[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Wed Feb 10 14:37:30 UTC 2016
The branch master has been updated
via f672aee49450e03e7b1a26c8701d0be720e9ae0e (commit)
from ea7736a0930d8c9dd3d4d1a3b3e001ff56364bd6 (commit)
- Log -----------------------------------------------------------------
commit f672aee49450e03e7b1a26c8701d0be720e9ae0e
Author: Rich Salz <rsalz at akamai.com>
Date: Tue Feb 9 11:52:40 2016 -0500
Rename INIT funtions, deprecate old ones.
Man, there were a lot of renamings :)
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/openssl.c | 4 +-
crypto/async/async.c | 4 +-
crypto/comp/c_zlib.c | 2 +-
crypto/conf/conf_sap.c | 2 +-
crypto/cryptlib.c | 2 +-
crypto/err/err.c | 3 +-
crypto/evp/names.c | 12 ++--
crypto/include/internal/conf.h | 62 -------------------
crypto/init.c | 17 +++---
crypto/mem_dbg.c | 2 +-
doc/apps/errstr.pod | 5 +-
doc/crypto/BIO_f_ssl.pod | 8 ---
doc/crypto/BIO_s_accept.pod | 2 +-
doc/crypto/BIO_s_connect.pod | 2 +-
doc/crypto/CMS_decrypt.pod | 3 -
doc/crypto/CONF_modules_load_file.pod | 6 --
doc/crypto/ERR_error_string.pod | 6 --
doc/crypto/ERR_load_crypto_strings.pod | 6 ++
doc/crypto/ERR_print_errors.pod | 4 +-
doc/crypto/EVP_DigestInit.pod | 5 +-
doc/crypto/OPENSSL_config.pod | 5 ++
...o_library_start.pod => OPENSSL_init_crypto.pod} | 70 ++++++++++------------
doc/crypto/OpenSSL_add_all_algorithms.pod | 6 ++
doc/crypto/PKCS7_decrypt.pod | 3 -
doc/crypto/d2i_PKCS8PrivateKey.pod | 4 --
doc/crypto/engine.pod | 27 +++------
doc/crypto/err.pod | 5 ++
doc/crypto/evp.pod | 3 -
..._ssl_library_start.pod => OPENSSL_init_ssl.pod} | 36 +++++------
doc/ssl/SSL_library_init.pod | 15 ++---
doc/ssl/ssl.pod | 6 --
test/r160test.c => include/internal/conf.h | 40 ++++++-------
include/openssl/conf.h | 6 +-
include/openssl/crypto.h | 9 ++-
include/openssl/engine.h | 32 +++++-----
include/openssl/err.h | 6 +-
include/openssl/evp.h | 46 +++++++-------
include/openssl/ssl.h | 15 +++--
ssl/ssl_init.c | 9 ++-
ssl/ssl_lib.c | 2 +-
test/p5_crpt2_test.c | 2 +-
util/libeay.num | 8 +--
util/ssleay.num | 2 +-
43 files changed, 203 insertions(+), 311 deletions(-)
delete mode 100644 crypto/include/internal/conf.h
rename doc/crypto/{OPENSSL_INIT_crypto_library_start.pod => OPENSSL_init_crypto.pod} (73%)
rename doc/ssl/{OPENSSL_INIT_ssl_library_start.pod => OPENSSL_init_ssl.pod} (55%)
copy test/r160test.c => include/internal/conf.h (66%)
diff --git a/apps/openssl.c b/apps/openssl.c
index e558b71..4a6185b 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -172,8 +172,8 @@ static int apps_startup()
#endif
/* Set non-default library initialisation settings */
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_ALL_BUILTIN
- | OPENSSL_INIT_LOAD_CONFIG, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN
+ | OPENSSL_INIT_LOAD_CONFIG, NULL);
setup_ui_method();
diff --git a/crypto/async/async.c b/crypto/async/async.c
index 024aaf6..db51144 100644
--- a/crypto/async/async.c
+++ b/crypto/async/async.c
@@ -97,7 +97,7 @@ err:
static async_ctx *async_get_ctx(void)
{
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ASYNC, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL);
return async_arch_get_ctx();
}
@@ -361,7 +361,7 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
return 0;
}
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ASYNC, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL);
if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC)) {
ASYNCerr(ASYNC_F_ASYNC_INIT_THREAD, ERR_R_MALLOC_FAILURE);
return 0;
diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
index 899dadf..619765c 100644
--- a/crypto/comp/c_zlib.c
+++ b/crypto/comp/c_zlib.c
@@ -291,7 +291,7 @@ COMP_METHOD *COMP_zlib(void)
zlib_loaded++;
if (zlib_loaded)
meth = &zlib_stateful_method;
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ZLIB, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ZLIB, NULL);
}
}
#endif
diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c
index e0d6c5a..3b42993 100644
--- a/crypto/conf/conf_sap.c
+++ b/crypto/conf/conf_sap.c
@@ -83,7 +83,7 @@ void OPENSSL_config(const char *config_name)
settings[0].value.type_string = config_name;
settings[1].name = OPENSSL_INIT_SET_END;
settings[1].value.type_int = 0;
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_LOAD_CONFIG, settings);
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, settings);
}
void openssl_config_internal(const char *config_name)
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index b530818..1b2a365 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -234,7 +234,7 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
- OPENSSL_INIT_thread_stop();
+ OPENSSL_thread_stop();
break;
case DLL_PROCESS_DETACH:
break;
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 7e8bcc1..d92e41e 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -894,8 +894,7 @@ ERR_STATE *ERR_get_state(void)
* the first one that we just replaced.
