From b4d6f713d6c5b55a2887d79435490a503da39ae5 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Fri, 7 Apr 2017 12:39:02 -0400 Subject: Make default_method mostly compile-time Document thread-safety issues Cherry-pick from 076fc55527a1499391fa6de109c8387895199ee9 but keeps the RSA_null method. Reviewed-by: Geoff Thorpe (Merged from https://github.com/openssl/openssl/pull/3146) --- doc/crypto/DH_set_method.pod | 5 ++++- doc/crypto/DSA_set_method.pod | 5 ++++- doc/crypto/RSA_set_method.pod | 14 ++++++++++---- 3 files changed, 18 insertions(+), 6 deletions(-) (limited to 'doc') diff --git a/doc/crypto/DH_set_method.pod b/doc/crypto/DH_set_method.pod index cd75a9b549..2100608674 100644 --- a/doc/crypto/DH_set_method.pod +++ b/doc/crypto/DH_set_method.pod @@ -31,8 +31,11 @@ Initially, the default DH_METHOD is the OpenSSL internal implementation, as returned by DH_OpenSSL(). DH_set_default_method() makes B the default method for all DH -structures created later. B: This is true only whilst no ENGINE has been set +structures created later. +B: This is true only whilst no ENGINE has been set as a default for DH, so this function is no longer recommended. +This function is not thread-safe and should not be called at the same time +as other OpenSSL functions. DH_get_default_method() returns a pointer to the current default DH_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE diff --git a/doc/crypto/DSA_set_method.pod b/doc/crypto/DSA_set_method.pod index a64725f7e4..d870f56f26 100644 --- a/doc/crypto/DSA_set_method.pod +++ b/doc/crypto/DSA_set_method.pod @@ -31,8 +31,11 @@ Initially, the default DSA_METHOD is the OpenSSL internal implementation, as returned by DSA_OpenSSL(). DSA_set_default_method() makes B the default method for all DSA -structures created later. B: This is true only whilst no ENGINE has +structures created later. +B: This is true only whilst no ENGINE has been set as a default for DSA, so this function is no longer recommended. +This function is not thread-safe and should not be called at the same time +as other OpenSSL functions. DSA_get_default_method() returns a pointer to the current default DSA_METHOD. However, the meaningfulness of this result is dependent on diff --git a/doc/crypto/RSA_set_method.pod b/doc/crypto/RSA_set_method.pod index 7e7d27cf93..668ad7a16b 100644 --- a/doc/crypto/RSA_set_method.pod +++ b/doc/crypto/RSA_set_method.pod @@ -3,7 +3,7 @@ =head1 NAME RSA_set_default_method, RSA_get_default_method, RSA_set_method, -RSA_get_method, RSA_PKCS1_OpenSSL, RSA_null_method, RSA_flags, +RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method =head1 SYNOPSIS @@ -20,8 +20,6 @@ RSA_new_method - select RSA method RSA_METHOD *RSA_PKCS1_OpenSSL(void); - RSA_METHOD *RSA_null_method(void); - int RSA_flags(const RSA *rsa); RSA *RSA_new_method(ENGINE *engine); @@ -38,8 +36,11 @@ Initially, the default RSA_METHOD is the OpenSSL internal implementation, as returned by RSA_PKCS1_OpenSSL(). RSA_set_default_method() makes B the default method for all RSA -structures created later. B: This is true only whilst no ENGINE has +structures created later. +B: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. +This function is not thread-safe and should not be called at the same time +as other OpenSSL functions. RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on @@ -168,6 +169,11 @@ not currently exist). L +=head1 HISTORY + +The RSA_null_method(), which was a partial attempt to avoid patent issues, +was replaced to always return NULL in OpenSSL 1.1.0f. + =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. -- cgit v1.2.3