[Help-gnutls] Re: Order of freing various structures
jas at extundo.com
Wed Aug 3 17:15:28 CEST 2005
Einar Karttunen <ekarttun at cs.helsinki.fi> writes:
> I am writing a wrapper of GnuTLS in Haskell
Hello Einar. Wonderful, Haskell is my favorite functional
language. :) Do you have an URL for your project? I may add it to
gnutls.org, if you want.
> and the order of freing
> structures seems quite important. Is one allowed to first free
> credentials and then deinit a session they were associated with? Or
> must the credentials be valid when deinit is called on the session?
> i.e. is the following sequence legal:
> gnutls_credentials_set(session, cred, ...);
It is OK assuming nothing happens between the credentials_free and
deinit call, however, if something happens in the session that require
access to the certificates (e.g., a re-handshake initiated by the
other side?), things will break.
I recommend to free the credentials after the session in which they
are used is completely finished and deallocated. It is a better
separation of things.
> or must deinit allways be called first?
> May they be called concurrently
> if gcry_control has been properly initialized for multithreaded operation?
Currently yes, but I could only tell by looking at the code. The
gnutls_deinit function doesn't access the certificates.
If you have suggestions how to better document this to explain things
better, please share.
More information about the Gnutls-help