Require openssl >= 1.1.1

Versions older this are sufficiently old that we don't want to support
them, and they require extra support code.

configure.ac

@@ -184,7 +184,7 @@ fi
 
 # Look for OpenSSL, a required dependency. FIXME: this is only (maybe)
 # used by S3BinaryCacheStore.
-PKG_CHECK_MODULES([OPENSSL], [libcrypto], [CXXFLAGS="$OPENSSL_CFLAGS $CXXFLAGS"])
+PKG_CHECK_MODULES([OPENSSL], [libcrypto >= 1.1.1], [CXXFLAGS="$OPENSSL_CFLAGS $CXXFLAGS"])
 
 
 # Look for libarchive.

src/libutil/hash.cc

@@ -17,29 +17,6 @@
 
 namespace nix {
 
-#if OPENSSL_VERSION_NUMBER < 0x10101000L
-/* OpenSSL is not thread-safe by default - it will randomly crash
-   unless the user supplies a mutex locking function. So let's do
-   that. */
-static std::vector<std::mutex> opensslLocks;
-
-static void opensslLockCallback(int mode, int type, const char * file, int line)
-{
-    if (mode & CRYPTO_LOCK)
-        opensslLocks[type].lock();
-    else
-        opensslLocks[type].unlock();
-}
-#endif
-
-void initOpenSSL() {
-#if OPENSSL_VERSION_NUMBER < 0x10101000L
-    /* Initialise OpenSSL locking. */
-    opensslLocks = std::vector<std::mutex>(CRYPTO_num_locks());
-    CRYPTO_set_locking_callback(opensslLockCallback);
-#endif
-}
-
 static size_t regularHashSize(HashType type) {
     switch (type) {
     case htMD5: return md5HashSize;

src/libutil/util.cc

@@ -48,7 +48,6 @@ extern char * * environ __attribute__((weak));
 namespace nix {
 
 void initLibUtil() {
-    initOpenSSL();
 }
 
 std::optional<std::string> getEnv(const std::string & key)

src/libutil/util.hh

@@ -34,8 +34,6 @@ struct Source;
 
 void initLibUtil();
 
-void initOpenSSL();
-
 /**
  * The system for which Nix is compiled.
  */