[tor/master] Update prefork and postfork NSS code for unit tests. - tor-commits

5 Sep 2018

commit 36f3bdac032523c6d98022c84059d8ebd69dfdfe
Author: Nick Mathewson nickm@torproject.org
Date:   Wed Aug 29 08:39:19 2018 -0400
Update prefork and postfork NSS code for unit tests.
---
 src/ext/tinytest.c                 |  5 ++++-
 src/lib/crypt_ops/crypto_init.c    | 12 +++++++++++-
 src/lib/crypt_ops/crypto_init.h    |  1 +
 src/lib/crypt_ops/crypto_nss_mgt.c | 19 ++++++++++++++-----
 src/lib/crypt_ops/crypto_nss_mgt.h |  3 ++-
 src/test/testing_common.c          |  8 +++++++-
 6 files changed, 39 insertions(+), 9 deletions(-)

diff --git a/src/ext/tinytest.c b/src/ext/tinytest.c
index 2a475bd91..052fb6483 100644
--- a/src/ext/tinytest.c
+++ b/src/ext/tinytest.c
@@ -120,8 +120,10 @@ testcase_run_bare_(const struct testcase_t *testcase)
 #ifndef NO_FORKING
#ifdef TINYTEST_POSTFORK
+void tinytest_prefork(void);
 void tinytest_postfork(void);
 #else
+static void tinytest_prefork(void) { }
 static void tinytest_postfork(void) { }
 #endif
@@ -185,16 +187,17 @@ testcase_run_forked_(const struct testgroup_t *group,
if (opt_verbosity>0)
    	printf("[forking] ");
+	tinytest_prefork();
    pid = fork();
 #ifdef FORK_BREAKS_GCOV
    vproc_transaction_begin(0);
 #endif
+	tinytest_postfork();
    if (!pid) {
    	/* child. */
    	int test_r, write_r;
    	char b[1];
    	close(outcome_pipe[0]);
-		tinytest_postfork();
    	test_r = testcase_run_bare_(testcase);
    	assert(0<=(int)test_r && (int)test_r<=2);
    	b[0] = "NYS"[test_r];
diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c
index f9b077e9e..6fc8e5d94 100644
--- a/src/lib/crypt_ops/crypto_init.c
+++ b/src/lib/crypt_ops/crypto_init.c
@@ -58,7 +58,7 @@ crypto_early_init(void)
     crypto_openssl_early_init();
 #endif
 #ifdef ENABLE_NSS
-    crypto_nss_early_init();
+    crypto_nss_early_init(0);
 #endif
if (crypto_seed_rng() < 0)
@@ -137,6 +137,16 @@ crypto_global_cleanup(void)
 /** Run operations that the crypto library requires to be happy again
  * after forking. */
 void
+crypto_prefork(void)
+{
+#ifdef ENABLE_NSS
+  crypto_nss_prefork();
+#endif
+}
+
+/** Run operations that the crypto library requires to be happy again
+ * after forking. */
+void
 crypto_postfork(void)
 {
 #ifdef ENABLE_NSS
diff --git a/src/lib/crypt_ops/crypto_init.h b/src/lib/crypt_ops/crypto_init.h
index 05b281720..5b6d65d48 100644
--- a/src/lib/crypt_ops/crypto_init.h
+++ b/src/lib/crypt_ops/crypto_init.h
@@ -24,6 +24,7 @@ int crypto_global_init(int hardwareAccel,
void crypto_thread_cleanup(void);
 int crypto_global_cleanup(void);
+void crypto_prefork(void);
 void crypto_postfork(void);
const char *crypto_get_library_name(void);
diff --git a/src/lib/crypt_ops/crypto_nss_mgt.c b/src/lib/crypt_ops/crypto_nss_mgt.c
index 187f556bd..a1da74aff 100644
--- a/src/lib/crypt_ops/crypto_nss_mgt.c
+++ b/src/lib/crypt_ops/crypto_nss_mgt.c
@@ -50,10 +50,12 @@ nss_password_func_always_fail(PK11SlotInfo *slot,
 }
void
-crypto_nss_early_init(void)
+crypto_nss_early_init(int nss_only)
 {
-  PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-  PK11_SetPasswordFunc(nss_password_func_always_fail);
+  if (! nss_only) {
+    PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
+    PK11_SetPasswordFunc(nss_password_func_always_fail);
+  }
/* Eventually we should use NSS_Init() instead -- but that wants a
      directory. The documentation says that we can't use this if we want
@@ -113,11 +115,18 @@ void
 crypto_nss_global_cleanup(void)
 {
   NSS_Shutdown();
+  PL_ArenaFinish();
+  PR_Cleanup();
+}
+
+void
+crypto_nss_prefork(void)
+{
+  NSS_Shutdown();
 }
void
 crypto_nss_postfork(void)
 {
-  crypto_nss_global_cleanup();
-  crypto_nss_early_init();
+  crypto_nss_early_init(1);
 }
diff --git a/src/lib/crypt_ops/crypto_nss_mgt.h b/src/lib/crypt_ops/crypto_nss_mgt.h
index c4c94f4d8..27793dcc4 100644
--- a/src/lib/crypt_ops/crypto_nss_mgt.h
+++ b/src/lib/crypt_ops/crypto_nss_mgt.h
@@ -22,11 +22,12 @@ const char *crypto_nss_get_header_version_str(void);
void crypto_nss_log_errors(int severity, const char *doing);
-void crypto_nss_early_init(void);
+void crypto_nss_early_init(int nss_only);
 int crypto_nss_late_init(void);
void crypto_nss_global_cleanup(void);
+void crypto_nss_prefork(void);
 void crypto_nss_postfork(void);
 #endif
diff --git a/src/test/testing_common.c b/src/test/testing_common.c
index 17a075680..42b5190ca 100644
--- a/src/test/testing_common.c
+++ b/src/test/testing_common.c
@@ -223,11 +223,17 @@ an_assertion_failed(void)
   tinytest_set_test_failed_();
 }
+void tinytest_prefork(void);
 void tinytest_postfork(void);
 void
-tinytest_postfork(void)
+tinytest_prefork(void)
 {
   free_pregenerated_keys();
+  crypto_prefork();
+}
+void
+tinytest_postfork(void)
+{
   crypto_postfork();
   init_pregenerated_keys();
 }

    