*/
ERR_STATE_free(tmpp);
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_LOAD_CRYPTO_STRINGS,
- NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
/* Ignore failures from this */
ossl_init_thread_start(OPENSSL_INIT_THREAD_ERR_STATE);
}
diff --git a/crypto/evp/names.c b/crypto/evp/names.c
index 97a37a5..f6e5004 100644
--- a/crypto/evp/names.c
+++ b/crypto/evp/names.c
@@ -110,7 +110,7 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
{
const EVP_CIPHER *cp;
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL);
cp = (const EVP_CIPHER *)OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH);
return (cp);
@@ -120,7 +120,7 @@ const EVP_MD *EVP_get_digestbyname(const char *name)
{
const EVP_MD *cp;
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
cp = (const EVP_MD *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH);
return (cp);
@@ -166,7 +166,7 @@ void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
{
struct doall_cipher dc;
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL);
dc.fn = fn;
dc.arg = arg;
@@ -179,7 +179,7 @@ void EVP_CIPHER_do_all_sorted(void (*fn) (const EVP_CIPHER *ciph,
{
struct doall_cipher dc;
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL);
dc.fn = fn;
dc.arg = arg;
@@ -207,7 +207,7 @@ void EVP_MD_do_all(void (*fn) (const EVP_MD *md,
{
struct doall_md dc;
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
dc.fn = fn;
dc.arg = arg;
@@ -220,7 +220,7 @@ void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *md,
{
struct doall_md dc;
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
dc.fn = fn;
dc.arg = arg;
diff --git a/crypto/include/internal/conf.h b/crypto/include/internal/conf.h
deleted file mode 100644
index 8feaf62..0000000
--- a/crypto/include/internal/conf.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Written by Matt Caswell for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <openssl/conf.h>
-
-void openssl_config_internal(const char *config_name);
-void openssl_no_config_internal(void);
-
diff --git a/crypto/init.c b/crypto/init.c
index e2f3583..04191de 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -268,7 +268,7 @@ static void ossl_init_base(void)
fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n");
#endif
ossl_init_setup_thread_stop();
- atexit(OPENSSL_INIT_library_stop);
+ atexit(OPENSSL_cleanup);
OPENSSL_cpuid_setup();
base_inited = 1;
}
@@ -499,7 +499,7 @@ static void ossl_init_thread_stop(struct thread_local_inits_st *locals)
ossl_init_thread_stop_cleanup();
}
-void OPENSSL_INIT_thread_stop(void)
+void OPENSSL_thread_stop(void)
{
ossl_init_thread_stop(
(struct thread_local_inits_st *)ossl_init_get_thread_local(0));
@@ -531,7 +531,7 @@ int ossl_init_thread_start(uint64_t opts)
return 1;
}
-void OPENSSL_INIT_library_stop(void)
+void OPENSSL_cleanup(void)
{
OPENSSL_INIT_STOP *currhandler, *lasthandler;
@@ -565,7 +565,7 @@ void OPENSSL_INIT_library_stop(void)
if (zlib_inited) {
#ifdef OPENSSL_INIT_DEBUG
- fprintf(stderr, "OPENSSL_INIT: OPENSSL_INIT_library_stop: "
+ fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
"COMP_zlib_cleanup()\n");
#endif
COMP_zlib_cleanup();
@@ -574,7 +574,7 @@ void OPENSSL_INIT_library_stop(void)
#ifndef OPENSSL_NO_ENGINE
if (engine_inited) {
# ifdef OPENSSL_INIT_DEBUG
- fprintf(stderr, "OPENSSL_INIT: OPENSSL_INIT_library_stop: "
+ fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
"ENGINE_cleanup()\n");
# endif
ENGINE_cleanup();
@@ -583,7 +583,7 @@ void OPENSSL_INIT_library_stop(void)
if (load_crypto_strings_inited) {
#ifdef OPENSSL_INIT_DEBUG
- fprintf(stderr, "OPENSSL_INIT: OPENSSL_INIT_library_stop: "
+ fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
"ERR_free_strings()\n");
#endif
ERR_free_strings();
@@ -626,8 +626,7 @@ static const OPENSSL_INIT_SETTINGS *ossl_init_get_setting(
* called prior to any threads making calls to any OpenSSL functions,
* i.e. passing a non-null settings value is assumed to be single-threaded.
*/
-void OPENSSL_INIT_crypto_library_start(uint64_t opts,
- const OPENSSL_INIT_SETTINGS *settings)
+void OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
{
/* XXX TODO WARNING To be updated to return a value not assert. */
assert(!stopped);
@@ -719,7 +718,7 @@ void OPENSSL_INIT_crypto_library_start(uint64_t opts,
}
}
-int OPENSSL_INIT_register_stop_handler(void (*handler)(void))
+int OPENSSL_atexit(void (*handler)(void))
{
OPENSSL_INIT_STOP *newhand;
diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
index c3d98ca..adabb2d 100644
--- a/crypto/mem_dbg.c
+++ b/crypto/mem_dbg.c
@@ -640,7 +640,7 @@ int CRYPTO_mem_leaks(BIO *b)
return 1;
/* Ensure all resources are released */
- OPENSSL_INIT_library_stop();
+ OPENSSL_cleanup();
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
diff --git a/doc/apps/errstr.pod b/doc/apps/errstr.pod
index 02bd3dc..7d1fee4 100644
--- a/doc/apps/errstr.pod
+++ b/doc/apps/errstr.pod
@@ -31,9 +31,6 @@ to produce the error message:
=head1 SEE ALSO
-L<err(3)>,
-L<ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)>
-
+L<err(3)>
=cut
diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod
index bd9b605..4d49dc7 100644
--- a/doc/crypto/BIO_f_ssl.pod
+++ b/doc/crypto/BIO_f_ssl.pod
@@ -140,10 +140,6 @@ unencrypted example in L<BIO_s_connect(3)>.
SSL_CTX *ctx;
SSL *ssl;
- ERR_load_crypto_strings();
- ERR_load_SSL_strings();
- OpenSSL_add_all_algorithms();
-
/* We would seed the PRNG here if the platform didn't
* do it automatically
*/
@@ -207,10 +203,6 @@ a client and also echoes the request to standard output.
SSL_CTX *ctx;
SSL *ssl;
- ERR_load_crypto_strings();
- ERR_load_SSL_strings();
- OpenSSL_add_all_algorithms();
-
/* Might seed PRNG here */
ctx = SSL_CTX_new(TLS_server_method());
diff --git a/doc/crypto/BIO_s_accept.pod b/doc/crypto/BIO_s_accept.pod
index 2feb72b..ec8fa3a 100644
--- a/doc/crypto/BIO_s_accept.pod
+++ b/doc/crypto/BIO_s_accept.pod
@@ -160,7 +160,7 @@ This example accepts two connections on port 4444, sends messages
down each and finally closes both down.
