From 22c84afa773559279af928652a2d9f3489cc7d73 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 4 Apr 2016 15:28:58 +0100
Subject: [PATCH] Deprecate EVP_cleanup() and make it a no-op

EVP_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 crypto/evp/names.c                        |  2 +-
 crypto/include/internal/evp_int.h         |  1 +
 crypto/init.c                             |  4 +--
 crypto/objects/obj_dat.c                  |  4 +--
 doc/crypto/EVP_DigestInit.pod             |  2 --
 doc/crypto/OpenSSL_add_all_algorithms.pod | 43 +++++++++++++++++++----
 include/openssl/evp.h                     | 11 +++---
 7 files changed, 48 insertions(+), 19 deletions(-)

diff --git a/crypto/evp/names.c b/crypto/evp/names.c
index 2a5606b040..22c725d060 100644
--- a/crypto/evp/names.c
+++ b/crypto/evp/names.c
@@ -128,7 +128,7 @@ const EVP_MD *EVP_get_digestbyname(const char *name)
     return (cp);
 }
 
-void EVP_cleanup(void)
+void evp_cleanup_intern(void)
 {
     OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
     OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h
index f5811c1d10..972f58994d 100644
--- a/crypto/include/internal/evp_int.h
+++ b/crypto/include/internal/evp_int.h
@@ -422,3 +422,4 @@ struct evp_pkey_st {
 
 void openssl_add_all_ciphers_internal(void);
 void openssl_add_all_digests_internal(void);
+void evp_cleanup_intern(void);
diff --git a/crypto/init.c b/crypto/init.c
index 2d50d4deb8..dc24c02693 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -466,7 +466,7 @@ void OPENSSL_cleanup(void)
     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
                     "bio_sock_cleanup_intern()\n");
     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
-                    "EVP_cleanup()\n");
+                    "evp_cleanup_intern()\n");
     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
                     "OBJ_cleanup()\n");
 #endif
@@ -488,7 +488,7 @@ void OPENSSL_cleanup(void)
 #ifndef OPENSSL_NO_SOCK
     bio_sock_cleanup_intern();
 #endif
-    EVP_cleanup();
+    evp_cleanup_intern();
     OBJ_cleanup();
     base_inited = 0;
 }
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 82b44949b2..21b4187a25 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -199,8 +199,8 @@ static void cleanup3_doall(ADDED_OBJ *a)
 }
 
 /*
- * The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting to
- * use freed up OIDs. If necessary the actual freeing up of OIDs is delayed.
+ * The purpose of obj_cleanup_defer is to avoid evp_cleanup_intern() attempting
+ * to use freed up OIDs. If necessary the actual freeing up of OIDs is delayed.
  */
 int obj_cleanup_defer = 0;
 
diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod
index 94c4d19d29..7ce569540f 100644
--- a/doc/crypto/EVP_DigestInit.pod
+++ b/doc/crypto/EVP_DigestInit.pod
@@ -236,8 +236,6 @@ digest name passed on the command line.
  	printf("%02x", md_value[i]);
  printf("\n");
 
- /* Call this once before exit. */
- EVP_cleanup();
  exit(0);
  }
 
diff --git a/doc/crypto/OpenSSL_add_all_algorithms.pod b/doc/crypto/OpenSSL_add_all_algorithms.pod
index b107155a3a..78fe12aa3f 100644
--- a/doc/crypto/OpenSSL_add_all_algorithms.pod
+++ b/doc/crypto/OpenSSL_add_all_algorithms.pod
@@ -9,16 +9,44 @@ add algorithms to internal table
 
  #include <openssl/evp.h>
 
- void OpenSSL_add_all_algorithms(void);
- void OpenSSL_add_all_ciphers(void);
- void OpenSSL_add_all_digests(void);
-
- void EVP_cleanup(void);
+Deprecated:
+
+ # if OPENSSL_API_COMPAT < 0x10100000L
+ #  define OPENSSL_add_all_algorithms_conf() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+                         | OPENSSL_INIT_ADD_ALL_DIGESTS \
+                         | OPENSSL_INIT_LOAD_CONFIG, NULL)
+ #  define OPENSSL_add_all_algorithms_noconf() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+                         | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+ #  ifdef OPENSSL_LOAD_CONF
+ #   define OpenSSL_add_all_algorithms() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+                         | OPENSSL_INIT_ADD_ALL_DIGESTS \
+                         | OPENSSL_INIT_LOAD_CONFIG, NULL)
+ #  else
+ #   define OpenSSL_add_all_algorithms() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+                         | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+ #  endif
+
+ #  define OpenSSL_add_all_ciphers() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL)
+ #  define OpenSSL_add_all_digests() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+ #  define EVP_cleanup()
+# endif
 
 =head1 DESCRIPTION
 
 OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
-this table to lookup ciphers via functions such as EVP_get_cipher_byname().
+this table to lookup ciphers via functions such as EVP_get_cipher_byname(). In
+OpenSSL versions prior to 1.1.0 these functions initialised and de-initialised
+this table. From OpenSSL 1.1.0 are deprecated. No explicit initialisation or
+de-initialisation is required. See L<OPENSSL_init_crypto(3)> for further
+information.
 
 OpenSSL_add_all_digests() adds all digest algorithms to the table.
 
@@ -28,7 +56,8 @@ ciphers).
 OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
 password based encryption algorithms.
 
-EVP_cleanup() removes all ciphers and digests from the table.
+In versions prior to 1.1.0 EVP_cleanup() removed all ciphers and digests from
+the table. It no longer has any effect in OpenSSL 1.1.0.
 
 =head1 RETURN VALUES
 
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 25a3e6f937..2cf6f14130 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -888,11 +888,11 @@ const EVP_CIPHER *EVP_seed_ofb(void);
 # endif
 
 # if OPENSSL_API_COMPAT < 0x10100000L
-#   define OPENSSL_add_all_algorithms_conf() \
+#  define OPENSSL_add_all_algorithms_conf() \
     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
                         | OPENSSL_INIT_ADD_ALL_DIGESTS \
                         | OPENSSL_INIT_LOAD_CONFIG, NULL)
-#   define OPENSSL_add_all_algorithms_noconf() \
+#  define OPENSSL_add_all_algorithms_noconf() \
     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
                         | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
 
@@ -907,10 +907,12 @@ const EVP_CIPHER *EVP_seed_ofb(void);
                         | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
 #  endif
 
-#   define OpenSSL_add_all_ciphers() \
+#  define OpenSSL_add_all_ciphers() \
     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL)
-#   define OpenSSL_add_all_digests() \
+#  define OpenSSL_add_all_digests() \
     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+#  define EVP_cleanup()
 # endif
 
 int EVP_add_cipher(const EVP_CIPHER *cipher);
@@ -918,7 +920,6 @@ int EVP_add_digest(const EVP_MD *digest);
 
 const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
 const EVP_MD *EVP_get_digestbyname(const char *name);
-void EVP_cleanup(void);
 
 void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
                                    const char *from, const char *to, void *x),
-- 
2.34.1