[openssl-users] Should I stop using locking callbacks in OpenSSL 1.1.0x ?

[pratyush parimal]

Hi all,

I'm trying to migrate some application code from OpenSSL 1.0.1e to 1.1.0g.
I keep seeing that the locking and threading callbacks I had used earlier
(with CRYPTO_set_locking_callback and CRYPTO_set_id_callback respectively)
now show up as "unused" during compilation.

I checked https://www.openssl.org/blog/blog/2017/02/21/threads/ and it
seems like OpenSSL is trying to ditch callbacks and use more native
facilities. In 1.1.0g's crypto.h, CRYPTO_set_locking_callback is defined as
a no-op, with the following comment:

/*
 * The old locking functions have been removed completely without
compatibility
 * macros. This is because the old functions either could not properly
report
 * errors, or the returned error values were not clearly documented.
 * Replacing the locking functions with with no-ops would cause race
condition
 * issues in the affected applications. It is far better for them to fail at
 * compile time.
 * On the other hand, the locking callbacks are no longer used.
Consequently,
 * the callback management functions can be safely replaced with no-op
macros.
 */

Does this mean I can safely remove all usages of the above functions from
my application code? I'd appreciate if someone could explain the above
comment in a little more detail or confirm what I'm saying. Or has anyone
else been in the same situation?

Thanks,
Pratyush
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180413/7ed557c9/attachment.html>