diff options
author | Matt Caswell <matt@openssl.org> | 2016-04-04 16:28:58 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-04-13 09:52:33 +0200 |
commit | 22c84afa773559279af928652a2d9f3489cc7d73 (patch) | |
tree | 60c93f35edc2423b771f049fba284c14b5a46499 | |
parent | Deprecate BIO_sock_cleanup() and make it a no-op (diff) | |
download | openssl-22c84afa773559279af928652a2d9f3489cc7d73.tar.xz openssl-22c84afa773559279af928652a2d9f3489cc7d73.zip |
Deprecate EVP_cleanup() and make it a no-op
EVP_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | crypto/evp/names.c | 2 | ||||
-rw-r--r-- | crypto/include/internal/evp_int.h | 1 | ||||
-rw-r--r-- | crypto/init.c | 4 | ||||
-rw-r--r-- | crypto/objects/obj_dat.c | 4 | ||||
-rw-r--r-- | doc/crypto/EVP_DigestInit.pod | 2 | ||||
-rw-r--r-- | doc/crypto/OpenSSL_add_all_algorithms.pod | 43 | ||||
-rw-r--r-- | include/openssl/evp.h | 11 |
7 files changed, 48 insertions, 19 deletions
diff --git a/crypto/evp/names.c b/crypto/evp/names.c index 2a5606b040..22c725d060 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -128,7 +128,7 @@ const EVP_MD *EVP_get_digestbyname(const char *name) return (cp); } -void EVP_cleanup(void) +void evp_cleanup_intern(void) { OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH); OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH); diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h index f5811c1d10..972f58994d 100644 --- a/crypto/include/internal/evp_int.h +++ b/crypto/include/internal/evp_int.h @@ -422,3 +422,4 @@ struct evp_pkey_st { void openssl_add_all_ciphers_internal(void); void openssl_add_all_digests_internal(void); +void evp_cleanup_intern(void); diff --git a/crypto/init.c b/crypto/init.c index 2d50d4deb8..dc24c02693 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -466,7 +466,7 @@ void OPENSSL_cleanup(void) fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " "bio_sock_cleanup_intern()\n"); fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "EVP_cleanup()\n"); + "evp_cleanup_intern()\n"); fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " "OBJ_cleanup()\n"); #endif @@ -488,7 +488,7 @@ void OPENSSL_cleanup(void) #ifndef OPENSSL_NO_SOCK bio_sock_cleanup_intern(); #endif - EVP_cleanup(); + evp_cleanup_intern(); OBJ_cleanup(); base_inited = 0; } diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 82b44949b2..21b4187a25 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -199,8 +199,8 @@ static void cleanup3_doall(ADDED_OBJ *a) } /* - * The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting to - * use freed up OIDs. If necessary the actual freeing up of OIDs is delayed. + * The purpose of obj_cleanup_defer is to avoid evp_cleanup_intern() attempting + * to use freed up OIDs. If necessary the actual freeing up of OIDs is delayed. */ int obj_cleanup_defer = 0; diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod index 94c4d19d29..7ce569540f 100644 --- a/doc/crypto/EVP_DigestInit.pod +++ b/doc/crypto/EVP_DigestInit.pod @@ -236,8 +236,6 @@ digest name passed on the command line. printf("%02x", md_value[i]); printf("\n"); - /* Call this once before exit. */ - EVP_cleanup(); exit(0); } diff --git a/doc/crypto/OpenSSL_add_all_algorithms.pod b/doc/crypto/OpenSSL_add_all_algorithms.pod index b107155a3a..78fe12aa3f 100644 --- a/doc/crypto/OpenSSL_add_all_algorithms.pod +++ b/doc/crypto/OpenSSL_add_all_algorithms.pod @@ -9,16 +9,44 @@ add algorithms to internal table #include <openssl/evp.h> - void OpenSSL_add_all_algorithms(void); - void OpenSSL_add_all_ciphers(void); - void OpenSSL_add_all_digests(void); - - void EVP_cleanup(void); +Deprecated: + + # if OPENSSL_API_COMPAT < 0x10100000L + # define OPENSSL_add_all_algorithms_conf() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ + | OPENSSL_INIT_ADD_ALL_DIGESTS \ + | OPENSSL_INIT_LOAD_CONFIG, NULL) + # define OPENSSL_add_all_algorithms_noconf() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ + | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) + + # ifdef OPENSSL_LOAD_CONF + # define OpenSSL_add_all_algorithms() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ + | OPENSSL_INIT_ADD_ALL_DIGESTS \ + | OPENSSL_INIT_LOAD_CONFIG, NULL) + # else + # define OpenSSL_add_all_algorithms() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ + | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) + # endif + + # define OpenSSL_add_all_ciphers() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL) + # define OpenSSL_add_all_digests() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) + + # define EVP_cleanup() +# endif =head1 DESCRIPTION OpenSSL keeps an internal table of digest algorithms and ciphers. It uses -this table to lookup ciphers via functions such as EVP_get_cipher_byname(). +this table to lookup ciphers via functions such as EVP_get_cipher_byname(). In +OpenSSL versions prior to 1.1.0 these functions initialised and de-initialised +this table. From OpenSSL 1.1.0 are deprecated. No explicit initialisation or +de-initialisation is required. See L<OPENSSL_init_crypto(3)> for further +information. OpenSSL_add_all_digests() adds all digest algorithms to the table. @@ -28,7 +56,8 @@ ciphers). OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including password based encryption algorithms. -EVP_cleanup() removes all ciphers and digests from the table. +In versions prior to 1.1.0 EVP_cleanup() removed all ciphers and digests from +the table. It no longer has any effect in OpenSSL 1.1.0. =head1 RETURN VALUES diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 25a3e6f937..2cf6f14130 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -888,11 +888,11 @@ const EVP_CIPHER *EVP_seed_ofb(void); # endif # if OPENSSL_API_COMPAT < 0x10100000L -# define OPENSSL_add_all_algorithms_conf() \ +# define OPENSSL_add_all_algorithms_conf() \ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ | OPENSSL_INIT_ADD_ALL_DIGESTS \ | OPENSSL_INIT_LOAD_CONFIG, NULL) -# define OPENSSL_add_all_algorithms_noconf() \ +# define OPENSSL_add_all_algorithms_noconf() \ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) @@ -907,10 +907,12 @@ const EVP_CIPHER *EVP_seed_ofb(void); | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) # endif -# define OpenSSL_add_all_ciphers() \ +# define OpenSSL_add_all_ciphers() \ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL) -# define OpenSSL_add_all_digests() \ +# define OpenSSL_add_all_digests() \ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) + +# define EVP_cleanup() # endif int EVP_add_cipher(const EVP_CIPHER *cipher); @@ -918,7 +920,6 @@ int EVP_add_digest(const EVP_MD *digest); const EVP_CIPHER *EVP_get_cipherbyname(const char *name); const EVP_MD *EVP_get_digestbyname(const char *name); -void EVP_cleanup(void); void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph, const char *from, const char *to, void *x), |