BIO *abio, *cbio, *cbio2;
- ERR_load_crypto_strings();
+
abio = BIO_new_accept("4444");
/* First call to BIO_accept() sets up accept BIO */
diff --git a/doc/crypto/BIO_s_connect.pod b/doc/crypto/BIO_s_connect.pod
index 648e8ed..7adb78d 100644
--- a/doc/crypto/BIO_s_connect.pod
+++ b/doc/crypto/BIO_s_connect.pod
@@ -164,7 +164,7 @@ to retrieve a page and copy the result to standard output.
BIO *cbio, *out;
int len;
char tmpbuf[1024];
- ERR_load_crypto_strings();
+
cbio = BIO_new_connect("localhost:http");
out = BIO_new_fp(stdout, BIO_NOCLOSE);
if(BIO_do_connect(cbio) <= 0) {
diff --git a/doc/crypto/CMS_decrypt.pod b/doc/crypto/CMS_decrypt.pod
index 06bc106..4b1e97e 100644
--- a/doc/crypto/CMS_decrypt.pod
+++ b/doc/crypto/CMS_decrypt.pod
@@ -22,9 +22,6 @@ is detached. It will normally be set to NULL.
=head1 NOTES
-OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
-function or errors about unknown algorithms will occur.
-
Although the recipients certificate is not needed to decrypt the data it is
needed to locate the appropriate (of possible several) recipients in the CMS
structure.
diff --git a/doc/crypto/CONF_modules_load_file.pod b/doc/crypto/CONF_modules_load_file.pod
index 53202a7..84f7184 100644
--- a/doc/crypto/CONF_modules_load_file.pod
+++ b/doc/crypto/CONF_modules_load_file.pod
@@ -45,12 +45,6 @@ return an error.
B<CONF_MFLAGS_DEFAULT_SECTION> if set and B<appname> is not NULL will use the
default section pointed to by B<openssl_conf> if B<appname> does not exist.
-Applications should call these functions after loading builtin modules using
-OPENSSL_load_builtin_modules(), any ENGINEs for example using
-ENGINE_load_builtin_engines(), any algorithms for example
-OPENSSL_add_all_algorithms() and (if the application uses libssl)
-SSL_library_init().
-
By using CONF_modules_load_file() with appropriate flags an application can
customise application configuration to best suit its needs. In some cases the
use of a configuration file is optional and its absence is not an error: in
diff --git a/doc/crypto/ERR_error_string.pod b/doc/crypto/ERR_error_string.pod
index 68d1a53..81ca61c 100644
--- a/doc/crypto/ERR_error_string.pod
+++ b/doc/crypto/ERR_error_string.pod
@@ -42,10 +42,6 @@ ERR_lib_error_string(), ERR_func_error_string() and
ERR_reason_error_string() return the library name, function
name and reason string respectively.
-The OpenSSL error strings should be loaded by calling
-L<ERR_load_crypto_strings(3)> or, for SSL
-applications, L<SSL_load_error_strings(3)>
-first.
If there is no text string registered for the given error code,
the error string will contain the numeric code.
@@ -64,8 +60,6 @@ none is registered for the error code.
=head1 SEE ALSO
L<err(3)>, L<ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)>
L<ERR_print_errors(3)>
=cut
diff --git a/doc/crypto/ERR_load_crypto_strings.pod b/doc/crypto/ERR_load_crypto_strings.pod
index b4af1fc..88678d9 100644
--- a/doc/crypto/ERR_load_crypto_strings.pod
+++ b/doc/crypto/ERR_load_crypto_strings.pod
@@ -37,4 +37,10 @@ ERR_free_strings() return no values.
L<err(3)>, L<ERR_error_string(3)>
+=head1 HISTORY
+
+The ERR_load_crypto_strings(), SSL_load_error_strings(), and
+ERR_free_strings() functions were deprecated in OpenSSL 1.1.0 by
+OPENSSL_init_crypto() and OPENSSL_init_ssl().
+
=cut
diff --git a/doc/crypto/ERR_print_errors.pod b/doc/crypto/ERR_print_errors.pod
index 3b0defe..aec8a10 100644
--- a/doc/crypto/ERR_print_errors.pod
+++ b/doc/crypto/ERR_print_errors.pod
@@ -39,8 +39,6 @@ ERR_print_errors() and ERR_print_errors_fp() return no values.
=head1 SEE ALSO
L<err(3)>, L<ERR_error_string(3)>,
-L<ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)>
+L<ERR_get_error(3)>.
=cut
diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod
index 1b98c1c..db9c040 100644
--- a/doc/crypto/EVP_DigestInit.pod
+++ b/doc/crypto/EVP_DigestInit.pod
@@ -143,8 +143,7 @@ returns is of zero length.
EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
return an B<EVP_MD> structure when passed a digest name, a digest NID or
-an ASN1_OBJECT structure respectively. The digest table must be initialized
-using, for example, OpenSSL_add_all_digests() for these functions to work.
+an ASN1_OBJECT structure respectively.
=head1 RETURN VALUES
@@ -210,8 +209,6 @@ digest name passed on the command line.
unsigned char md_value[EVP_MAX_MD_SIZE];
int md_len, i;
- OpenSSL_add_all_digests();
-
if(!argv[1]) {
printf("Usage: mdtest digestname\n");
exit(1);
diff --git a/doc/crypto/OPENSSL_config.pod b/doc/crypto/OPENSSL_config.pod
index fbf8b6d..4c82566 100644
--- a/doc/crypto/OPENSSL_config.pod
+++ b/doc/crypto/OPENSSL_config.pod
@@ -60,4 +60,9 @@ L<conf(5)>,
L<CONF_modules_load_file(3)>,
L<CONF_modules_free(3)>
+=head1 HISTORY
+
+The OPENSSL_no_config() and OPENSSL_config() functions were
+deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto().
