Skip to content
Permalink
Browse files

[auth] Added mutex to protect cache for identcert auth

  • Loading branch information
elpaso committed Oct 11, 2017
1 parent 5de906f commit 4ccaf11d803b9cedaf452f795ac96426762b9741
Showing with 14 additions and 5 deletions.
  1. +10 −4 src/auth/identcert/qgsauthidentcertmethod.cpp
  2. +4 −1 src/auth/identcert/qgsauthidentcertmethod.h
@@ -25,6 +25,7 @@
#include <QSslConfiguration>
#include <QSslError>
#endif
#include <QMutexLocker>

#include "qgsauthcertutils.h"
#include "qgsauthmanager.h"
@@ -51,8 +52,9 @@ QgsAuthIdentCertMethod::QgsAuthIdentCertMethod()

QgsAuthIdentCertMethod::~QgsAuthIdentCertMethod()
{
qDeleteAll( mPkiConfigBundleCache );
mPkiConfigBundleCache.clear();
QMutexLocker locker( &mConfigMutex );
qDeleteAll( sPkiConfigBundleCache );
sPkiConfigBundleCache.clear();
}

QString QgsAuthIdentCertMethod::key() const
@@ -220,7 +222,8 @@ void QgsAuthIdentCertMethod::updateMethodConfig( QgsAuthMethodConfig &mconfig )

QgsPkiConfigBundle *QgsAuthIdentCertMethod::getPkiConfigBundle( const QString &authcfg )
{
QgsPkiConfigBundle * bundle = nullptr;
QMutexLocker locker( &mConfigMutex );
QgsPkiConfigBundle *bundle = nullptr;

// check if it is cached
if ( mPkiConfigBundleCache.contains( authcfg ) )
@@ -264,6 +267,7 @@ QgsPkiConfigBundle *QgsAuthIdentCertMethod::getPkiConfigBundle( const QString &a

bundle = new QgsPkiConfigBundle( mconfig, clientcert, clientkey );

locker.unlock();
// cache bundle
putPkiConfigBundle( authcfg, bundle );

@@ -272,13 +276,15 @@ QgsPkiConfigBundle *QgsAuthIdentCertMethod::getPkiConfigBundle( const QString &a

void QgsAuthIdentCertMethod::putPkiConfigBundle( const QString &authcfg, QgsPkiConfigBundle *pkibundle )
{
QMutexLocker locker( &mConfigMutex );
QgsDebugMsg( QString( "Putting PKI bundle for authcfg %1" ).arg( authcfg ) );
mPkiConfigBundleCache.insert( authcfg, pkibundle );
}

void QgsAuthIdentCertMethod::removePkiConfigBundle( const QString &authcfg )
{
if ( mPkiConfigBundleCache.contains( authcfg ) )
QMutexLocker locker( &mConfigMutex );
if ( sPkiConfigBundleCache.contains( authcfg ) )
{
QgsPkiConfigBundle * pkibundle = mPkiConfigBundleCache.take( authcfg );
delete pkibundle;
@@ -18,6 +18,7 @@
#define QGSAUTHIDENTCERTMETHOD_H

#include <QObject>
#include <QMutex>

#include "qgsauthconfig.h"
#include "qgsauthmethod.h"
@@ -56,7 +57,9 @@ class QgsAuthIdentCertMethod : public QgsAuthMethod

void removePkiConfigBundle( const QString &authcfg );

static QMap<QString, QgsPkiConfigBundle *> mPkiConfigBundleCache;
static QMap<QString, QgsPkiConfigBundle *> sPkiConfigBundleCache;

QMutex mConfigMutex;
};

#endif // QGSAUTHIDENTCERTMETHOD_H

0 comments on commit 4ccaf11

Please sign in to comment.
You can’t perform that action at this time.