Security-57740.51.3.tar.gz

[apple/security.git] / OSX / libsecurity_apple_cspdl / lib / SSKey.cpp
diff --git a/OSX/libsecurity_apple_cspdl/lib/SSKey.cpp b/OSX/libsecurity_apple_cspdl/lib/SSKey.cpp

index fec984c559208f5d175b201d989ecc3ceea945e3..3fa1dfec556a5b5521145956d0587475fdfc19d3 100644 (file)
--- a/OSX/libsecurity_apple_cspdl/lib/SSKey.cpp
+++ b/OSX/libsecurity_apple_cspdl/lib/SSKey.cpp
@@ -27,6 +27,7 @@
  #include "SSDLSession.h"
  #include <security_cdsa_utilities/KeySchema.h>
  #include <security_cdsa_plugin/cssmplugin.h>
+#include <security_utilities/threading.h>
  
  using namespace CssmClient;
  using namespace SecurityServer;
@@ -39,6 +40,7 @@ SSKey::SSKey(SSCSPSession &session, KeyHandle keyHandle, CssmKey &ioKey,
  mAllocator(session), mKeyHandle(keyHandle),
  mClientSession(session.clientSession())
  {
+    StLock<Mutex> _ (mMutex); // In the constructor??? Yes. Our handlers aren't thread safe in the slightest...
         CssmKey::Header &header = ioKey.header();
         if (inKeyAttr & CSSM_KEYATTR_PERMANENT)
         {
@@ -140,6 +142,7 @@ mAllocator(session.allocator()), mKeyHandle(noKey), mUniqueId(uniqueId),
  mRecordType(recordType),
  mClientSession(session.clientSession())
  {
+    StLock<Mutex> _ (mMutex);
         CssmKey::Header &header = ioKey.header();
         memset(&header, 0, sizeof(header)); // Clear key header
  
@@ -234,6 +237,7 @@ mClientSession(session.clientSession())
  
  SSKey::~SSKey()
  {
+    StLock<Mutex> _(mMutex); // In the destructor too??? Yes. See SSCSPSession.cpp:354 for an explanation of this code's policy on threads.
         if (mKeyHandle != noKey)
                 clientSession().releaseKey(mKeyHandle);
  }
@@ -242,6 +246,7 @@ void
  SSKey::free(const AccessCredentials *accessCred, CssmKey &ioKey,
                         CSSM_BOOL deleteKey)
  {
+    StLock<Mutex> _(mMutex);
         freeReferenceKey(mAllocator, ioKey);
         if (deleteKey)
         {
@@ -264,17 +269,20 @@ SSKey::free(const AccessCredentials *accessCred, CssmKey &ioKey,
  SecurityServer::ClientSession &
  SSKey::clientSession()
  {
+    StLock<Mutex> _(mMutex);
         return mClientSession;
  }
  
  KeyHandle SSKey::optionalKeyHandle() const
  {
+    StLock<Mutex> _(mMutex);
         return mKeyHandle;
  }
  
  KeyHandle
  SSKey::keyHandle()
  {
+    StLock<Mutex> _(mMutex);
         if (mKeyHandle == noKey)
         {
                 // Deal with uninstantiated keys.
@@ -302,6 +310,7 @@ SSKey::keyHandle()
  void
  SSKey::getOwner(CSSM_ACL_OWNER_PROTOTYPE &owner, Allocator &allocator)
  {
+    StLock<Mutex> _ (mMutex);
         clientSession().getKeyOwner(keyHandle(), AclOwnerPrototype::overlay(owner),
                                                                 allocator);
  }
@@ -310,6 +319,7 @@ void
  SSKey::changeOwner(const AccessCredentials &accessCred,
                                    const AclOwnerPrototype &newOwner)
  {
+    StLock<Mutex> _ (mMutex);
         clientSession().changeKeyOwner(keyHandle(), accessCred, newOwner);
         didChangeAcl();
  }
@@ -318,6 +328,7 @@ void
  SSKey::getAcl(const char *selectionTag, uint32 &numberOfAclInfos,
                           AclEntryInfo *&aclInfos, Allocator &allocator)
  {
+    StLock<Mutex> _ (mMutex);
         clientSession().getKeyAcl(keyHandle(), selectionTag, numberOfAclInfos,
                                                           aclInfos, allocator);
  }
@@ -325,6 +336,7 @@ SSKey::getAcl(const char *selectionTag, uint32 &numberOfAclInfos,
  void
  SSKey::changeAcl(const AccessCredentials &accessCred, const AclEdit &aclEdit)
  {
+    StLock<Mutex> _ (mMutex);
         clientSession().changeKeyAcl(keyHandle(), accessCred, aclEdit);
         didChangeAcl();
  }