From ec4e7a63d54cd8cc82069954a2f70e97d986457f Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Mon, 1 Nov 2010 20:36:17 +0000
Subject: [PATCH] pull up r24470 from trunk

 ------------------------------------------------------------------------
 r24470 | ghudson | 2010-10-22 20:38:17 -0400 (Fri, 22 Oct 2010) | 10 lines

 ticket: 6810
 subject: Better	libk5crypto NSS	fork safety
 target_version:	1.9
 tags: pullup

 Use SECMOD_RestartModules() from the forthcoming NSS 3.12.9 release to
 make the libk5crypto back end work after a fork.  Add a test program
 to exercise fork detection in the NSS back end.  Add a configure-time
 version check to ensure that we're using NSS 3.12.9 or later.

ticket: 6810
version_fixed: 1.9
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24495 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/configure.in                          |  21 +++-
 src/lib/crypto/crypto_tests/Makefile.in   |   9 +-
 src/lib/crypto/crypto_tests/t_fork.c      | 111 ++++++++++++++++++++++
 src/lib/crypto/nss/enc_provider/enc_gen.c |  10 +-
 4 files changed, 141 insertions(+), 10 deletions(-)
 create mode 100644 src/lib/crypto/crypto_tests/t_fork.c

diff --git a/src/configure.in b/src/configure.in
index 8d6bb8277..57b825229 100644
--- a/src/configure.in
+++ b/src/configure.in
@@ -123,8 +123,6 @@ AC_HELP_STRING([--with-crypto-impl=IMPL], [use specified crypto implementation @
 [CRYPTO_IMPL=$withval
 AC_MSG_RESULT("k5crypto will use \'$withval\'")
 ], withval=builtin)
-CRYPTO_IMPL_LIBS=
-CRYPTO_IMPL_CFLAGS=
 case "$withval" in
 builtin)
   ;;
@@ -132,9 +130,24 @@ openssl)
   AC_CHECK_LIB(crypto, PKCS7_get_signer_info)
   ;;
 nss)
-  CRYPTO_IMPL_CFLAGS=`pkg-config --cflags nss`
-  CRYPTO_IMPL_LIBS="-lnss3 $(pkg-config --libs nss-util)"
+  if test "${CRYPTO_IMPL_CFLAGS+set}" != set; then
+    CRYPTO_IMPL_CFLAGS=`pkg-config --cflags nss`
+  fi
+  if test "${CRYPTO_IMPL_LIBS+set}" != set; then
+    CRYPTO_IMPL_LIBS="-lnss3 $(pkg-config --libs nss-util)"
+  fi
   AC_DEFINE(CRYPTO_IMPL_NSS,1,[Define if crypto implementation is NSS])
+  save_CFLAGS=$CFLAGS
+  CFLAGS="$CFLAGS $CRYPTO_IMPL_CFLAGS"
+  AC_COMPILE_IFELSE([
+#include <nss.h>
+#if NSS_VMAJOR < 3 || (NSS_VMAJOR == 3 && NSS_VMINOR < 12)
+#error
+#elif NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH < 9
+#error
+#endif
+  ], [], [AC_MSG_ERROR([NSS version 3.12.9 or later required.])])
+  CFLAGS=$save_CFLAGS
   ;;
 *)
   AC_MSG_ERROR([Unknown crypto implementation $withval])
diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in
index 40065f1fd..158972bbe 100644
--- a/src/lib/crypto/crypto_tests/Makefile.in
+++ b/src/lib/crypto/crypto_tests/Makefile.in
@@ -33,6 +33,7 @@ EXTRADEPSRCS=\
 	$(srcdir)/t_kperf.c	\
 	$(srcdir)/t_short.c	\
 	$(srcdir)/t_str2key.c	\
+	$(srcdir)/t_fork.c	\
 	$(srcdir)/ytest.c	
 
 ##DOSBUILDTOP = ..\..\..
@@ -54,7 +55,7 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \
 		aes-test  \
 		camellia-test  \
 		t_mddriver4 t_mddriver \
-		t_crc t_cts t_short t_str2key t_camellia_ccm
+		t_crc t_cts t_short t_str2key t_fork t_camellia_ccm
 	$(RUN_SETUP) $(VALGRIND) ./t_nfold
 	$(RUN_SETUP) $(VALGRIND) ./t_encrypt
 	$(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output
@@ -80,6 +81,7 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \
 	$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver -x
 	$(RUN_SETUP) $(VALGRIND) ./t_short
 	$(RUN_SETUP) $(VALGRIND) ./t_str2key
+	$(RUN_SETUP) $(VALGRIND) ./t_fork
 	$(RUN_SETUP) $(VALGRIND) ./t_camellia_ccm
 
 
@@ -158,6 +160,9 @@ t_kperf: t_kperf.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB)
 t_str2key$(EXEEXT): t_str2key.$(OBJEXT) $(SUPPORT_DEPLIB)
 	$(CC_LINK) -o $@ t_str2key.$(OBJEXT)  -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
 
+t_fork$(EXEEXT): t_fork.$(OBJEXT) $(SUPPORT_DEPLIB)
+	$(CC_LINK) -o $@ t_fork.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
+
 t_camellia_ccm$(EXEEXT): t_camellia_ccm.$(OBJEXT) $(SUPPORT_DEPLIB)
 	$(CC_LINK) -o $@ t_camellia_ccm.$(OBJEXT)  -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
 
@@ -176,7 +181,7 @@ clean::
 		t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \
 		t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o \
 		t_kperf.o t_kperf t_short t_short.o t_str2key t_str2key.o \
-		t_camellia_ccm t_camellia_ccm.o \
+		t_fork t_fork.o t_camellia_ccm t_camellia_ccm.o \
 		t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT)
 
