Hi On Thu, Oct 30, 2025 at 6:49 PM Daniel P. Berrangé <[email protected]> wrote:
> The code for releasing DH parameters is common to all credential > subclasses, so can be moved into the parent. > > Signed-off-by: Daniel P. Berrangé <[email protected]> > and unload() was only called from finalize (and qcrypto_tls_creds_x509_reload()) Reviewed-by: Marc-André Lureau <[email protected]> > --- > crypto/tlscreds.c | 4 ++++ > crypto/tlscredsanon.c | 4 ---- > crypto/tlscredspsk.c | 4 ---- > crypto/tlscredsx509.c | 7 +++---- > 4 files changed, 7 insertions(+), 12 deletions(-) > > diff --git a/crypto/tlscreds.c b/crypto/tlscreds.c > index 65e97ddd11..1e39ee1141 100644 > --- a/crypto/tlscreds.c > +++ b/crypto/tlscreds.c > @@ -246,6 +246,10 @@ qcrypto_tls_creds_finalize(Object *obj) > { > QCryptoTLSCreds *creds = QCRYPTO_TLS_CREDS(obj); > > + if (creds->dh_params) { > + gnutls_dh_params_deinit(creds->dh_params); > + } > + > g_free(creds->dir); > g_free(creds->priority); > } > diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c > index bc3351b5d6..1ddfe4eb31 100644 > --- a/crypto/tlscredsanon.c > +++ b/crypto/tlscredsanon.c > @@ -92,10 +92,6 @@ qcrypto_tls_creds_anon_unload(QCryptoTLSCredsAnon > *creds) > creds->data.server = NULL; > } > } > - if (creds->parent_obj.dh_params) { > - gnutls_dh_params_deinit(creds->parent_obj.dh_params); > - creds->parent_obj.dh_params = NULL; > - } > } > > #else /* ! CONFIG_GNUTLS */ > diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c > index 545d3e45db..bf4efe2114 100644 > --- a/crypto/tlscredspsk.c > +++ b/crypto/tlscredspsk.c > @@ -175,10 +175,6 @@ qcrypto_tls_creds_psk_unload(QCryptoTLSCredsPSK > *creds) > creds->data.server = NULL; > } > } > - if (creds->parent_obj.dh_params) { > - gnutls_dh_params_deinit(creds->parent_obj.dh_params); > - creds->parent_obj.dh_params = NULL; > - } > } > > #else /* ! CONFIG_GNUTLS */ > diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c > index 39f80b33ad..1555285910 100644 > --- a/crypto/tlscredsx509.c > +++ b/crypto/tlscredsx509.c > @@ -685,10 +685,6 @@ qcrypto_tls_creds_x509_unload(QCryptoTLSCredsX509 > *creds) > gnutls_certificate_free_credentials(creds->data); > creds->data = NULL; > } > - if (creds->parent_obj.dh_params) { > - gnutls_dh_params_deinit(creds->parent_obj.dh_params); > - creds->parent_obj.dh_params = NULL; > - } > } > > > @@ -780,6 +776,9 @@ qcrypto_tls_creds_x509_reload(QCryptoTLSCreds *creds, > Error **errp) > qcrypto_tls_creds_x509_load(x509_creds, &local_err); > if (local_err) { > qcrypto_tls_creds_x509_unload(x509_creds); > + if (creds->dh_params) { > + gnutls_dh_params_deinit(creds->dh_params); > + } > x509_creds->data = creds_data; > creds->dh_params = creds_dh_params; > error_propagate(errp, local_err); > -- > 2.51.1 > >
