[openssl-commits] [openssl] master update

kaduk at mit.edu kaduk at mit.edu
Wed Jul 5 17:55:13 UTC 2017

The branch master has been updated
       via  7b5b2c461475ad2c810fec093dd9c2927876ec25 (commit)
      from  b96dba9e5ec7afc355be1eab915f69c8c0d51741 (commit)

- Log -----------------------------------------------------------------
commit 7b5b2c461475ad2c810fec093dd9c2927876ec25
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Wed Jun 14 11:47:02 2017 -0500

    Improve BN_CTX documentation
    Since BN_CTX_init() is gone, all calls use BN_CTX_new().  Also,
    essentially all consumers will use BN_CTX_start()/BN_CTX_end(),
    so make that more clear from the BN_CTX_new() man page.
    Document the thread-unsafety of individual BN_CTX objects.
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3682)


Summary of changes:
 doc/man3/BN_CTX_new.pod | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/doc/man3/BN_CTX_new.pod b/doc/man3/BN_CTX_new.pod
index 4cf3634..7fba72e 100644
--- a/doc/man3/BN_CTX_new.pod
+++ b/doc/man3/BN_CTX_new.pod
@@ -26,12 +26,14 @@ BN_CTX_secure_new() allocates and initializes a B<BN_CTX> structure
 but uses the secure heap (see L<CRYPTO_secure_malloc(3)>) to hold the
-BN_CTX_free() frees the components of the B<BN_CTX>, and if it was
-created by BN_CTX_new(), also the structure itself.
-If L<BN_CTX_start(3)> has been used on the B<BN_CTX>,
-L<BN_CTX_end(3)> must be called before the B<BN_CTX>
-may be freed by BN_CTX_free().
-If B<c> is NULL, nothing is done.
+BN_CTX_free() frees the components of the B<BN_CTX> and the structure itself.
+Since BN_CTX_start() is required in order to obtain B<BIGNUM>s from the
+B<BN_CTX>, in most cases BN_CTX_end() must be called before the B<BN_CTX> may
+be freed by BN_CTX_free().  If B<c> is NULL, nothing is done.
+A given B<BN_CTX> must only be used by a single thread of execution.  No
+locking is performed, and the internal pool allocator will not properly handle
+multiple threads of execution.

More information about the openssl-commits mailing list