Bug 1558056 - Exit tlsserver when parent process died. r=keeler

Differential Revision: https://phabricator.services.mozilla.com/D34288 --HG-- extra : moz-landing-system : lando
2019-06-12 23:19:45 +00:00 · 2019-06-12 23:19:45 +00:00 · af5c37e3a4
--- a/security/manager/ssl/tests/unit/head_psm.js
+++ b/security/manager/ssl/tests/unit/head_psm.js
@ -572,7 +572,7 @@ function _setupTLSServerTest(serverBinName, certsPath, addDefaultRoot) {
  certDir.append(`${certsPath}`);
  Assert.ok(certDir.exists(), `certificate folder (${certsPath}) should exist`);
  // Using "sql:" causes the SQL DB to be used so we can run tests on Android.
-  process.run(false, [ "sql:" + certDir.path ], 1);
+  process.run(false, [ "sql:" + certDir.path, Services.appinfo.processID ], 2);

  registerCleanupFunction(function() {
    process.kill();
--- a/security/manager/ssl/tests/unit/tlsserver/cmd/BadCertServer.cpp
+++ b/security/manager/ssl/tests/unit/tlsserver/cmd/BadCertServer.cpp
@ -132,10 +132,5 @@ int32_t DoSNISocketConfig(PRFileDesc* aFd, const SECItem* aSrvNameArr,
 }

 int main(int argc, char* argv[]) {
-  if (argc != 2) {
-    fprintf(stderr, "usage: %s <NSS DB directory>\n", argv[0]);
-    return 1;
-  }
-
-  return StartServer(argv[1], DoSNISocketConfig, nullptr);
+  return StartServer(argc, argv, DoSNISocketConfig, nullptr);
 }
--- a/security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp
+++ b/security/manager/ssl/tests/unit/tlsserver/cmd/OCSPStaplingServer.cpp
@ -149,10 +149,5 @@ int32_t DoSNISocketConfig(PRFileDesc* aFd, const SECItem* aSrvNameArr,
 }

 int main(int argc, char* argv[]) {
-  if (argc != 2) {
-    fprintf(stderr, "usage: %s <NSS DB directory>\n", argv[0]);
-    return 1;
-  }
-
-  return StartServer(argv[1], DoSNISocketConfig, nullptr);
+  return StartServer(argc, argv, DoSNISocketConfig, nullptr);
 }
--- a/security/manager/ssl/tests/unit/tlsserver/cmd/SymantecSanctionsServer.cpp
+++ b/security/manager/ssl/tests/unit/tlsserver/cmd/SymantecSanctionsServer.cpp
@ -83,10 +83,5 @@ int32_t DoSNISocketConfig(PRFileDesc* aFd, const SECItem* aSrvNameArr,
 }

 int main(int argc, char* argv[]) {
-  if (argc != 2) {
-    fprintf(stderr, "usage: %s <NSS DB directory>\n", argv[0]);
-    return 1;
-  }
-
-  return StartServer(argv[1], DoSNISocketConfig, nullptr);
+  return StartServer(argc, argv, DoSNISocketConfig, nullptr);
 }
--- a/security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.cpp
+++ b/security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.cpp
@ -6,7 +6,13 @@

 #include <stdio.h>
 #include <string>
+#include <thread>
 #include <vector>
+#ifdef XP_WIN
+#  include <windows.h>
+#else
+#  include <unistd.h>
+#endif

 #include "base64.h"
 #include "mozilla/Move.h"
@ -464,8 +470,37 @@ SECStatus ConfigSecureServerWithNamedCert(
  return SECSuccess;
 }

-int StartServer(const char* nssCertDBDir, SSLSNISocketConfig sniSocketConfig,
+#ifdef XP_WIN
+using PidType = DWORD;
+constexpr bool IsValidPid(long long pid) {
+  // Excluding `(DWORD)-1` because it is not a valid process ID.
+  // See https://devblogs.microsoft.com/oldnewthing/20040223-00/?p=40503
+  return pid > 0 && pid < std::numeric_limits<PidType>::max();
+}
+#else
+using PidType = pid_t;
+constexpr bool IsValidPid(long long pid) {
+  return pid > 0 && pid <= std::numeric_limits<PidType>::max();
+}
+#endif
+
+PidType ConvertPid(const char* pidStr) {
+  long long pid = strtoll(pidStr, nullptr, 10);
+  if (!IsValidPid(pid)) {
+    return 0;
+  }
+  return static_cast<PidType>(pid);
+}
+
+int StartServer(int argc, char* argv[], SSLSNISocketConfig sniSocketConfig,
                void* sniSocketConfigArg) {
+  if (argc != 3) {
+    fprintf(stderr, "usage: %s <NSS DB directory> <ppid>\n", argv[0]);
+    return 1;
+  }
+  const char* nssCertDBDir = argv[1];
+  PidType ppid = ConvertPid(argv[2]);
+
  const char* debugLevel = PR_GetEnv("MOZ_TLS_SERVER_DEBUG_LEVEL");
  if (debugLevel) {
    int level = atoi(debugLevel);
@ -560,6 +595,34 @@ int StartServer(const char* nssCertDBDir, SSLSNISocketConfig sniSocketConfig,
    }
  }

+  std::thread([ppid] {
+    if (!ppid) {
+      if (gDebugLevel >= DEBUG_ERRORS) {
+        fprintf(stderr, "invalid ppid\n");
+      }
+      return;
+    }
+#ifdef XP_WIN
+    HANDLE parent = OpenProcess(SYNCHRONIZE, false, ppid);
+    if (!parent) {
+      if (gDebugLevel >= DEBUG_ERRORS) {
+        fprintf(stderr, "OpenProcess failed\n");
+      }
+      return;
+    }
+    WaitForSingleObject(parent, INFINITE);
+    CloseHandle(parent);
+#else
+    while (getppid() == ppid) {
+      sleep(1);
+    }
+#endif
+    if (gDebugLevel >= DEBUG_ERRORS) {
+      fprintf(stderr, "Parent process crashed\n");
+    }
+    exit(1);
+  }).detach();
+
  while (true) {
    PRNetAddr clientAddr;
    PRFileDesc* clientSocket =
--- a/security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.h
+++ b/security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.h
@ -48,7 +48,7 @@ SECStatus ConfigSecureServerWithNamedCert(

 SECStatus InitializeNSS(const char* nssCertDBDir);

-int StartServer(const char* nssCertDBDir, SSLSNISocketConfig sniSocketConfig,
+int StartServer(int argc, char* argv[], SSLSNISocketConfig sniSocketConfig,
                void* sniSocketConfigArg);

 template <typename Host>