From: Zhang Bo <oscar.zhangbo@huawei.com>
Date: Sat, 7 Mar 2020 11:31:01 +0000 (+0800)
Subject: tls: Add a mutex lock on 'tlsCtxt'
X-Git-Tag: v6.2.0-rc1~216
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b461178639ba6c37ab851717f1e5a05532db2da6;p=thirdparty%2Flibvirt.git

tls: Add a mutex lock on 'tlsCtxt'

Prevent the handshake function from reading 'tlsCtxt' while
updating 'tlsCtxt'.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Zhang Bo <oscar.zhangbo@huawei.com>
Signed-off-by: Wu Qingliang <wuqingliang4@huawei.com>
---

diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
index 4d85ee25d7..657108239f 100644
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@@ -1114,7 +1114,9 @@ int virNetServerClientInit(virNetServerClientPtr client)
                                   client->tls);
 
         /* Begin the TLS handshake. */
+        virObjectLock(client->tlsCtxt);
         ret = virNetTLSSessionHandshake(client->tls);
+        virObjectUnlock(client->tlsCtxt);
         if (ret == 0) {
             /* Unlikely, but ...  Next step is to check the certificate. */
             if (virNetServerClientCheckAccess(client) < 0)
@@ -1435,7 +1437,9 @@ virNetServerClientDispatchHandshake(virNetServerClientPtr client)
 {
     int ret;
     /* Continue the handshake. */
+    virObjectLock(client->tlsCtxt);
     ret = virNetTLSSessionHandshake(client->tls);
+    virObjectUnlock(client->tlsCtxt);
     if (ret == 0) {
         /* Finished.  Next step is to check the certificate. */
         if (virNetServerClientCheckAccess(client) < 0)