From 150f8dedb1aa568144c1b12785fb7ebaf0aaa14a Mon Sep 17 00:00:00 2001 From: Ben Kibbey Date: Thu, 5 Feb 2009 21:08:01 -0500 Subject: [PATCH] Lock the rcfile_mutex at each keyfileh access. --- src/commands.c | 4 ++++ src/common.h | 1 + src/pwmd.c | 21 +++++++++++++++++---- src/pwmd.h | 1 - src/tls.c | 6 ++++++ 5 files changed, 28 insertions(+), 5 deletions(-) diff --git a/src/commands.c b/src/commands.c index cc44a5e6..81f86e1b 100644 --- a/src/commands.c +++ b/src/commands.c @@ -484,8 +484,10 @@ done: if (!rc && client->new == FALSE && client->crypto->fh->fh2.iter != (guint64)get_key_file_integer(client->filename, "iterations")) { + MUTEX_LOCK(&rcfile_mutex); g_key_file_set_integer(keyfileh, client->filename, "iterations", client->crypto->fh->fh2.iter); + MUTEX_UNLOCK(&rcfile_mutex); send_status_all(STATUS_CONFIG); } @@ -2883,7 +2885,9 @@ static int option_handler(assuan_context_t ctx, const gchar *name, if (errno || (p && *p) || n < 0) return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE); + MUTEX_LOCK(&rcfile_mutex); g_key_file_set_integer(keyfileh, client->filename ? client->filename : "global", "iterations", (guint)n); + MUTEX_UNLOCK(&rcfile_mutex); send_status_all(STATUS_CONFIG); } #ifdef WITH_PINENTRY diff --git a/src/common.h b/src/common.h index 7d7b488b..705d9ed3 100644 --- a/src/common.h +++ b/src/common.h @@ -197,6 +197,7 @@ gsize gcrykeysize, gcryblocksize; GKeyFile *keyfileh; gboolean log_syslog; gint zlib_bufsize; +pthread_mutex_t rcfile_mutex; void log_write(const gchar *fmt, ...); gpg_error_t send_error(assuan_context_t ctx, gpg_error_t pwmd_errno); diff --git a/src/pwmd.c b/src/pwmd.c index f5772108..23b19d28 100644 --- a/src/pwmd.c +++ b/src/pwmd.c @@ -97,7 +97,7 @@ static void *reload_rcfile_thread(void *arg) gboolean b = disable_list_and_dump; GKeyFile *k; - pthread_mutex_lock(&reload_rcfile_mutex); + pthread_mutex_lock(&rcfile_mutex); log_write(N_("reloading configuration file '%s'"), rcfile); k = parse_rcfile(FALSE); @@ -115,7 +115,7 @@ static void *reload_rcfile_thread(void *arg) startStopKeepAlive(FALSE); send_status_all(STATUS_CONFIG); done: - pthread_mutex_unlock(&reload_rcfile_mutex); + pthread_mutex_unlock(&rcfile_mutex); return NULL; } @@ -1433,6 +1433,8 @@ gchar *get_key_file_string(const gchar *section, const gchar *what) gchar *val = NULL; GError *grc = NULL; + MUTEX_LOCK(&rcfile_mutex); + if (g_key_file_has_key(keyfileh, section, what, NULL) == TRUE) { val = g_key_file_get_string(keyfileh, section, what, &grc); @@ -1452,6 +1454,7 @@ gchar *get_key_file_string(const gchar *section, const gchar *what) } } + MUTEX_UNLOCK(&rcfile_mutex); return val; } @@ -1460,6 +1463,8 @@ gint get_key_file_integer(const gchar *section, const gchar *what) gint val = -1; GError *grc = NULL; + MUTEX_LOCK(&rcfile_mutex); + if (g_key_file_has_key(keyfileh, section ? section : "global", what, NULL) == TRUE) { val = g_key_file_get_integer(keyfileh, section ? section : "global", what, &grc); @@ -1479,6 +1484,7 @@ gint get_key_file_integer(const gchar *section, const gchar *what) } } + MUTEX_UNLOCK(&rcfile_mutex); return val; } @@ -1487,6 +1493,8 @@ gboolean get_key_file_boolean(const gchar *section, const gchar *what) gboolean val = FALSE; GError *grc = NULL; + MUTEX_LOCK(&rcfile_mutex); + if (g_key_file_has_key(keyfileh, section, what, NULL) == TRUE) { val = g_key_file_get_boolean(keyfileh, section, what, &grc); @@ -1506,6 +1514,7 @@ gboolean get_key_file_boolean(const gchar *section, const gchar *what) } } + MUTEX_UNLOCK(&rcfile_mutex); return val; } @@ -1885,7 +1894,6 @@ static void server_loop(gint sockfd, gchar **socketpath) pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED); pthread_create(&cache_timeout_tid, &attr, adjust_cache_timer_thread, NULL); pthread_attr_destroy(&attr); - pthread_mutex_init(&reload_rcfile_mutex, NULL); do { gint sig; @@ -2341,6 +2349,11 @@ int main(int argc, char *argv[]) } } + pthread_mutexattr_init(&mattr); + pthread_mutexattr_settype(&mattr, PTHREAD_MUTEX_RECURSIVE); + pthread_mutex_init(&rcfile_mutex, &mattr); + pthread_mutexattr_destroy(&mattr); + if ((keyfileh = parse_rcfile(rcfile_spec)) == NULL) exit(EXIT_FAILURE); @@ -2599,7 +2612,7 @@ do_exit: log_write(N_("pwmd exiting normally")); #if defined(DEBUG) && !defined(MEM_DEBUG) - // xdump(); + xdump(); #endif #ifndef MEM_DEBUG xmem_deinit(); diff --git a/src/pwmd.h b/src/pwmd.h index 507628f0..2510b55a 100644 --- a/src/pwmd.h +++ b/src/pwmd.h @@ -23,7 +23,6 @@ static gchar *rcfile; #ifdef HAVE_MLOCKALL static gboolean disable_mlock; #endif -static pthread_mutex_t reload_rcfile_mutex; static gchar *logfile; static gint quit; static GSList *cn_thread_list; diff --git a/src/tls.c b/src/tls.c index 85dfa029..76a8e044 100644 --- a/src/tls.c +++ b/src/tls.c @@ -27,6 +27,7 @@ #include "mem.h" #include "misc.h" #include "common.h" +#include "lock.h" #include "tls.h" static gchar *tls_fingerprint(gnutls_session_t ses) @@ -240,8 +241,11 @@ gboolean initTlsParams() goto fail; } + MUTEX_LOCK(&rcfile_mutex); + if (g_key_file_has_key(keyfileh, "global", "tcp_use_crl", NULL) && get_key_file_boolean("global", "tcp_use_crl") == TRUE) { + MUTEX_UNLOCK(&rcfile_mutex); tmp = expand_homedir("~/.pwmd/crl.pem"); if (!tmp) { @@ -260,6 +264,8 @@ gboolean initTlsParams() g_free(tmp); } + else + MUTEX_UNLOCK(&rcfile_mutex); tmp = expand_homedir("~/.pwmd/ca-cert.pem"); -- 2.11.4.GIT