Document that HMAC() with a NULL md is not thread safe

Fixes #3541 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3554)
author: Matt Caswell <matt@openssl.org> 2017-05-25 15:18:22 +0100
committer: Matt Caswell <matt@openssl.org> 2017-05-25 15:35:45 +0100
commit: e6ec6773c4ad10d6b4f260b3a2086547f2153ef1 (patch)
tree: 99368c9cb29eb9c29caba1c96363b3b13b251929 /doc
parent: b9ff4ec746daafe520e36c1489a2f843401ab140 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/crypto/HMAC.pod b/doc/crypto/HMAC.pod
index 87f7e33086..219c9ba208 100644
--- a/doc/crypto/HMAC.pod
+++ b/doc/crypto/HMAC.pod
@@ -57,7 +57,8 @@ B<key_len> bytes long.
 It places the result in B<md> (which must have space for the output of
 the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
 If B<md> is NULL, the digest is placed in a static array.  The size of
-the output is placed in B<md_len>, unless it is B<NULL>.
+the output is placed in B<md_len>, unless it is B<NULL>. Note: passing a NULL
+value for B<md>  to use the static array is not thread safe.
 
 B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
author	Matt Caswell <matt@openssl.org>	2017-05-25 15:18:22 +0100
committer	Matt Caswell <matt@openssl.org>	2017-05-25 15:35:45 +0100
commit	e6ec6773c4ad10d6b4f260b3a2086547f2153ef1 (patch)
tree	99368c9cb29eb9c29caba1c96363b3b13b251929 /doc
parent	b9ff4ec746daafe520e36c1489a2f843401ab140 (diff)