From 6e0b7109abb40ded327b15599b29f861d9acb3c9 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 1 Feb 2023 13:34:32 +0100 Subject: [PATCH] Move OpenSSL init to initLibUtil Part of an effort to make it easier to initialize the right things, by moving code into the appropriate libraries. --- src/libmain/shared.cc | 22 +--------------------- src/libutil/hash.cc | 23 +++++++++++++++++++++++ src/libutil/util.cc | 4 ++++ src/libutil/util.hh | 3 +++ 4 files changed, 31 insertions(+), 21 deletions(-) diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index 37664c065..2ed310cba 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -115,22 +115,6 @@ std::string getArg(const std::string & opt, return *i; } - -#if OPENSSL_VERSION_NUMBER < 0x10101000L -/* OpenSSL is not thread-safe by default - it will randomly crash - unless the user supplies a mutex locking function. So let's do - that. */ -static std::vector opensslLocks; - -static void opensslLockCallback(int mode, int type, const char * file, int line) -{ - if (mode & CRYPTO_LOCK) - opensslLocks[type].lock(); - else - opensslLocks[type].unlock(); -} -#endif - static std::once_flag dns_resolve_flag; static void preloadNSS() { @@ -177,11 +161,7 @@ void initNix() std::cerr.rdbuf()->pubsetbuf(buf, sizeof(buf)); #endif -#if OPENSSL_VERSION_NUMBER < 0x10101000L - /* Initialise OpenSSL locking. */ - opensslLocks = std::vector(CRYPTO_num_locks()); - CRYPTO_set_locking_callback(opensslLockCallback); -#endif + initLibUtil(); if (sodium_init() == -1) throw Error("could not initialise libsodium"); diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc index 5735e4715..9df8bcfb4 100644 --- a/src/libutil/hash.cc +++ b/src/libutil/hash.cc @@ -1,6 +1,7 @@ #include #include +#include #include #include @@ -16,6 +17,28 @@ namespace nix { +#if OPENSSL_VERSION_NUMBER < 0x10101000L +/* OpenSSL is not thread-safe by default - it will randomly crash + unless the user supplies a mutex locking function. So let's do + that. */ +static std::vector opensslLocks; + +static void opensslLockCallback(int mode, int type, const char * file, int line) +{ + if (mode & CRYPTO_LOCK) + opensslLocks[type].lock(); + else + opensslLocks[type].unlock(); +} +#endif + +void initOpenSSL() { +#if OPENSSL_VERSION_NUMBER < 0x10101000L + /* Initialise OpenSSL locking. */ + opensslLocks = std::vector(CRYPTO_num_locks()); + CRYPTO_set_locking_callback(opensslLockCallback); +#endif +} static size_t regularHashSize(HashType type) { switch (type) { diff --git a/src/libutil/util.cc b/src/libutil/util.cc index 843a10eab..0099f7ebc 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -47,6 +47,10 @@ extern char * * environ __attribute__((weak)); namespace nix { +void initLibUtil() { + initOpenSSL(); +} + std::optional getEnv(const std::string & key) { char * value = getenv(key.c_str()); diff --git a/src/libutil/util.hh b/src/libutil/util.hh index 56160baaf..783a4a601 100644 --- a/src/libutil/util.hh +++ b/src/libutil/util.hh @@ -32,6 +32,9 @@ namespace nix { struct Sink; struct Source; +void initLibUtil(); + +void initOpenSSL(); /** * The system for which Nix is compiled.