Move OpenSSL init to initLibUtil

Part of an effort to make it easier to initialize the right things,
by moving code into the appropriate libraries.

4 files changed, 31 insertions, 21 deletions

diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc
index 37664c065..2ed310cba 100644
--- a/src/libmain/shared.cc
+++ b/src/libmain/shared.cc
@@ -115,22 +115,6 @@ std::string getArg(const std::string & opt,
     return *i;
 }
 
-
-#if OPENSSL_VERSION_NUMBER < 0x10101000L
-/* OpenSSL is not thread-safe by default - it will randomly crash
-   unless the user supplies a mutex locking function. So let's do
-   that. */
-static std::vector<std::mutex> opensslLocks;
-
-static void opensslLockCallback(int mode, int type, const char * file, int line)
-{
-    if (mode & CRYPTO_LOCK)
-        opensslLocks[type].lock();
-    else
-        opensslLocks[type].unlock();
-}
-#endif
-
 static std::once_flag dns_resolve_flag;
 
 static void preloadNSS() {
@@ -177,11 +161,7 @@ void initNix()
     std::cerr.rdbuf()->pubsetbuf(buf, sizeof(buf));
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10101000L
-    /* Initialise OpenSSL locking. */
-    opensslLocks = std::vector<std::mutex>(CRYPTO_num_locks());
-    CRYPTO_set_locking_callback(opensslLockCallback);
-#endif
+    initLibUtil();
 
     if (sodium_init() == -1)
         throw Error("could not initialise libsodium");
diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc
index 5735e4715..9df8bcfb4 100644
--- a/src/libutil/hash.cc
+++ b/src/libutil/hash.cc
@@ -1,6 +1,7 @@
 #include <iostream>
 #include <cstring>
 
+#include <openssl/crypto.h>
 #include <openssl/md5.h>
 #include <openssl/sha.h>
 
@@ -16,6 +17,28 @@
 
 namespace nix {
 
+#if OPENSSL_VERSION_NUMBER < 0x10101000L
+/* OpenSSL is not thread-safe by default - it will randomly crash
+   unless the user supplies a mutex locking function. So let's do
+   that. */
+static std::vector<std::mutex> opensslLocks;
+
+static void opensslLockCallback(int mode, int type, const char * file, int line)
+{
+    if (mode & CRYPTO_LOCK)
+        opensslLocks[type].lock();
+    else
+        opensslLocks[type].unlock();
+}
+#endif
+
+void initOpenSSL() {
+#if OPENSSL_VERSION_NUMBER < 0x10101000L
+    /* Initialise OpenSSL locking. */
+    opensslLocks = std::vector<std::mutex>(CRYPTO_num_locks());
+    CRYPTO_set_locking_callback(opensslLockCallback);
+#endif
+}
 
 static size_t regularHashSize(HashType type) {
     switch (type) {
diff --git a/src/libutil/util.cc b/src/libutil/util.cc
index 843a10eab..0099f7ebc 100644
--- a/src/libutil/util.cc
+++ b/src/libutil/util.cc
@@ -47,6 +47,10 @@ extern char * * environ __attribute__((weak));
 
 namespace nix {
 
+void initLibUtil() {
+    initOpenSSL();
+}
+
 std::optional<std::string> getEnv(const std::string & key)
 {
     char * value = getenv(key.c_str());
diff --git a/src/libutil/util.hh b/src/libutil/util.hh
index 56160baaf..783a4a601 100644
--- a/src/libutil/util.hh
+++ b/src/libutil/util.hh
@@ -32,6 +32,9 @@ namespace nix {
 struct Sink;
 struct Source;
 
+void initLibUtil();
+
+void initOpenSSL();
 
 /**
  * The system for which Nix is compiled.