max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2025-02-07 18:57:19 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move OpenSSL init to initLibUtil

Browse source 
Part of an effort to make it easier to initialize the right things,
by moving code into the appropriate libraries.
This commit is contained in:
Robert Hensing 2023-02-01 13:34:32 +01:00
parent 0746951be1
commit 6e0b7109ab
4 changed files with 31 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
src/libmain/shared.cc
View file

@ -115,22 +115,6 @@ std::string getArg(const std::string & opt,
return *i; return *i;
} }
#if OPENSSL_VERSION_NUMBER < 0x10101000L
/* OpenSSL is not thread-safe by default - it will randomly crash
unless the user supplies a mutex locking function. So let's do
that. */
static std::vector<std::mutex> opensslLocks;
static void opensslLockCallback(int mode, int type, const char * file, int line)
{
if (mode & CRYPTO_LOCK)
opensslLocks[type].lock();
else
opensslLocks[type].unlock();
}
#endif
static std::once_flag dns_resolve_flag; static std::once_flag dns_resolve_flag;
static void preloadNSS() { static void preloadNSS() {
@ -177,11 +161,7 @@ void initNix()
std::cerr.rdbuf()->pubsetbuf(buf, sizeof(buf)); std::cerr.rdbuf()->pubsetbuf(buf, sizeof(buf));
#endif #endif
#if OPENSSL_VERSION_NUMBER < 0x10101000L initLibUtil();
/* Initialise OpenSSL locking. */
opensslLocks = std::vector<std::mutex>(CRYPTO_num_locks());
CRYPTO_set_locking_callback(opensslLockCallback);
#endif
if (sodium_init() == -1) if (sodium_init() == -1)
throw Error("could not initialise libsodium"); throw Error("could not initialise libsodium");

23
src/libutil/hash.cc
View file

@ -1,6 +1,7 @@
#include <iostream> #include <iostream>
#include <cstring> #include <cstring>
#include <openssl/crypto.h>
#include <openssl/md5.h> #include <openssl/md5.h>
#include <openssl/sha.h> #include <openssl/sha.h>
@ -16,6 +17,28 @@
namespace nix { namespace nix {
#if OPENSSL_VERSION_NUMBER < 0x10101000L
/* OpenSSL is not thread-safe by default - it will randomly crash
unless the user supplies a mutex locking function. So let's do
that. */
static std::vector<std::mutex> opensslLocks;
static void opensslLockCallback(int mode, int type, const char * file, int line)
{
if (mode & CRYPTO_LOCK)
opensslLocks[type].lock();
else
opensslLocks[type].unlock();
}
#endif
void initOpenSSL() {
#if OPENSSL_VERSION_NUMBER < 0x10101000L
/* Initialise OpenSSL locking. */
opensslLocks = std::vector<std::mutex>(CRYPTO_num_locks());
CRYPTO_set_locking_callback(opensslLockCallback);
#endif
}
static size_t regularHashSize(HashType type) { static size_t regularHashSize(HashType type) {
switch (type) { switch (type) {

4
src/libutil/util.cc
View file

@ -47,6 +47,10 @@ extern char * * environ __attribute__((weak));
namespace nix { namespace nix {
void initLibUtil() {
initOpenSSL();
}
std::optional<std::string> getEnv(const std::string & key) std::optional<std::string> getEnv(const std::string & key)
{ {
char * value = getenv(key.c_str()); char * value = getenv(key.c_str());

3
src/libutil/util.hh
View file

@ -32,6 +32,9 @@ namespace nix {
struct Sink; struct Sink;
struct Source; struct Source;
void initLibUtil();
void initOpenSSL();
/** /**
* The system for which Nix is compiled. * The system for which Nix is compiled.