_auth_set_acl_cb), plugin ); g_object_unref(plugin->set_acl_request); } creds = infinoted_plugin_manager_get_credentials(plugin->manager); if(creds != NULL) gnutls_certificate_free_cas(inf_certificate_credentials_get(creds)); infd_directory_set_certificate( infinoted_plugin_manager_get_directory(plugin->manager), NULL, NULL ); /* If we have a ca_key set, the certificate that belongs to the key had * its ownership transferred to the directory, so make sure not to free * it twice here. */ for(i = 0; i < plugin->n_cas; ++i) if(plugin->ca_key == NULL || i != plugin->ca_key_index) gnutls_x509_crt_deinit(plugin->cas[i]); g_free(plugin->cas); if(plugin->ca_key != NULL) gnutls_x509_privkey_deinit(plugin->ca_key); g_free(plugin->ca_list_file); g_free(plugin->ca_key_file); g_free(plugin->super_user); }
void certificate_credentials::free_cas () { gnutls_certificate_free_cas (cred); }