+
=cut
diff --git a/doc/crypto/OPENSSL_INIT_crypto_library_start.pod b/doc/crypto/OPENSSL_init_crypto.pod
similarity index 73%
rename from doc/crypto/OPENSSL_INIT_crypto_library_start.pod
rename to doc/crypto/OPENSSL_init_crypto.pod
index 16f95fe..11bc1c7 100644
--- a/doc/crypto/OPENSSL_INIT_crypto_library_start.pod
+++ b/doc/crypto/OPENSSL_init_crypto.pod
@@ -2,19 +2,18 @@
=head1 NAME
-OPENSSL_INIT_crypto_library_start, OPENSSL_INIT_library_stop,
-OPENSSL_INIT_register_stop_handler, OPENSSL_INIT_thread_stop - OpenSSL
+OPENSSL_init_crypto, OPENSSL_cleanup,
+OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL
initialisation and deinitialisation functions
=head1 SYNOPSIS
#include <openssl/crypto.h>
- void OPENSSL_INIT_library_stop(void);
- void OPENSSL_INIT_crypto_library_start(uint64_t opts,
- const OPENSSL_INIT_SETTINGS *settings);
- int OPENSSL_INIT_register_stop_handler(void (*handler)(void));
- void OPENSSL_INIT_thread_stop(void);
+ void OPENSSL_cleanup(void);
+ void OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
=head1 DESCRIPTION
@@ -30,13 +29,13 @@ automatically deinitialise as required.
However, there way be situations when explicit initialisation is desirable or
needed, for example when some non-default initialisation is required. The
-function OPENSSL_INIT_crypto_library_start() can be used for this purpose for
-libcrypto (see also L<OPENSSL_INIT_ssl_library_start(3)> for the libssl
+function OPENSSL_init_crypto() can be used for this purpose for
+libcrypto (see also L<OPENSSL_init_ssl(3)> for the libssl
equivalent).
-Numerous internal OpenSSL functions call OPENSSL_INIT_crypto_library_start().
+Numerous internal OpenSSL functions call OPENSSL_init_crypto().
Therefore, in order to perform non-default initialisation,
-OPENSSL_INIT_crypto_library_start() MUST be called by application code prior to
+OPENSSL_init_crypto() MUST be called by application code prior to
any other OpenSSL function calls.
The B<opts> parameter specifies which aspects of libcrypto should be
@@ -46,49 +45,45 @@ initialised. Valid options are:
=item OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS
-Suppress automatic loading of the libcrypto error strings. With this option the
-library will not automatically call ERR_load_crypto_strings(). This option is
+Suppress automatic loading of the libcrypto error strings. This option is
not a default option. Once selected subsequent calls to
-OPENSSL_INIT_crypto_library_start() with the option
-B<OPENSSL_INIT_LOAD_CRYPTO_STRINGS> will be ignored. Applications may call
-ERR_load_crypto_strings() directly if they wish even if this option has been
-selected. If they do so then they must also explicitly call ERR_free_strings()
-on application close down.
+OPENSSL_init_crypto() with the option
+B<OPENSSL_INIT_LOAD_CRYPTO_STRINGS> will be ignored.
=item OPENSSL_INIT_LOAD_CRYPTO_STRINGS
Automatic loading of the libcrypto error strings. With this option the
-library will automatically call ERR_load_crypto_strings(). This option is a
-default option. Once selected subsequent calls to
-OPENSSL_INIT_crypto_library_start() with the option
+library will automatically load the libcrypto error strings.
+This option is a default option. Once selected subsequent calls to
+OPENSSL_init_crypto() with the option
B<OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS> will be ignored.
=item OPENSSL_INIT_ADD_ALL_CIPHERS
With this option the library will automatically load and make available all
libcrypto ciphers. This option is a default option. Once selected subsequent
-calls to OPENSSL_INIT_crypto_library_start() with the option
+calls to OPENSSL_init_crypto() with the option
B<OPENSSL_INIT_NO_ADD_ALL_CIPHERS> will be ignored.
=item OPENSSL_INIT_ADD_ALL_DIGESTS
With this option the library will automatically load and make available all
libcrypto digests. This option is a default option. Once selected subsequent
-calls to OPENSSL_INIT_crypto_library_start() with the option
+calls to OPENSSL_init_crypto() with the option
B<OPENSSL_INIT_NO_ADD_ALL_CIPHERS> will be ignored.
=item OPENSSL_INIT_NO_ADD_ALL_CIPHERS
With this option the library will suppress automatic loading of libcrypto
ciphers. This option is not a default option. Once selected subsequent
-calls to OPENSSL_INIT_crypto_library_start() with the option
+calls to OPENSSL_init_crypto() with the option
B<OPENSSL_INIT_ADD_ALL_CIPHERS> will be ignored.
=item OPENSSL_INIT_NO_ADD_ALL_DIGESTS
With this option the library will suppress automatic loading of libcrypto
digests. This option is not a default option. Once selected subsequent
-calls to OPENSSL_INIT_crypto_library_start() with the option
+calls to OPENSSL_init_crypto() with the option
B<OPENSSL_INIT_ADD_ALL_DIGESTS> will be ignored.
=item OPENSSL_INIT_LOAD_CONFIG
@@ -168,30 +163,30 @@ configuration file is assumed. For example
{ OPENSSL_INIT_SET_CONF_FILENAME, .value.type_string = "myconf.cnf" },
{ OPENSSL_INIT_SET_END, .value.type_int = 0 }
};
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_LOAD_CONFIG, settings);
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, settings);
The B<settings> parameter must be an array of OPENSSL_INIT_SETTINGS values
terminated with an OPENSSL_INIT_SET_END entry.
-The OPENSSL_INIT_library_stop() function deinitialises OpenSSL (both libcrypto
+The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto
and libssl). All resources allocated by OpenSSL are freed. Typically there
should be no need to call this function directly as it is initiated
automatically on application exit. This is done via the standard C library
L<atexit(3)> function. In the event that the application will close in a manner
that will not call the registered atexit() handlers then the application should
-call OPENSSL_INIT_library_stop() directly. Developers of libraries using OpenSSL
+call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL
are discouraged from calling this function and should instead, typically, rely
on auto-deinitialisation. This is to avoid error conditions where both an
application and a library it depends on both use OpenSSL, and the library
deinitialises it before the application has finished using it.
-The OPENSSL_INIT_register_stop_handler() function enables the registration of a
-function to be called during OPENSSL_INIT_library_stop(). Stop handlers are
+The OPENSSL_atexit() function enables the registration of a
+function to be called during OPENSSL_cleanup(). Stop handlers are
called after deinitialisation of resources local to a thread, but before other
process wide resources are freed. In the event that multiple stop handlers are
registered, no guarantees are made about the order of execution.
