Skip to content

Commit

Permalink
[auth] Added mutex to protect cache for identcert auth
Browse files Browse the repository at this point in the history
  • Loading branch information
elpaso committed Oct 11, 2017
1 parent 5de906f commit 4ccaf11
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 5 deletions.
14 changes: 10 additions & 4 deletions src/auth/identcert/qgsauthidentcertmethod.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
#include <QSslConfiguration>
#include <QSslError>
#endif
#include <QMutexLocker>

#include "qgsauthcertutils.h"
#include "qgsauthmanager.h"
Expand All @@ -51,8 +52,9 @@ QgsAuthIdentCertMethod::QgsAuthIdentCertMethod()

QgsAuthIdentCertMethod::~QgsAuthIdentCertMethod()
{
qDeleteAll( mPkiConfigBundleCache );
mPkiConfigBundleCache.clear();
QMutexLocker locker( &mConfigMutex );
qDeleteAll( sPkiConfigBundleCache );
sPkiConfigBundleCache.clear();
}

QString QgsAuthIdentCertMethod::key() const
Expand Down Expand Up @@ -220,7 +222,8 @@ void QgsAuthIdentCertMethod::updateMethodConfig( QgsAuthMethodConfig &mconfig )

QgsPkiConfigBundle *QgsAuthIdentCertMethod::getPkiConfigBundle( const QString &authcfg )
{
QgsPkiConfigBundle * bundle = nullptr;
QMutexLocker locker( &mConfigMutex );
QgsPkiConfigBundle *bundle = nullptr;

// check if it is cached
if ( mPkiConfigBundleCache.contains( authcfg ) )
Expand Down Expand Up @@ -264,6 +267,7 @@ QgsPkiConfigBundle *QgsAuthIdentCertMethod::getPkiConfigBundle( const QString &a

bundle = new QgsPkiConfigBundle( mconfig, clientcert, clientkey );

locker.unlock();
// cache bundle
putPkiConfigBundle( authcfg, bundle );

Expand All @@ -272,13 +276,15 @@ QgsPkiConfigBundle *QgsAuthIdentCertMethod::getPkiConfigBundle( const QString &a

void QgsAuthIdentCertMethod::putPkiConfigBundle( const QString &authcfg, QgsPkiConfigBundle *pkibundle )
{
QMutexLocker locker( &mConfigMutex );
QgsDebugMsg( QString( "Putting PKI bundle for authcfg %1" ).arg( authcfg ) );
mPkiConfigBundleCache.insert( authcfg, pkibundle );
}

void QgsAuthIdentCertMethod::removePkiConfigBundle( const QString &authcfg )
{
if ( mPkiConfigBundleCache.contains( authcfg ) )
QMutexLocker locker( &mConfigMutex );
if ( sPkiConfigBundleCache.contains( authcfg ) )
{
QgsPkiConfigBundle * pkibundle = mPkiConfigBundleCache.take( authcfg );
delete pkibundle;
Expand Down
5 changes: 4 additions & 1 deletion src/auth/identcert/qgsauthidentcertmethod.h
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
#define QGSAUTHIDENTCERTMETHOD_H

#include <QObject>
#include <QMutex>

#include "qgsauthconfig.h"
#include "qgsauthmethod.h"
Expand Down Expand Up @@ -56,7 +57,9 @@ class QgsAuthIdentCertMethod : public QgsAuthMethod

void removePkiConfigBundle( const QString &authcfg );

static QMap<QString, QgsPkiConfigBundle *> mPkiConfigBundleCache;
static QMap<QString, QgsPkiConfigBundle *> sPkiConfigBundleCache;

QMutex mConfigMutex;
};

#endif // QGSAUTHIDENTCERTMETHOD_H

0 comments on commit 4ccaf11

Please sign in to comment.