From 275b5c0b5c495abd84da7779bef9354755446449 Mon Sep 17 00:00:00 2001
From: Rafal Krypa <r.krypa@samsung.com>
Date: Thu, 19 Mar 2015 17:53:03 +0100
Subject: [PATCH] Fix advisory locking in client library

Enhance off-line mode detection based on lock:
- don't use exceptions for non-exceptional code paths
- only attempt off-line mode if caller is root

Also fix misleading logs informing about lock failures (that doesn't
lead to actual security-mnanager failures) caused by lock attempt on a
lock file without proper permissions.

Change-Id: Ie7fca37154a1993cd46c59a0204837904593e5db
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
---
 src/client/client-offline.cpp |  9 ++++++++-
 src/common/file-lock.cpp      | 41 ++++++++++++++++-------------------------
 2 files changed, 24 insertions(+), 26 deletions(-)

diff --git a/src/client/client-offline.cpp b/src/client/client-offline.cpp
index f926d77..e442c2f 100644
--- a/src/client/client-offline.cpp
+++ b/src/client/client-offline.cpp
@@ -35,6 +35,12 @@ ClientOffline::ClientOffline()
 {
     offlineMode = false;
     serviceLock = nullptr;
+
+    if (geteuid()) {
+        LogInfo("UID != 0, attempting only on-line mode.");
+        return;
+    }
+
     try {
         serviceLock = new SecurityManager::FileLocker(SecurityManager::SERVICE_LOCK_FILE, false);
         if (serviceLock->Locked()) {
@@ -53,7 +59,8 @@ ClientOffline::ClientOffline()
                 LogInfo("Service seems to be running now.");
         }
     } catch (...) {
-        /* Ignore exceptions, assume on-line */
+        LogError("Cannot detect off-line mode by lock.");
+        offlineMode = false;
     }
 
     if (offlineMode)
diff --git a/src/common/file-lock.cpp b/src/common/file-lock.cpp
index 36b2ccb..6f3996c 100644
--- a/src/common/file-lock.cpp
+++ b/src/common/file-lock.cpp
@@ -41,18 +41,11 @@ FileLocker::FileLocker(const std::string &lockFile, bool blocking)
         ThrowMsg(FileLocker::Exception::LockFailed,
                  "File name can not be empty.");
     }
-    try {
-        m_locked = false;
-        m_blocking = blocking;
-        m_lockFile = lockFile;
-        Lock();
-    } catch (FileLocker::Exception::Base &e) {
-        LogError("Failed to lock " << lockFile << " file: "
-                 << e.DumpToString());
-        ThrowMsg(FileLocker::Exception::LockFailed,
-                 "Failed to lock " << lockFile << " file: "
-                 << e.DumpToString());
-    }
+
+    m_locked = false;
+    m_blocking = blocking;
+    m_lockFile = lockFile;
+    Lock();
 }
 
 FileLocker::~FileLocker()
@@ -69,9 +62,11 @@ void FileLocker::Lock()
 {
     if (m_locked)
         return;
+
     try {
-        if (!std::ifstream(m_lockFile).good())
-            std::ofstream(m_lockFile.c_str());
+        std::ofstream tmpf(m_lockFile);
+        tmpf.close();
+
         m_flock = boost::interprocess::file_lock(m_lockFile.c_str());
         if (m_blocking) {
             m_flock.lock();
@@ -79,19 +74,15 @@ void FileLocker::Lock()
         } else
             m_locked = m_flock.try_lock();
     } catch (const std::exception &e) {
-            ThrowMsg(FileLocker::Exception::LockFailed,
-                     "Error while locking a file.");
+        LogError("Error while locking a file: " << e.what());
+        ThrowMsg(FileLocker::Exception::LockFailed,
+                 "Error while locking a file: " << e.what());
     }
-    if (m_locked) {
+
+    if (m_locked)
         LogDebug("We have a lock on " << m_lockFile << " file.");
-    } else {
-        if (m_blocking) {
-            ThrowMsg(FileLocker::Exception::LockFailed,
-                     "Unable to lock file.");
-        } else {
-            LogDebug("Impossible to lock a file now.");
-        }
-    }
+    else
+        LogDebug("Impossible to lock a file now.");
 }
 
 void FileLocker::Unlock()
-- 
2.7.4