aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/ext/tinytest.c5
-rw-r--r--src/lib/crypt_ops/crypto_init.c12
-rw-r--r--src/lib/crypt_ops/crypto_init.h1
-rw-r--r--src/lib/crypt_ops/crypto_nss_mgt.c19
-rw-r--r--src/lib/crypt_ops/crypto_nss_mgt.h3
-rw-r--r--src/test/testing_common.c8
6 files changed, 39 insertions, 9 deletions
diff --git a/src/ext/tinytest.c b/src/ext/tinytest.c
index 2a475bd917..052fb6483f 100644
--- a/src/ext/tinytest.c
+++ b/src/ext/tinytest.c
@@ -120,8 +120,10 @@ testcase_run_bare_(const struct testcase_t *testcase)
#ifndef NO_FORKING
#ifdef TINYTEST_POSTFORK
+void tinytest_prefork(void);
void tinytest_postfork(void);
#else
+static void tinytest_prefork(void) { }
static void tinytest_postfork(void) { }
#endif
@@ -185,16 +187,17 @@ testcase_run_forked_(const struct testgroup_t *group,
if (opt_verbosity>0)
printf("[forking] ");
+ tinytest_prefork();
pid = fork();
#ifdef FORK_BREAKS_GCOV
vproc_transaction_begin(0);
#endif
+ tinytest_postfork();
if (!pid) {
/* child. */
int test_r, write_r;
char b[1];
close(outcome_pipe[0]);
- tinytest_postfork();
test_r = testcase_run_bare_(testcase);
assert(0<=(int)test_r && (int)test_r<=2);
b[0] = "NYS"[test_r];
diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c
index f9b077e9e7..6fc8e5d94c 100644
--- a/src/lib/crypt_ops/crypto_init.c
+++ b/src/lib/crypt_ops/crypto_init.c
@@ -58,7 +58,7 @@ crypto_early_init(void)
crypto_openssl_early_init();
#endif
#ifdef ENABLE_NSS
- crypto_nss_early_init();
+ crypto_nss_early_init(0);
#endif
if (crypto_seed_rng() < 0)
@@ -137,6 +137,16 @@ crypto_global_cleanup(void)
/** Run operations that the crypto library requires to be happy again
* after forking. */
void
+crypto_prefork(void)
+{
+#ifdef ENABLE_NSS
+ crypto_nss_prefork();
+#endif
+}
+
+/** Run operations that the crypto library requires to be happy again
+ * after forking. */
+void
crypto_postfork(void)
{
#ifdef ENABLE_NSS
diff --git a/src/lib/crypt_ops/crypto_init.h b/src/lib/crypt_ops/crypto_init.h
index 05b281720c..5b6d65d48c 100644
--- a/src/lib/crypt_ops/crypto_init.h
+++ b/src/lib/crypt_ops/crypto_init.h
@@ -24,6 +24,7 @@ int crypto_global_init(int hardwareAccel,
void crypto_thread_cleanup(void);
int crypto_global_cleanup(void);
+void crypto_prefork(void);
void crypto_postfork(void);
const char *crypto_get_library_name(void);
diff --git a/src/lib/crypt_ops/crypto_nss_mgt.c b/src/lib/crypt_ops/crypto_nss_mgt.c
index 187f556bd2..a1da74aff5 100644
--- a/src/lib/crypt_ops/crypto_nss_mgt.c
+++ b/src/lib/crypt_ops/crypto_nss_mgt.c
@@ -50,10 +50,12 @@ nss_password_func_always_fail(PK11SlotInfo *slot,
}
void
-crypto_nss_early_init(void)
+crypto_nss_early_init(int nss_only)
{
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
- PK11_SetPasswordFunc(nss_password_func_always_fail);
+ if (! nss_only) {
+ PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
+ PK11_SetPasswordFunc(nss_password_func_always_fail);
+ }
/* Eventually we should use NSS_Init() instead -- but that wants a
directory. The documentation says that we can't use this if we want
@@ -113,11 +115,18 @@ void
crypto_nss_global_cleanup(void)
{
NSS_Shutdown();
+ PL_ArenaFinish();
+ PR_Cleanup();
+}
+
+void
+crypto_nss_prefork(void)
+{
+ NSS_Shutdown();
}
void
crypto_nss_postfork(void)
{
- crypto_nss_global_cleanup();
- crypto_nss_early_init();
+ crypto_nss_early_init(1);
}
diff --git a/src/lib/crypt_ops/crypto_nss_mgt.h b/src/lib/crypt_ops/crypto_nss_mgt.h
index c4c94f4d89..27793dcc45 100644
--- a/src/lib/crypt_ops/crypto_nss_mgt.h
+++ b/src/lib/crypt_ops/crypto_nss_mgt.h
@@ -22,11 +22,12 @@ const char *crypto_nss_get_header_version_str(void);
void crypto_nss_log_errors(int severity, const char *doing);
-void crypto_nss_early_init(void);
+void crypto_nss_early_init(int nss_only);
int crypto_nss_late_init(void);
void crypto_nss_global_cleanup(void);
+void crypto_nss_prefork(void);
void crypto_nss_postfork(void);
#endif
diff --git a/src/test/testing_common.c b/src/test/testing_common.c
index 17a0756803..42b5190ca0 100644
--- a/src/test/testing_common.c
+++ b/src/test/testing_common.c
@@ -223,11 +223,17 @@ an_assertion_failed(void)
tinytest_set_test_failed_();
}
+void tinytest_prefork(void);
void tinytest_postfork(void);
void
-tinytest_postfork(void)
+tinytest_prefork(void)
{
free_pregenerated_keys();
+ crypto_prefork();
+}
+void
+tinytest_postfork(void)
+{
crypto_postfork();
init_pregenerated_keys();
}