-The OPENSSL_INIT_thread_stop() function deallocates resources associated
+The OPENSSL_thread_stop() function deallocates resources associated
with the current thread. Typically this function will be called automatically by
the library when the thread exits. This should only be called directly if
resources should be freed at an earlier time, or under the circumstances
@@ -205,23 +200,22 @@ platforms this is done in response to a DLL_THREAD_DETACH message being sent to
the libeay32.dll entry point. Some windows functions may cause threads to exit
without sending this message (for example ExitProcess()). If the application
uses such functions, then the application must free up OpenSSL resources
-directly via a call to OPENSSL_INIT_thread_stop(). Similarly this message will
+directly via a call to OPENSSL_thread_stop(). Similarly this message will
also not be sent if OpenSSL is linked statically, and therefore applications
-using static linking should also call OPENSSL_INIT_thread_stop().
+using static linking should also call OPENSSL_thread_stop().
=head1 RETURN VALUES
-The function OPENSSL_INIT_register_stop_handler() returns 1 on success or 0 on
+The function OPENSSL_atexit() returns 1 on success or 0 on
error.
=head1 SEE ALSO
-L<OPENSSL_INIT_ssl_library_start(3)>
+L<OPENSSL_init_ssl(3)>
=head1 HISTORY
-The OPENSSL_INIT_library_stop, OPENSSL_INIT_crypto_library_start,
-OPENSSL_INIT_register_stop_handler and OPENSSL_INIT_thread_stop functions were
-added in OpenSSL 1.1.0.
+The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(),
+and OPENSSL_thread_stop() functions were added in OpenSSL 1.1.0.
=cut
diff --git a/doc/crypto/OpenSSL_add_all_algorithms.pod b/doc/crypto/OpenSSL_add_all_algorithms.pod
index 3ca0576..b107155 100644
--- a/doc/crypto/OpenSSL_add_all_algorithms.pod
+++ b/doc/crypto/OpenSSL_add_all_algorithms.pod
@@ -63,4 +63,10 @@ too much of a problem in practice.
L<evp(3)>, L<EVP_DigestInit(3)>,
L<EVP_EncryptInit(3)>
+=head1 HISTORY
+
+The OpenSSL_add_all_algorithms(), OpenSSL_add_all_ciphers(),
+OpenSSL_add_all_digests(), and EVP_cleanup(), functions
+were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto().
+
=cut
diff --git a/doc/crypto/PKCS7_decrypt.pod b/doc/crypto/PKCS7_decrypt.pod
index 71313b8..90cf506 100644
--- a/doc/crypto/PKCS7_decrypt.pod
+++ b/doc/crypto/PKCS7_decrypt.pod
@@ -19,9 +19,6 @@ B<flags> is an optional set of flags.
=head1 NOTES
-OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
-function or errors about unknown algorithms will occur.
-
Although the recipients certificate is not needed to decrypt the data it is needed
to locate the appropriate (of possible several) recipients in the PKCS#7 structure.
diff --git a/doc/crypto/d2i_PKCS8PrivateKey.pod b/doc/crypto/d2i_PKCS8PrivateKey.pod
index a4213fa..cc20479 100644
--- a/doc/crypto/d2i_PKCS8PrivateKey.pod
+++ b/doc/crypto/d2i_PKCS8PrivateKey.pod
@@ -39,10 +39,6 @@ corresponding B<PEM> function as described in the L<pem(3)> manual page.
=head1 NOTES
-Before using these functions L<OpenSSL_add_all_algorithms(3)>
-should be called to initialize the internal algorithm lookup tables otherwise errors about
-unknown algorithms will occur if an attempt is made to decrypt a private key.
-
These functions are currently the only way to store encrypted private keys using DER format.
Currently all the functions use BIOs or FILE pointers, there are no functions which
diff --git a/doc/crypto/engine.pod b/doc/crypto/engine.pod
index 11191ef..99ed170 100644
--- a/doc/crypto/engine.pod
+++ b/doc/crypto/engine.pod
@@ -21,14 +21,6 @@ engine - ENGINE cryptographic module support
int ENGINE_init(ENGINE *e);
int ENGINE_finish(ENGINE *e);
- void ENGINE_load_openssl(void);
- void ENGINE_load_dynamic(void);
- #ifndef OPENSSL_NO_STATIC_ENGINE
- void ENGINE_load_chil(void);
- void ENGINE_load_gmp(void);
- void ENGINE_load_ubsec(void);
- #endif
- void ENGINE_load_cryptodev(void);
void ENGINE_load_builtin_engines(void);
void ENGINE_cleanup(void);
@@ -301,17 +293,7 @@ it uses static linking against openssl, then the resulting application
binary will not contain any alternative ENGINE code at all. So the first
consideration is whether any/all available ENGINE implementations should be
made visible to OpenSSL - this is controlled by calling the various "load"
-functions, eg.
-
- /* Make the "dynamic" ENGINE available */
- void ENGINE_load_dynamic(void);
- /* Make the CryptoSwift hardware acceleration support available */
- void ENGINE_load_cswift(void);
- /* Make support for nCipher's "CHIL" hardware available */
- void ENGINE_load_chil(void);
- ...
- /* Make ALL ENGINE implementations bundled with OpenSSL available */
- void ENGINE_load_builtin_engines(void);
+functions.
Having called any of these functions, ENGINE objects would have been
dynamically allocated and populated with these implementations and linked
@@ -567,6 +549,11 @@ extension).
=head1 SEE ALSO
-L<rsa(3)>, L<dsa(3)>, L<dh(3)>, L<rand(3)>
+L<OPENSSL_init_crypto(3)>, L<rsa(3)>, L<dsa(3)>, L<dh(3)>, L<rand(3)>
+
+=head1 HISTORY
+
+ENGINE_load_openssl(), ENGINE_load_dynamic(), and ENGINE_load_cryptodev()
+were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto().
=cut
diff --git a/doc/crypto/err.pod b/doc/crypto/err.pod
index 4f512e6..5fafbc5 100644
--- a/doc/crypto/err.pod
+++ b/doc/crypto/err.pod
@@ -188,4 +188,9 @@ L<ERR_put_error(3)>,
L<ERR_load_strings(3)>,
L<SSL_get_error(3)>
+=head1 HISTORY
+
+The ERR_load_crypto_strings() function was deprecated in OpenSSL 1.1.0 by
+OPENSSL_init_crypto().
