diff options
-rw-r--r-- | src/ext/tinytest.c | 5 | ||||
-rw-r--r-- | src/lib/crypt_ops/crypto_init.c | 12 | ||||
-rw-r--r-- | src/lib/crypt_ops/crypto_init.h | 1 | ||||
-rw-r--r-- | src/lib/crypt_ops/crypto_nss_mgt.c | 19 | ||||
-rw-r--r-- | src/lib/crypt_ops/crypto_nss_mgt.h | 3 | ||||
-rw-r--r-- | src/test/testing_common.c | 8 |
6 files changed, 39 insertions, 9 deletions
diff --git a/src/ext/tinytest.c b/src/ext/tinytest.c index 2a475bd917..052fb6483f 100644 --- a/src/ext/tinytest.c +++ b/src/ext/tinytest.c @@ -120,8 +120,10 @@ testcase_run_bare_(const struct testcase_t *testcase) #ifndef NO_FORKING #ifdef TINYTEST_POSTFORK +void tinytest_prefork(void); void tinytest_postfork(void); #else +static void tinytest_prefork(void) { } static void tinytest_postfork(void) { } #endif @@ -185,16 +187,17 @@ testcase_run_forked_(const struct testgroup_t *group, if (opt_verbosity>0) printf("[forking] "); + tinytest_prefork(); pid = fork(); #ifdef FORK_BREAKS_GCOV vproc_transaction_begin(0); #endif + tinytest_postfork(); if (!pid) { /* child. */ int test_r, write_r; char b[1]; close(outcome_pipe[0]); - tinytest_postfork(); test_r = testcase_run_bare_(testcase); assert(0<=(int)test_r && (int)test_r<=2); b[0] = "NYS"[test_r]; diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c index f9b077e9e7..6fc8e5d94c 100644 --- a/src/lib/crypt_ops/crypto_init.c +++ b/src/lib/crypt_ops/crypto_init.c @@ -58,7 +58,7 @@ crypto_early_init(void) crypto_openssl_early_init(); #endif #ifdef ENABLE_NSS - crypto_nss_early_init(); + crypto_nss_early_init(0); #endif if (crypto_seed_rng() < 0) @@ -137,6 +137,16 @@ crypto_global_cleanup(void) /** Run operations that the crypto library requires to be happy again * after forking. */ void +crypto_prefork(void) +{ +#ifdef ENABLE_NSS + crypto_nss_prefork(); +#endif +} + +/** Run operations that the crypto library requires to be happy again + * after forking. */ +void crypto_postfork(void) { #ifdef ENABLE_NSS diff --git a/src/lib/crypt_ops/crypto_init.h b/src/lib/crypt_ops/crypto_init.h index 05b281720c..5b6d65d48c 100644 --- a/src/lib/crypt_ops/crypto_init.h +++ b/src/lib/crypt_ops/crypto_init.h @@ -24,6 +24,7 @@ int crypto_global_init(int hardwareAccel, void crypto_thread_cleanup(void); int crypto_global_cleanup(void); +void crypto_prefork(void); void crypto_postfork(void); const char *crypto_get_library_name(void); diff --git a/src/lib/crypt_ops/crypto_nss_mgt.c b/src/lib/crypt_ops/crypto_nss_mgt.c index 187f556bd2..a1da74aff5 100644 --- a/src/lib/crypt_ops/crypto_nss_mgt.c +++ b/src/lib/crypt_ops/crypto_nss_mgt.c @@ -50,10 +50,12 @@ nss_password_func_always_fail(PK11SlotInfo *slot, } void -crypto_nss_early_init(void) +crypto_nss_early_init(int nss_only) { - PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); - PK11_SetPasswordFunc(nss_password_func_always_fail); + if (! nss_only) { + PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); + PK11_SetPasswordFunc(nss_password_func_always_fail); + } /* Eventually we should use NSS_Init() instead -- but that wants a directory. The documentation says that we can't use this if we want @@ -113,11 +115,18 @@ void crypto_nss_global_cleanup(void) { NSS_Shutdown(); + PL_ArenaFinish(); + PR_Cleanup(); +} + +void +crypto_nss_prefork(void) +{ + NSS_Shutdown(); } void crypto_nss_postfork(void) { - crypto_nss_global_cleanup(); - crypto_nss_early_init(); + crypto_nss_early_init(1); } diff --git a/src/lib/crypt_ops/crypto_nss_mgt.h b/src/lib/crypt_ops/crypto_nss_mgt.h index c4c94f4d89..27793dcc45 100644 --- a/src/lib/crypt_ops/crypto_nss_mgt.h +++ b/src/lib/crypt_ops/crypto_nss_mgt.h @@ -22,11 +22,12 @@ const char *crypto_nss_get_header_version_str(void); void crypto_nss_log_errors(int severity, const char *doing); -void crypto_nss_early_init(void); +void crypto_nss_early_init(int nss_only); int crypto_nss_late_init(void); void crypto_nss_global_cleanup(void); +void crypto_nss_prefork(void); void crypto_nss_postfork(void); #endif diff --git a/src/test/testing_common.c b/src/test/testing_common.c index 17a0756803..42b5190ca0 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -223,11 +223,17 @@ an_assertion_failed(void) tinytest_set_test_failed_(); } +void tinytest_prefork(void); void tinytest_postfork(void); void -tinytest_postfork(void) +tinytest_prefork(void) { free_pregenerated_keys(); + crypto_prefork(); +} +void +tinytest_postfork(void) +{ crypto_postfork(); init_pregenerated_keys(); } |