From 4caeefaf004c1a4fdd67485f0328a6741a9640fb Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Wed, 4 Sep 2019 14:06:52 +0200
Subject: [PATCH] Revert "Remove obsolete OpenSSL locking code"

This reverts commit aeb695c0074b52772057b36f442a054f8d1a856d.
---
 src/libmain/shared.cc | 20 ++++++++++++++++++++
 src/libutil/hash.cc   |  4 ----
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc
index 910549583..0afddfb78 100644
--- a/src/libmain/shared.cc
+++ b/src/libmain/shared.cc
@@ -15,6 +15,8 @@
 #include <unistd.h>
 #include <signal.h>
 
+#include <openssl/crypto.h>
+
 
 namespace nix {
 
@@ -78,6 +80,20 @@ string getArg(const string & opt,
 }
 
 
+/* OpenSSL is not thread-safe by default - it will randomly crash
+   unless the user supplies a mutex locking function. So let's do
+   that. */
+static std::vector<std::mutex> opensslLocks;
+
+static void opensslLockCallback(int mode, int type, const char * file, int line)
+{
+    if (mode & CRYPTO_LOCK)
+        opensslLocks[type].lock();
+    else
+        opensslLocks[type].unlock();
+}
+
+
 static void sigHandler(int signo) { }
 
 
@@ -89,6 +105,10 @@ void initNix()
     std::cerr.rdbuf()->pubsetbuf(buf, sizeof(buf));
 #endif
 
+    /* Initialise OpenSSL locking. */
+    opensslLocks = std::vector<std::mutex>(CRYPTO_num_locks());
+    CRYPTO_set_locking_callback(opensslLockCallback);
+
     loadConfFile();
 
     startSignalHandlerThread();
diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc
index 362c537fe..1c14ebb18 100644
--- a/src/libutil/hash.cc
+++ b/src/libutil/hash.cc
@@ -13,10 +13,6 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 
-#if OPENSSL_VERSION_NUMBER < 0x10101000L
-#error "Unsupported version of OpenSSL, you need at least 1.1.1"
-#endif
-
 namespace nix {