+
=cut
diff --git a/doc/crypto/evp.pod b/doc/crypto/evp.pod
index 58ce83d..09870b4 100644
--- a/doc/crypto/evp.pod
+++ b/doc/crypto/evp.pod
@@ -61,8 +61,6 @@ based encryption. Careful selection of the parameters will provide a PKCS#5 PBKD
implementation. However, new applications should not typically use this (preferring, for example,
PBKDF2 from PCKS#5).
-Algorithms are loaded with L<OpenSSL_add_all_algorithms(3)>.
-
All the symmetric algorithms (ciphers), digests and asymmetric algorithms
(public key algorithms) can be replaced by L<engine(3)> modules providing alternative
implementations. If ENGINE implementations of ciphers or digests are registered
@@ -97,7 +95,6 @@ L<EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)>,
L<EVP_BytesToKey(3)>,
-L<OpenSSL_add_all_algorithms(3)>,
L<engine(3)>
=cut
diff --git a/doc/ssl/OPENSSL_INIT_ssl_library_start.pod b/doc/ssl/OPENSSL_init_ssl.pod
similarity index 55%
rename from doc/ssl/OPENSSL_INIT_ssl_library_start.pod
rename to doc/ssl/OPENSSL_init_ssl.pod
index c0f598d..d9246a5 100644
--- a/doc/ssl/OPENSSL_INIT_ssl_library_start.pod
+++ b/doc/ssl/OPENSSL_init_ssl.pod
@@ -2,14 +2,13 @@
=head1 NAME
-OPENSSL_INIT_ssl_library_start - OpenSSL (libssl and libcrypto) initialisation
+OPENSSL_init_ssl - OpenSSL (libssl and libcrypto) initialisation
=head1 SYNOPSIS
#include <openssl/ssl.h>
- void OPENSSL_INIT_ssl_library_start(uint64_t opts,
- const OPENSSL_INIT_SETTINGS *settings);
+ void OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
=head1 DESCRIPTION
@@ -25,40 +24,35 @@ automatically deinitialise as required.
However, there way be situations when explicit initialisation is desirable or
needed, for example when some non-default initialisation is required. The
-function OPENSSL_INIT_ssl_library_start() can be used for this purpose. Calling
+function OPENSSL_init_ssl() can be used for this purpose. Calling
this function will explicitly initialise BOTH libcrypto and libssl. To
explicitly initialise ONLY libcrypto see the
-L<OPENSSL_INIT_crypto_library_start(3)> function.
+L<OPENSSL_init_crypto(3)> function.
-Numerous internal OpenSSL functions call OPENSSL_INIT_ssl_library_start().
+Numerous internal OpenSSL functions call OPENSSL_init_ssl().
Therefore, in order to perform non-default initialisation,
-OPENSSL_INIT_ssl_library_start() MUST be called by application code prior to
+OPENSSL_init_ssl() MUST be called by application code prior to
any other OpenSSL function calls.
The B<opts> parameter specifies which aspects of libssl and libcrypto should be
initialised. Valid options for libcrypto are described on the
-L<OPENSSL_INIT_crypto_library_start(3)> page. In addition to any libcrypto
+L<OPENSSL_init_crypto(3)> page. In addition to any libcrypto
specific option the following libssl options can also be used:
=over 4
=item OPENSSL_INIT_NO_LOAD_SSL_STRINGS
-Suppress automatic loading of the libssl error strings. With this option the
-library will not automatically call ERR_load_SSL_strings(). This option is
+Suppress automatic loading of the libssl error strings. This option is
not a default option. Once selected subsequent calls to
-OPENSSL_INIT_ssl_library_start() with the option
-B<OPENSSL_INIT_LOAD_SSL_STRINGS> will be ignored. Applications may call
-ERR_load_SSL_strings() directly if they wish even if this option has been
-selected. If they do so then they must also explicitly call ERR_free_strings()
-on application close down.
+OPENSSL_init_ssl() with the option
+B<OPENSSL_INIT_LOAD_SSL_STRINGS> will be ignored.
=item OPENSSL_INIT_LOAD_SSL_STRINGS
-Automatic loading of the libssl error strings. With this option the
-library will automatically call ERR_load_SSL_strings(). This option is a
+Automatic loading of the libssl error strings. This option is a
default option. Once selected subsequent calls to
-OPENSSL_INIT_ssl_library_start() with the option
+OPENSSL_init_ssl() with the option
B<OPENSSL_INIT_LOAD_SSL_STRINGS> will be ignored.
=back
@@ -66,15 +60,15 @@ B<OPENSSL_INIT_LOAD_SSL_STRINGS> will be ignored.
The B<settings> parameter specifies optional settings values to an option.
Currently no such settings are available for libssl specific options. However
these settings will also be passed internally to a call to
-L<OPENSSL_INIT_crypto_library_start(3)>, so this parameter can also be used to
+L<OPENSSL_init_crypto(3)>, so this parameter can also be used to
provide libcrypto settings values.
=head1 SEE ALSO
-L<OPENSSL_INIT_crypto_library_start(3)>
+L<OPENSSL_init_crypto(3)>
=head1 HISTORY
-The OPENSSL_INIT_ssl_library_start function was added in OpenSSL 1.1.0.
+The OPENSSL_init_ssl() function was added in OpenSSL 1.1.0.
=cut
diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod
index d96d3f0..c872858 100644
--- a/doc/ssl/SSL_library_init.pod
+++ b/doc/ssl/SSL_library_init.pod
@@ -28,14 +28,6 @@ SSL_library_init() is not reentrant.
SSL_library_init() adds ciphers and digests used directly and indirectly by
SSL/TLS.
-=head1 EXAMPLES
-
-A typical TLS/SSL application will start with the library initialization,
-and provide readable error messages.
-
- SSL_load_error_strings(); /* readable error messages */
- SSL_library_init(); /* initialize library */
-
=head1 RETURN VALUES
SSL_library_init() always returns "1", so it is safe to discard the return
@@ -43,7 +35,12 @@ value.
