Prevent creation of SSL context during certificate updating

Added sync primitive into CryptoManagerImpl as class member
and added lock into OnCertificateUpdated, CreateSSLContext
methods for preventing race conditions

2 files changed, 8 insertions, 0 deletions

diff --git a/src/components/security_manager/include/security_manager/crypto_manager_impl.h b/src/components/security_manager/include/security_manager/crypto_manager_impl.h
index 5fd7a95155..045ec006c8 100644
--- a/src/components/security_manager/include/security_manager/crypto_manager_impl.h
+++ b/src/components/security_manager/include/security_manager/crypto_manager_impl.h
@@ -206,6 +206,7 @@ class CryptoManagerImpl : public CryptoManager {
   SSL_CTX* context_;
   static uint32_t instance_count_;
   static sync_primitives::Lock instance_lock_;
+  sync_primitives::Lock crypto_manager_lock_;
   DISALLOW_COPY_AND_ASSIGN(CryptoManagerImpl);
 };
 }  // namespace security_manager
diff --git a/src/components/security_manager/src/crypto_manager_impl.cc b/src/components/security_manager/src/crypto_manager_impl.cc
index 90ae0177ec..88a79cb3fc 100644
--- a/src/components/security_manager/src/crypto_manager_impl.cc
+++ b/src/components/security_manager/src/crypto_manager_impl.cc
@@ -283,6 +283,9 @@ bool CryptoManagerImpl::Init() {
 
 bool CryptoManagerImpl::OnCertificateUpdated(const std::string& data) {
   LOG4CXX_AUTO_TRACE(logger_);
+  sync_primitives::AutoLock lock(crypto_manager_lock_);
+  LOG4CXX_DEBUG(logger_,
+                "CryptoManager is locked. Start of sertificate update");
   if (!context_) {
     LOG4CXX_WARN(logger_, "Not initialized");
     return false;
@@ -307,6 +310,10 @@ bool CryptoManagerImpl::OnCertificateUpdated(const std::string& data) {
 }
 
 SSLContext* CryptoManagerImpl::CreateSSLContext() {
+  LOG4CXX_AUTO_TRACE(logger_);
+  sync_primitives::AutoLock lock(crypto_manager_lock_);
+  LOG4CXX_DEBUG(logger_,
+                "CryptoManager is locked. Start of SSLContext creation");
   if (NULL == context_) {
     return NULL;
   }