Add postfork support for nss

We need this in our unit tests, since otherwise NSS will notice
we've forked and start cussing us out.

I suspect we'll need a different hack for daemonizing, but this
should be enough for tinytest to work.

diff --git a/src/ext/tinytest.c b/src/ext/tinytest.c
index 3fb1b39c718cbad3ed1018d2bd4a135bbbe57a31..8b2c71bebff99a61d452cbb2631dd98b5b1734ed 100644 (file)
--- a/src/ext/tinytest.c
+++ b/src/ext/tinytest.c
@@ -25,6 +25,7 @@
 #ifdef TINYTEST_LOCAL
 #include "tinytest_local.h"
 #endif
+#define TINYTEST_POSTFORK
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -118,6 +119,12 @@ testcase_run_bare_(const struct testcase_t *testcase)
 
 #ifndef NO_FORKING
 
+#ifdef TINYTEST_POSTFORK
+void tinytest_postfork(void);
+#else
+static void tinytest_postfork(void) { }
+#endif
+
 static enum outcome
 testcase_run_forked_(const struct testgroup_t *group,
                     const struct testcase_t *testcase)
@@ -187,6 +194,7 @@ testcase_run_forked_(const struct testgroup_t *group,
                int test_r, write_r;
                char b[1];
                close(outcome_pipe[0]);
+               tinytest_postfork();
                test_r = testcase_run_bare_(testcase);
                assert(0<=(int)test_r && (int)test_r<=2);
                b[0] = "NYS"[test_r];

diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c
index 7f5a63219b7a6b990d57398202c1e32da9772a1c..b651474cf89308dcdca6704a7fff9c7a62cef4c8 100644 (file)
--- a/src/lib/crypt_ops/crypto_init.c
+++ b/src/lib/crypt_ops/crypto_init.c
@@ -127,3 +127,13 @@ crypto_global_cleanup(void)
 
   return 0;
 }
+
+/** Run operations that the crypto library requires to be happy again
+ * after forking. */
+void
+crypto_postfork(void)
+{
+#ifdef ENABLE_NSS
+  crypto_nss_postfork();
+#endif
+}

diff --git a/src/lib/crypt_ops/crypto_init.h b/src/lib/crypt_ops/crypto_init.h
index e450e2d89403ebaaef0ec0d4b7da23f25572495e..3e32456b5c6db8ef5f482a6241b10f35aa66a689 100644 (file)
--- a/src/lib/crypt_ops/crypto_init.h
+++ b/src/lib/crypt_ops/crypto_init.h
@@ -24,5 +24,6 @@ int crypto_global_init(int hardwareAccel,
 
 void crypto_thread_cleanup(void);
 int crypto_global_cleanup(void);
+void crypto_postfork(void);
 
 #endif /* !defined(TOR_CRYPTO_H) */

diff --git a/src/lib/crypt_ops/crypto_nss_mgt.c b/src/lib/crypt_ops/crypto_nss_mgt.c
index 84d9f027a452944cfc9e2466c87eb39c2e502e72..6bcaeabd5a705620483fc8794cf65e7f5d3406be 100644 (file)
--- a/src/lib/crypt_ops/crypto_nss_mgt.c
+++ b/src/lib/crypt_ops/crypto_nss_mgt.c
@@ -93,3 +93,10 @@ crypto_nss_global_cleanup(void)
 {
   NSS_Shutdown();
 }
+
+void
+crypto_nss_postfork(void)
+{
+  crypto_nss_global_cleanup();
+  crypto_nss_early_init();
+}

diff --git a/src/lib/crypt_ops/crypto_nss_mgt.h b/src/lib/crypt_ops/crypto_nss_mgt.h
index 0e899bad06cc2fa79a49512b14d28592358bf655..c4c94f4d8959e742b76e4db945251e462209e1cd 100644 (file)
--- a/src/lib/crypt_ops/crypto_nss_mgt.h
+++ b/src/lib/crypt_ops/crypto_nss_mgt.h
@@ -26,6 +26,8 @@ void crypto_nss_early_init(void);
 int crypto_nss_late_init(void);
 
 void crypto_nss_global_cleanup(void);
+
+void crypto_nss_postfork(void);
 #endif
 
 #endif /* !defined(TOR_CRYPTO_NSS_H) */

diff --git a/src/test/testing_common.c b/src/test/testing_common.c
index 32d7bf7f0e664a6c7e826f32797a9dd9556f022c..1611a54b6ac3131a4cd9e0163347db226be41d0b 100644 (file)
--- a/src/test/testing_common.c
+++ b/src/test/testing_common.c
@@ -223,6 +223,13 @@ an_assertion_failed(void)
   tinytest_set_test_failed_();
 }
 
+void tinytest_postfork(void);
+void
+tinytest_postfork(void)
+{
+  crypto_postfork();
+}
+
 /** Main entry point for unit test code: parse the command line, and run
  * some unit tests. */
 int