rpc: fix concurrency bug in gf_authenticate

The basic problem is that gf_authenticate abused global variables to pass info through dict_foreach. This is not thread-safe, but it wasn't affecting most people until multi-threaded epoll came along. Now, if two threads get into this code at the same time - and there's nothing to prevent it - one of them could free one of the dicts involved while the other is still using it. The fix is to pass this same information using a temporary structure instead of globals. This makes the code smaller and more efficient too. Change-Id: I72cccc440bb40d5f7ff695250dd014762c7efb73 BUG: 1247765 Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/11780 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Niels de Vos <ndevos@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
author: Jeff Darcy <jdarcy@redhat.com> 2015-07-28 16:02:50 -0400
committer: Raghavendra G <rgowdapp@redhat.com> 2015-07-28 21:20:40 -0700
commit: 8f04ec33bc86aa464a5f8b77f9d64e5608cb6f1b (patch)
tree: 8eabbc9666ca43bdffce68d97c12360b9d187505 /xlators/protocol/server
parent: d051bd14223d12ca8eaea85f6988ff41e5eef2c3 (diff)
1 files changed, 31 insertions, 47 deletions
diff --git a/xlators/protocol/server/src/authenticate.c b/xlators/protocol/server/src/authenticate.c
index da9911bed71..c0007766f85 100644
--- a/xlators/protocol/server/src/authenticate.c
+++ b/xlators/protocol/server/src/authenticate.c
@@ -162,72 +162,57 @@ out:
         return ret;
 }
 
-static dict_t *__input_params;
-static dict_t *__config_params;
+typedef struct {
+        dict_t  *iparams;
+        dict_t  *cparams;
+        int64_t result;
+} gf_auth_args_t;
 
-int
-map (dict_t *this, char *key, data_t *value, void *data)
+static int
+gf_auth_one_method (dict_t *this, char *key, data_t *value, void *data)
 {
-        dict_t *res = data;
-        auth_fn_t authenticate;
-        auth_handle_t *handle = NULL;
+        gf_auth_args_t  *args   = data;
+        auth_handle_t   *handle = NULL;
 
-        if (value && (handle = data_to_ptr (value)) &&
-            (authenticate = handle->authenticate)) {
-                dict_set (res, key,
-                          int_to_data (authenticate (__input_params,
-                                                     __config_params)));
-        } else {
-                dict_set (res, key, int_to_data (AUTH_DONT_CARE));
+        if (!value) {
+                return 0;
         }
-        return 0;
-}
 
-int
-reduce (dict_t *this, char *key, data_t *value, void *data)
-{
-        int64_t val = 0;
-        int64_t *res = data;
-        if (!data)
+        handle = data_to_ptr (value);
+        if (!handle || !handle->authenticate) {
                 return 0;
+        }
 
-        val = data_to_int64 (value);
-        switch (val)
-        {
+        switch (handle->authenticate (args->iparams, args->cparams)) {
         case AUTH_ACCEPT:
-                if (AUTH_DONT_CARE == *res)
-                        *res = AUTH_ACCEPT;
-                break;
-
+                if (args->result != AUTH_REJECT) {
+                        args->result = AUTH_ACCEPT;
+                }
+                /* FALLTHROUGH */
+        default:
+                return 0;
         case AUTH_REJECT:
-                *res = AUTH_REJECT;
-                break;
-
-        case AUTH_DONT_CARE:
-                break;
+                args->result = AUTH_REJECT;
+                return -1;
         }
-        return 0;
 }
 
-
 auth_result_t
 gf_authenticate (dict_t *input_params,
                  dict_t *config_params,
                  dict_t *auth_modules)
 {
         char *name = NULL;
-        dict_t *results = NULL;
-        int64_t result = AUTH_DONT_CARE;
         data_t *peerinfo_data = NULL;
+        gf_auth_args_t  args;
 
-        results = get_new_dict ();
-        __input_params = input_params;
-        __config_params = config_params;
+        args.iparams = input_params;
+        args.cparams = config_params;
+        args.result = AUTH_DONT_CARE;
 
-        dict_foreach (auth_modules, map, results);
+        dict_foreach (auth_modules, gf_auth_one_method, &args);
 
-        dict_foreach (results, reduce, &result);
-        if (AUTH_DONT_CARE == result) {
+        if (AUTH_DONT_CARE == args.result) {
                 peerinfo_data = dict_get (input_params, "peer-info-name");
 
                 if (peerinfo_data) {
@@ -237,11 +222,10 @@ gf_authenticate (dict_t *input_params,
                 gf_msg ("auth", GF_LOG_ERROR, 0, PS_MSG_REMOTE_CLIENT_REFUSED,
                         "no authentication module is interested in "
                         "accepting remote-client %s", name);
-                result = AUTH_REJECT;
+                args.result = AUTH_REJECT;
         }
 
-        dict_destroy (results);
-        return result;
+        return args.result;
 }
 
 void
author	Jeff Darcy <jdarcy@redhat.com>	2015-07-28 16:02:50 -0400
committer	Raghavendra G <rgowdapp@redhat.com>	2015-07-28 21:20:40 -0700
commit	8f04ec33bc86aa464a5f8b77f9d64e5608cb6f1b (patch)
tree	8eabbc9666ca43bdffce68d97c12360b9d187505 /xlators/protocol/server
parent	d051bd14223d12ca8eaea85f6988ff41e5eef2c3 (diff)