2 files changed, 6 insertions, 9 deletions

diff --git a/irc.c b/irc.c
index 187004c7..f864e31b 100644
--- a/irc.c
+++ b/irc.c
@@ -26,6 +26,7 @@
 #include "bitlbee.h"
 #include "ipc.h"
 #include "dcc.h"
+#include "lib/ssl_client.h"
 
 GSList *irc_connection_list;
 GSList *irc_plugins;
@@ -170,6 +171,11 @@ irc_t *irc_new( int fd )
 #ifdef WITH_PURPLE
 	nogaim_init();
 #endif
+
+	/* SSL library initialization also should be done after the fork, to
+	   avoid shared CSPRNG state. This is required by NSS, which refuses to
+	   work if a fork is detected */
+	ssl_init();
 	
 	for( l = irc_plugins; l; l = l->next )
 	{
diff --git a/unix.c b/unix.c
index 1ea24af9..329b33c3 100644
--- a/unix.c
+++ b/unix.c
@@ -31,7 +31,6 @@
 #include "protocols/nogaim.h"
 #include "help.h"
 #include "ipc.h"
-#include "lib/ssl_client.h"
 #include "md5.h"
 #include "misc.h"
 #include <signal.h>
@@ -81,17 +80,9 @@ int main( int argc, char *argv[] )
 	nogaim_init();
 #endif
 	
- 	/* Ugly Note: libotr and gnutls both use libgcrypt. libgcrypt
- 	   has a process-global config state whose initialization happpens
- 	   twice if libotr and gnutls are used together. libotr installs custom
- 	   memory management functions for libgcrypt while our gnutls module
- 	   uses the defaults. Therefore we initialize OTR after SSL. *sigh* */
- 	ssl_init();
 #ifdef OTR_BI
  	otr_init();
 #endif
-	/* And in case OTR is loaded as a plugin, it'll also get loaded after
-	   this point. */
 	
 	srand( time( NULL ) ^ getpid() );