Add fork handlers, based on pthread_atfork

Only for Unix platforms Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3754)
author: Rich Salz <rsalz@openssl.org> 2017-06-22 14:00:06 -0400
committer: Rich Salz <rsalz@openssl.org> 2017-06-29 16:19:41 -0400
commit: 2915fe19a6676374c335d8c50eaaa4c940cf47d6 (patch)
tree: 4d959df974cc5ea075a230101ac2b95c7da23320 /crypto
parent: 5ee407460b3b68aa4695f17cf8c43e0d07cb18a8 (diff)
5 files changed, 50 insertions, 0 deletions
diff --git a/crypto/include/internal/cryptlib.h b/crypto/include/internal/cryptlib.h
index f3ec9b67b8..d2ab720d34 100644
--- a/crypto/include/internal/cryptlib.h
+++ b/crypto/include/internal/cryptlib.h
@@ -66,6 +66,7 @@ extern unsigned int OPENSSL_ia32cap_P[];
 void OPENSSL_showfatal(const char *fmta, ...);
 extern int OPENSSL_NONPIC_relocated;
 void crypto_cleanup_all_ex_data_int(void);
+int openssl_init_fork_handlers(void);
 
 int openssl_strerror_r(int errnum, char *buf, size_t buflen);
 # if !defined(OPENSSL_NO_STDIO)
diff --git a/crypto/init.c b/crypto/init.c
index e159a3dd0c..bc961718da 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -552,6 +552,10 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
             && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests))
         return 0;
 
+    if ((opts & OPENSSL_INIT_NO_ATFORK) == 0
+            && !openssl_init_fork_handlers())
+        return 0;
+
     if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
             && !RUN_ONCE(&config, ossl_init_no_config))
         return 0;
@@ -677,3 +681,28 @@ int OPENSSL_atexit(void (*handler)(void))
 
     return 1;
 }
+
+#ifdef OPENSSL_SYS_UNIX
+/*
+ * The following three functions are for OpenSSL developers.  This is
+ * where we set/reset state across fork (called via pthread_atfork when
+ * it exists, or manually by the application when it doesn't).
+ *
+ * WARNING!  If you put code in either OPENSSL_fork_parent or
+ * OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal-
+ * safe.  See this link, for example:
+ *      http://man7.org/linux/man-pages/man7/signal-safety.7.html
+ */
+
+void OPENSSL_fork_prepare(void)
+{
+}
+
+void OPENSSL_fork_parent(void)
+{
+}
+
+void OPENSSL_fork_child(void)
+{
+}
+#endif
diff --git a/crypto/threads_none.c b/crypto/threads_none.c
index 72bf25b0d5..39aadd0e98 100644
--- a/crypto/threads_none.c
+++ b/crypto/threads_none.c
@@ -121,4 +121,9 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock)
     return 1;
 }
 
+int openssl_init_fork_handlers(void)
+{
+    return 0;
+}
+
 #endif
diff --git a/crypto/threads_pthread.c b/crypto/threads_pthread.c
index 151013e470..f7c792123b 100644
--- a/crypto/threads_pthread.c
+++ b/crypto/threads_pthread.c
@@ -8,6 +8,7 @@
  */
 
 #include <openssl/crypto.h>
+#include <internal/cryptlib.h>
 
 #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG) && !defined(OPENSSL_SYS_WINDOWS)
 
@@ -168,4 +169,13 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock)
     return 1;
 }
 
+int openssl_init_fork_handlers(void)
+{
+# ifdef OPENSSL_SYS_UNIX
+    if (pthread_atfork(OPENSSL_fork_prepare,
+                       OPENSSL_fork_parent, OPENSSL_fork_child) == 0)
+        return 1;
+# endif
+    return 0;
+}
 #endif
diff --git a/crypto/threads_win.c b/crypto/threads_win.c
index 4e0de908ee..512e19f5f3 100644
--- a/crypto/threads_win.c
+++ b/crypto/threads_win.c
@@ -133,4 +133,9 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock)
     return 1;
 }
 
+int openssl_init_fork_handlers(void)
+{
+    return 0;
+}
+
 #endif
author	Rich Salz <rsalz@openssl.org>	2017-06-22 14:00:06 -0400
committer	Rich Salz <rsalz@openssl.org>	2017-06-29 16:19:41 -0400
commit	2915fe19a6676374c335d8c50eaaa4c940cf47d6 (patch)
tree	4d959df974cc5ea075a230101ac2b95c7da23320 /crypto
parent	5ee407460b3b68aa4695f17cf8c43e0d07cb18a8 (diff)