spice-vdagent/vdagentd-Limit-number-of-agents-per-session-to-1.patch

From cb15e7c8052cae75272bbd0d6a5cac37efa360f8 Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <freddy77@gmail.com>
Date: Thu, 24 Sep 2020 12:13:44 +0100
Subject: [PATCH 07/10] vdagentd: Limit number of agents per session to 1

References: bsc#1173749

Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Acked-by: Uri Lublin <uril@redhat.com>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
 src/vdagentd/vdagentd.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/src/vdagentd/vdagentd.c b/src/vdagentd/vdagentd.c
index 59aa523..92885b5 100644
--- a/src/vdagentd/vdagentd.c
+++ b/src/vdagentd/vdagentd.c
@@ -952,6 +952,20 @@ static gboolean remove_active_xfers(gpointer key, gpointer value, gpointer conn)
         return 0;
 }
 
+/* Check if this connection matches the passed session */
+static int connection_matches_session(UdscsConnection *conn, void *priv)
+{
+    const char *session = priv;
+    const struct agent_data *agent_data = g_object_get_data(G_OBJECT(conn), "agent_data");
+
+    if (!agent_data || !agent_data->session ||
+        strcmp(agent_data->session, session) != 0) {
+        return 0;
+    }
+
+    return 1;
+}
+
 /* Check a given process has a given UID */
 static bool check_uid_of_pid(pid_t pid, uid_t uid)
 {
@@ -1006,6 +1020,16 @@ static void agent_connect(UdscsConnection *conn)
             udscs_server_destroy_connection(server, conn);
             return;
         }
+
+        // Check there are no other connection for this session
+        // Note that "conn" is not counted as "agent_data" is still not attached to it
+        if (udscs_server_for_all_clients(server, connection_matches_session,
+                                         agent_data->session) > 0) {
+            syslog(LOG_ERR, "An agent is already connected for this session");
+            agent_data_destroy(agent_data);
+            udscs_server_destroy_connection(server, conn);
+            return;
+        }
     }
 
     g_object_set_data_full(G_OBJECT(conn), "agent_data", agent_data,
-- 
2.28.0