Put into protected critical section for ms_security_is_privilege_granted() deadlock...

 - cynara_check() is not thread-safety
 - Change return type without checking return value

Change-Id: I4d1c650e2284ce35a860898a99c4ba473bfc2139

diff --git a/packaging/mused.spec b/packaging/mused.spec
index c0a55fa..78a82ee 100644 (file)
--- a/packaging/mused.spec
+++ b/packaging/mused.spec
@@ -1,6 +1,6 @@
 Name:       mused
 Summary:    A multimedia daemon
-Version:    0.3.151
+Version:    0.3.152
 Release:    0
 Group:      System/Libraries
 License:    Apache-2.0

diff --git a/server/include/muse_server_security.h b/server/include/muse_server_security.h
index e66d5af..2ff9507 100644 (file)
--- a/server/include/muse_server_security.h
+++ b/server/include/muse_server_security.h
@@ -32,6 +32,7 @@ extern "C" {
 
 typedef struct ms_security {
        void *p_cynara;
+       GMutex lock;
 } ms_security_t;
 
 void ms_security_init(ms_security_t *security);

diff --git a/server/src/muse_server_security.c b/server/src/muse_server_security.c
index 69a1732..6f0ac95 100644 (file)
--- a/server/src/muse_server_security.c
+++ b/server/src/muse_server_security.c
@@ -25,7 +25,7 @@
 #include <cynara-creds-socket.h>
 
 static void _ms_security_cynara_log_error(const char *function, int error_code);
-static int _ms_security_cynara_new(ms_security_t *security);
+static void _ms_security_cynara_new(ms_security_t *security);
 static void _ms_security_cynara_free(ms_security_t *security);
 
 static void _ms_security_cynara_log_error(const char *function, int error_code)
@@ -35,12 +35,12 @@ static void _ms_security_cynara_log_error(const char *function, int error_code)
        LOGE("[CYNARA] %s function failed with error %d : %s", function, error_code, buf);
 }
 
-static int _ms_security_cynara_new(ms_security_t *security)
+static void _ms_security_cynara_new(ms_security_t *security)
 {
-       int ret, error = -1;
+       int ret;
        cynara_configuration *p_conf = NULL;
 
-       muse_return_val_if_fail(security, MM_ERROR_INVALID_ARGUMENT);
+       muse_return_if_fail(security);
 
        if (security->p_cynara) {
                LOGE("[CYNARA] Improper usage of cynara");
@@ -65,11 +65,9 @@ static int _ms_security_cynara_new(ms_security_t *security)
                goto end;
        }
 
-       error = 0;
 
 end:
        cynara_configuration_destroy(p_conf);
-       return error;
 }
 
 static void _ms_security_cynara_free(ms_security_t *security)
@@ -88,6 +86,8 @@ void ms_security_init(ms_security_t *security)
 
        muse_return_if_fail(security);
 
+       g_mutex_init(&security->lock);
+
        _ms_security_cynara_new(security);
 
        LOGD("Leave");
@@ -101,6 +101,8 @@ void ms_security_deinit(ms_security_t *security)
 
        _ms_security_cynara_free(security);
 
+       g_mutex_clear(&security->lock);
+
        g_free(security);
        LOGD("Leave");
 }
@@ -115,6 +117,10 @@ bool ms_security_is_privilege_granted(ms_security_t *security, int fd, const cha
 
        muse_return_val_if_fail(security, false);
 
+       LOGI("Enter [fd %d privilege %s]", fd, privilege);
+
+       g_mutex_lock(&security->lock);
+
        ret = cynara_creds_socket_get_user(fd, USER_METHOD_DEFAULT, &user);
        if (ret != CYNARA_API_SUCCESS) {
                _ms_security_cynara_log_error("cynara_creds_socket_get_user", ret);
@@ -159,9 +165,10 @@ CLEANUP:
        MUSE_FREE(session);
        MUSE_FREE(client);
 
-       if (ret == CYNARA_API_ACCESS_ALLOWED)
-               return true;
-       else
-               return false;
+       g_mutex_unlock(&security->lock);
+
+       LOGI("Leave [fd %d privilege %s] RET [%d]", fd, privilege, ret);
+
+       return (ret == CYNARA_API_ACCESS_ALLOWED);
 }