 	-$(RM) t_prng.output
diff --git a/src/lib/crypto/crypto_tests/t_fork.c b/src/lib/crypto/crypto_tests/t_fork.c
new file mode 100644
index 000000000..3a57cb4e0
--- /dev/null
+++ b/src/lib/crypto/crypto_tests/t_fork.c
@@ -0,0 +1,111 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* lib/crypto/crypto_tests/t_fork.c */
+/*
+ * Copyright (C) 2010 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+/*
+ * Test basic libk5crypto behavior across forks.  This is primarily interesting
+ * for back ends with PKCS11-based constraints, such as the NSS back end.
+ */
+
+#include "k5-int.h"
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+static krb5_context ctx;
+
+static void
+t(krb5_error_code code)
+{
+    if (code != 0) {
+	fprintf(stderr, "Failure: %s\n", krb5_get_error_message(ctx, code));
+	exit(1);
+    }
+}
+
+static void
+prepare_enc_data(krb5_key key, size_t in_len, krb5_enc_data *enc_data)
+{
+    size_t out_len;
+
+    t(krb5_c_encrypt_length(ctx, key->keyblock.enctype, in_len, &out_len));
+    t(alloc_data(&enc_data->ciphertext, out_len));
+}
+
+int
+main()
+{
+    krb5_error_code ret;
+    krb5_keyblock kb_aes, kb_rc4;
+    krb5_key key_aes, key_rc4;
+    krb5_data state_rc4, plain = string2data("plain"), decrypted;
+    krb5_enc_data out_aes, out_rc4;
+    pid_t pid;
+    int status;
+
+    /* Create AES and RC4 ciphertexts with random keys.  Use cipher state for
+     * RC4. */
+    t(krb5_init_context(&ctx));
+    t(krb5_c_make_random_key(ctx, ENCTYPE_AES256_CTS_HMAC_SHA1_96, &kb_aes));
+    t(krb5_c_make_random_key(ctx, ENCTYPE_ARCFOUR_HMAC, &kb_rc4));
+    t(krb5_k_create_key(ctx, &kb_aes, &key_aes));
+    t(krb5_k_create_key(ctx, &kb_rc4, &key_rc4));
+    prepare_enc_data(key_aes, plain.length, &out_aes);
+    prepare_enc_data(key_aes, plain.length, &out_rc4);
+    t(krb5_c_init_state(ctx, &kb_rc4, 0, &state_rc4));
+    t(krb5_k_encrypt(ctx, key_aes, 0, NULL, &plain, &out_aes));
+    t(krb5_k_encrypt(ctx, key_rc4, 0, &state_rc4, &plain, &out_rc4));
+
+    /* Fork; continue in both parent and child. */
+    pid = fork();
+    assert(pid >= 0);
+
+    /* Decrypt the AES message with both key and keyblock. */
+    t(alloc_data(&decrypted, plain.length));
+    t(krb5_k_decrypt(ctx, key_aes, 0, NULL, &out_aes, &decrypted));
+    assert(data_eq(plain, decrypted));
+    t(krb5_c_decrypt(ctx, &kb_aes, 0, NULL, &out_aes, &decrypted));
+    assert(data_eq(plain, decrypted));
+
+    /*
+     * Encrypt another RC4 message.  This may fail because RC4 cipher state in
+     * the NSS back end includes a PKCS11 handle which won't work across forks,
+     * but make sure it fails in the expected manner.
+     */
+    ret = krb5_k_encrypt(ctx, key_rc4, 0, &state_rc4, &plain, &out_rc4);
+    assert(ret == 0 || ret == EINVAL);
+    t(krb5_c_free_state(ctx, &kb_rc4, &state_rc4));
+
+    /* If we're the parent, make sure the child succeeded. */
+    if (pid != 0) {
+	assert(wait(&status) == pid);
+	if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
+	    fprintf(stderr, "Child failed with status %d\n", status);
+	    return 1;
+	}
+    }
+
+    return 0;
+}
diff --git a/src/lib/crypto/nss/enc_provider/enc_gen.c b/src/lib/crypto/nss/enc_provider/enc_gen.c
index 3edf3fc72..6bdf1d0f9 100644
--- a/src/lib/crypto/nss/enc_provider/enc_gen.c
+++ b/src/lib/crypto/nss/enc_provider/enc_gen.c
@@ -39,6 +39,7 @@
 #include "rand2key.h"
 #include "aead.h"
 #include "seccomon.h"
+#include "secmod.h"
 #include "pk11pub.h"
 #include "nss.h"
 
@@ -111,14 +112,15 @@ k5_nss_init(void)
         /* Do nothing if the existing context is still good. */
         if (k5_nss_pid == pid)
             goto cleanup;
-
-        /* We've forked since the last init, and need to reinitialize. */
-        rv = NSS_ShutdownContext(k5_nss_ctx);
-        k5_nss_ctx = NULL;
+        /* The caller has forked.  Restart the NSS modules.  This will
+         * invalidate all of our PKCS11 handles, which we're prepared for. */
+        rv = SECMOD_RestartModules(TRUE);
         if (rv != SECSuccess) {
             ret = k5_nss_map_last_error();
             goto cleanup;
         }
+        k5_nss_pid = pid;
+        goto cleanup;
     }
     k5_nss_ctx = NSS_InitContext(NSS_KRB5_CONFIGDIR, "", "", "", NULL, flags);
     if (k5_nss_ctx == NULL) {
-- 
2.26.2