From 0218bcdd3feab456135207c140998305df73ab7b Mon Sep 17 00:00:00 2001 From: Pauli Date: Wed, 23 Jun 2021 09:46:42 +1000 Subject: [PATCH] doc: Document that the OBJ creation functions don't lock. Neither OBJ_create() nor OBJ_add_sigid() use locks. They are not thread safe. They can and will cause the other OBJ_ query functions to fail in mysterious ways if called concurrently with them. There is no problem calling multiple query functions concurrently. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/15865) --- doc/man3/OBJ_nid2obj.pod | 4 ++++ doc/man7/provider-base.pod | 2 ++ 2 files changed, 6 insertions(+) diff --git a/doc/man3/OBJ_nid2obj.pod b/doc/man3/OBJ_nid2obj.pod index 4f35e8b2684..58fc94f6dd9 100644 --- a/doc/man3/OBJ_nid2obj.pod +++ b/doc/man3/OBJ_nid2obj.pod @@ -181,6 +181,10 @@ Instead I must point to a valid buffer and I should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice. +Neither OBJ_create() nor OBJ_add_sigid() do any locking and are thus not +thread safe. Moreover, none of the other functions should be called while +concurrent calls to these two functions are possible. + =head1 SEE ALSO L diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod index 0eb2f5d243b..5812ece7f8d 100644 --- a/doc/man7/provider-base.pod +++ b/doc/man7/provider-base.pod @@ -264,6 +264,7 @@ It will treat as success the case where the OID already exists (even if the short name I or long name I provided as arguments differ from those associated with the existing OID, in which case the new names are not associated). +This function is not thread safe. The core_obj_add_sigid() function registers a new composite signature algorithm (I) consisting of an underlying signature algorithm (I) @@ -277,6 +278,7 @@ to identify the object. It will treat as success the case where the composite signature algorithm already exists (even if registered against a different underlying signature or digest algorithm). It returns 1 on success or 0 on failure. +This function is not thread safe. CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_memdup(), CRYPTO_strdup(), CRYPTO_strndup(), CRYPTO_free(), CRYPTO_clear_free(), -- 2.47.3