=head1 SEE ALSO
-L<ssl(3)>, L<SSL_load_error_strings(3)>,
+L<ssl(3)>,
L<RAND_add(3)>
+=head1 HISTORY
+
+The SSL_library_init() and OpenSSL_add_ssl_algorithms() functions were
+deprecated in OpenSSL 1.1.0 by OPENSSL_init_ssl().
+
=cut
diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
index 597b88e..e350c3e 100644
--- a/doc/ssl/ssl.pod
+++ b/doc/ssl/ssl.pod
@@ -13,9 +13,6 @@ The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
Transport Layer Security (TLS v1) protocols. It provides a rich API which is
documented here.
-At first the library must be initialized; see
-L<SSL_library_init(3)>.
-
Then an B<SSL_CTX> object is created as a framework to establish
TLS/SSL enabled connections (see L<SSL_CTX_new(3)>).
Various options regarding certificates, algorithms etc. can be set
@@ -560,8 +557,6 @@ fresh handle for each connection.
=item STACK *B<SSL_load_client_CA_file>(char *file);
-=item void B<SSL_load_error_strings>(void);
-
=item SSL *B<SSL_new>(SSL_CTX *ctx);
=item void SSL_up_ref(SSL *s);
@@ -742,7 +737,6 @@ L<SSL_get_rbio(3)>,
L<SSL_get_session(3)>,
L<SSL_get_verify_result(3)>,
L<SSL_get_version(3)>,
-L<SSL_library_init(3)>,
L<SSL_load_client_CA_file(3)>,
L<SSL_new(3)>,
L<SSL_pending(3)>,
diff --git a/test/r160test.c b/include/internal/conf.h
similarity index 66%
copy from test/r160test.c
copy to include/internal/conf.h
index b99fa3a..71b75dd 100644
--- a/test/r160test.c
+++ b/include/internal/conf.h
@@ -1,23 +1,5 @@
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
+/*
+ * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -54,3 +36,21 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+
+#ifndef HEADER_INTERNAL_CONF_H
+# define INTERNAL_CONF_H
+
+#include <openssl/conf.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+void openssl_config_internal(const char *config_name);
+void openssl_no_config_internal(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/include/openssl/conf.h b/include/openssl/conf.h
index 9144c6d..e16f97c 100644
--- a/include/openssl/conf.h
+++ b/include/openssl/conf.h
@@ -137,9 +137,11 @@ int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
#endif
int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
+#if OPENSSL_API_COMPAT < 0x10100000L
void OPENSSL_config(const char *config_name);
-#define OPENSSL_no_config() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)
+# define OPENSSL_no_config() \
+ OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)
+#endif
/*
* New conf code. The semantics are different from the functions above. If
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index a5501c9..16b7fbd 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -597,11 +597,10 @@ typedef struct ossl_init_settings_st {
typedef struct ossl_init_stop_st OPENSSL_INIT_STOP;
/* Library initialisation functions */
-void OPENSSL_INIT_library_stop(void);
-void OPENSSL_INIT_crypto_library_start(uint64_t opts,
- const OPENSSL_INIT_SETTINGS *settings);
-int OPENSSL_INIT_register_stop_handler(void (*handler)(void));
-void OPENSSL_INIT_thread_stop(void);
+void OPENSSL_cleanup(void);
+void OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+int OPENSSL_atexit(void (*handler)(void));
+void OPENSSL_thread_stop(void);
/* BEGIN ERROR CODES */
/*
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index 0708147..c1dd45b 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -385,23 +385,25 @@ int ENGINE_add(ENGINE *e);
int ENGINE_remove(ENGINE *e);
/* Retrieve an engine from the list by its unique "id" value. */
ENGINE *ENGINE_by_id(const char *id);
-/* Add all the built-in engines. */
-#define ENGINE_load_openssl() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_OPENSSL, NULL)
-#define ENGINE_load_dynamic() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_DYNAMIC, NULL)
+
+#if OPENSSL_API_COMPAT < 0x10100000L
+# define ENGINE_load_openssl() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_OPENSSL, NULL)
+# define ENGINE_load_dynamic() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DYNAMIC, NULL)
# ifndef OPENSSL_NO_STATIC_ENGINE
-# define ENGINE_load_padlock() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_PADLOCK, NULL)
-#define ENGINE_load_capi() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_CAPI, NULL)
-#define ENGINE_load_dasync() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_DASYNC, NULL)
+# define ENGINE_load_padlock() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_PADLOCK, NULL)
+# define ENGINE_load_capi() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CAPI, NULL)
+# define ENGINE_load_dasync() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DASYNC, NULL)
# endif
-#define ENGINE_load_cryptodev() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_CRYPTODEV, NULL)
-#define ENGINE_load_rdrand() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_RDRAND, NULL)
+# define ENGINE_load_cryptodev() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CRYPTODEV, NULL)
+# define ENGINE_load_rdrand() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_RDRAND, NULL)
+#endif
void ENGINE_load_builtin_engines(void);
/*
diff --git a/include/openssl/err.h b/include/openssl/err.h
index f8742a4..147d4da 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -355,8 +355,10 @@ void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
void ERR_load_ERR_strings(void);
-#define ERR_load_crypto_strings() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+#if OPENSSL_API_COMPAT < 0x10100000L
+# define ERR_load_crypto_strings() \
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+#endif
void ERR_free_strings(void);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index e3c75e9..d71429e 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -870,29 +870,31 @@ const EVP_CIPHER *EVP_seed_cfb128(void);
const EVP_CIPHER *EVP_seed_ofb(void);
# endif
-# define OPENSSL_add_all_algorithms_conf() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_CIPHERS \
- | OPENSSL_INIT_ADD_ALL_DIGESTS \
- | OPENSSL_INIT_LOAD_CONFIG, NULL)
-# define OPENSSL_add_all_algorithms_noconf() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_CIPHERS \
- | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
-
