Clear certificate cache on cleanup

src/certificate.cpp

@@ -281,6 +281,8 @@ certificate_ptr make_certificate_impl(string commonName) {
 
 // Common for GnuTLS and OpenSSL
 
+namespace rtc {
+
 namespace {
 
 // Helper function roughly equivalent to std::async with policy std::launch::async
@@ -296,23 +298,26 @@ std::future<std::result_of_t<std::decay_t<F>(std::decay_t<Args>...)>> thread_cal
 	return future;
 }
 
-} // namespace
+static std::unordered_map<string, future_certificate_ptr> CertificateCache;
+static std::mutex CertificateCacheMutex;
 
-namespace rtc {
+} // namespace
 
 future_certificate_ptr make_certificate(string commonName) {
-	static std::unordered_map<string, future_certificate_ptr> cache;
-	static std::mutex cacheMutex;
-
-	std::lock_guard lock(cacheMutex);
+	std::lock_guard lock(CertificateCacheMutex);
 
-	if (auto it = cache.find(commonName); it != cache.end())
+	if (auto it = CertificateCache.find(commonName); it != CertificateCache.end())
 		return it->second;
 
 	auto future = thread_call(make_certificate_impl, commonName);
 	auto shared = future.share();
-	cache.emplace(std::move(commonName), shared);
+	CertificateCache.emplace(std::move(commonName), shared);
 	return shared;
 }
 
+void CleanupCertificateCache() {
+	std::lock_guard lock(CertificateCacheMutex);
+	CertificateCache.clear();
+}
+
 } // namespace rtc

src/certificate.hpp

@@ -66,7 +66,9 @@ string make_fingerprint(X509 *x509);
 using certificate_ptr = std::shared_ptr<Certificate>;
 using future_certificate_ptr = std::shared_future<certificate_ptr>;
 
-future_certificate_ptr make_certificate(string commonName);
+future_certificate_ptr make_certificate(string commonName); // cached
+
+void CleanupCertificateCache();
 
 } // namespace rtc
 

src/init.cpp

@@ -18,6 +18,7 @@
 
 #include "init.hpp"
 
+#include "certificate.hpp"
 #include "dtlstransport.hpp"
 #include "sctptransport.hpp"
 
@@ -74,6 +75,7 @@ Init::Init() {
 }
 
 Init::~Init() {
+	CleanupCertificateCache();
 	DtlsTransport::Cleanup();
 	SctpTransport::Cleanup();