-# ifdef OPENSSL_LOAD_CONF
-# define OpenSSL_add_all_algorithms() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_CIPHERS \
- | OPENSSL_INIT_ADD_ALL_DIGESTS \
- | OPENSSL_INIT_LOAD_CONFIG, NULL)
-# else
-# define OpenSSL_add_all_algorithms() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_CIPHERS \
- | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
-# endif
+# if OPENSSL_API_COMPAT < 0x10100000L
+# define OPENSSL_add_all_algorithms_conf() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+ | OPENSSL_INIT_ADD_ALL_DIGESTS \
+ | OPENSSL_INIT_LOAD_CONFIG, NULL)
+# define OPENSSL_add_all_algorithms_noconf() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+ | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+# ifdef OPENSSL_LOAD_CONF
+# define OpenSSL_add_all_algorithms() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+ | OPENSSL_INIT_ADD_ALL_DIGESTS \
+ | OPENSSL_INIT_LOAD_CONFIG, NULL)
+# else
+# define OpenSSL_add_all_algorithms() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+ | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+# endif
-# define OpenSSL_add_all_ciphers() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL)
-# define OpenSSL_add_all_digests() \
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+# define OpenSSL_add_all_ciphers() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL)
+# define OpenSSL_add_all_digests() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+# endif
int EVP_add_cipher(const EVP_CIPHER *cipher);
int EVP_add_digest(const EVP_MD *digest);
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 51e5f99..d65ee9f 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1443,9 +1443,11 @@ __owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
const char *dir);
-#define SSL_load_error_strings() \
- OPENSSL_INIT_ssl_library_start(OPENSSL_INIT_LOAD_SSL_STRINGS \
- | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+#if OPENSSL_API_COMPAT < 0x10100000L
+# define SSL_load_error_strings() \
+ OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \
+ | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+#endif
__owur const char *SSL_state_string(const SSL *s);
__owur const char *SSL_rstate_string(const SSL *s);
@@ -1676,7 +1678,9 @@ void SSL_set_accept_state(SSL *s);
__owur long SSL_get_default_timeout(const SSL *s);
-#define SSL_library_init() OPENSSL_INIT_ssl_library_start(0, NULL)
+#if OPENSSL_API_COMPAT < 0x10100000L
+# define SSL_library_init() OPENSSL_init_ssl(0, NULL)
+#endif
__owur char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
__owur STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
@@ -1936,8 +1940,7 @@ __owur void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
#define OPENSSL_INIT_SSL_DEFAULT \
(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
-void OPENSSL_INIT_ssl_library_start(uint64_t opts,
- const OPENSSL_INIT_SETTINGS *settings);
+void OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
# ifndef OPENSSL_NO_UNIT_TEST
__owur const struct openssl_ssl_test_functions *SSL_test_functions(void);
diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
index 112def1..67e4319 100644
--- a/ssl/ssl_init.c
+++ b/ssl/ssl_init.c
@@ -234,7 +234,7 @@ static void ossl_init_ssl_base(void)
* We ignore an error return here. Not much we can do - but not that bad
* either. We can still safely continue.
*/
- OPENSSL_INIT_register_stop_handler(ssl_library_stop);
+ OPENSSL_atexit(ssl_library_stop);
ssl_base_inited = 1;
}
@@ -299,14 +299,13 @@ static void ssl_library_stop(void)
* called prior to any threads making calls to any OpenSSL functions,
* i.e. passing a non-null settings value is assumed to be single-threaded.
*/
-void OPENSSL_INIT_ssl_library_start(uint64_t opts,
- const OPENSSL_INIT_SETTINGS *settings)
+void OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
{
/* XXX TODO WARNING To be updated to return a value not assert. */
assert(!stopped);
- OPENSSL_INIT_crypto_library_start(opts | OPENSSL_INIT_ADD_ALL_CIPHERS
- | OPENSSL_INIT_ADD_ALL_DIGESTS, settings);
+ OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS
+ | OPENSSL_INIT_ADD_ALL_DIGESTS, settings);
ossl_init_once_run(&ssl_base, ossl_init_ssl_base);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 127399d..e4b5d9f 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2270,7 +2270,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
return (NULL);
}
- OPENSSL_INIT_ssl_library_start(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
+ OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE);
diff --git a/test/p5_crpt2_test.c b/test/p5_crpt2_test.c
index 2c136b6..da45f70 100644
--- a/test/p5_crpt2_test.c
+++ b/test/p5_crpt2_test.c
@@ -183,7 +183,7 @@ int main(int argc, char **argv)
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- OPENSSL_INIT_crypto_library_start(OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
printf("PKCS5_PBKDF2_HMAC() tests ");
for (i = 0; test->pass != NULL; i++, test++) {
diff --git a/util/libeay.num b/util/libeay.num
index 6ff18ad..f470304 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4725,7 +4725,7 @@ PKCS8_get_attr 5206 1_1_0 EXIST::FUNCTION:
PKCS12_SAFEBAG_get0_attr 5207 1_1_0 EXIST::FUNCTION:
PKCS12_get0_mac 5208 1_1_0 EXIST::FUNCTION:
PKCS12_SAFEBAG_get0_pkcs8 5209 1_1_0 EXIST::FUNCTION:
-OPENSSL_INIT_library_stop 5210 1_1_0 EXIST::FUNCTION:
-OPENSSL_INIT_register_stop_handler 5211 1_1_0 EXIST::FUNCTION:
-OPENSSL_INIT_crypto_library_start 5212 1_1_0 EXIST::FUNCTION:
-OPENSSL_INIT_thread_stop 5213 1_1_0 EXIST::FUNCTION:
+OPENSSL_cleanup 5210 1_1_0 EXIST::FUNCTION:
+OPENSSL_atexit 5211 1_1_0 EXIST::FUNCTION:
+OPENSSL_init_crypto 5212 1_1_0 EXIST::FUNCTION:
+OPENSSL_thread_stop 5213 1_1_0 EXIST::FUNCTION:
diff --git a/util/ssleay.num b/util/ssleay.num
index 6e339f6..45583f7 100755
--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -416,4 +416,4 @@ SSL_up_ref 471 1_1_0 EXIST::FUNCTION:
SSL_CTX_up_ref 472 1_1_0 EXIST::FUNCTION:
DTLSv1_listen 473 1_1_0 EXIST::FUNCTION:
SSL_get0_verified_chain 474 1_1_0 EXIST::FUNCTION:
-OPENSSL_INIT_ssl_library_start 475 1_1_0 EXIST::FUNCTION:
+OPENSSL_init_ssl 475 1_1_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list