Deprecate EVP_cleanup() and make it a no-op

EVP_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

crypto/evp/names.c

@@ -128,7 +128,7 @@ const EVP_MD *EVP_get_digestbyname(const char *name)
     return (cp);
 }
 
-void EVP_cleanup(void)
+void evp_cleanup_intern(void)
 {
     OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
     OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);

crypto/include/internal/evp_int.h

@@ -422,3 +422,4 @@ struct evp_pkey_st {
 
 void openssl_add_all_ciphers_internal(void);
 void openssl_add_all_digests_internal(void);
+void evp_cleanup_intern(void);

crypto/init.c

@@ -466,7 +466,7 @@ void OPENSSL_cleanup(void)
     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
                     "bio_sock_cleanup_intern()\n");
     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
-                    "EVP_cleanup()\n");
+                    "evp_cleanup_intern()\n");
     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
                     "OBJ_cleanup()\n");
 #endif
@@ -488,7 +488,7 @@ void OPENSSL_cleanup(void)
 #ifndef OPENSSL_NO_SOCK
     bio_sock_cleanup_intern();
 #endif
-    EVP_cleanup();
+    evp_cleanup_intern();
     OBJ_cleanup();
     base_inited = 0;
 }

crypto/objects/obj_dat.c

@@ -199,8 +199,8 @@ static void cleanup3_doall(ADDED_OBJ *a)
 }
 
 /*
- * The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting to
+ * The purpose of obj_cleanup_defer is to avoid evp_cleanup_intern() attempting
- * use freed up OIDs. If necessary the actual freeing up of OIDs is delayed.
+ * to use freed up OIDs. If necessary the actual freeing up of OIDs is delayed.
  */
 int obj_cleanup_defer = 0;
 

doc/crypto/EVP_DigestInit.pod

@@ -236,8 +236,6 @@ digest name passed on the command line.
  	printf("%02x", md_value[i]);
  printf("\n");
 
- /* Call this once before exit. */
- EVP_cleanup();
  exit(0);
  }
 

doc/crypto/OpenSSL_add_all_algorithms.pod

@@ -9,16 +9,44 @@ add algorithms to internal table
 
  #include <openssl/evp.h>
 
- void OpenSSL_add_all_algorithms(void);
+Deprecated:
- void OpenSSL_add_all_ciphers(void);
- void OpenSSL_add_all_digests(void);
 
- void EVP_cleanup(void);
+ # if OPENSSL_API_COMPAT < 0x10100000L
+ #  define OPENSSL_add_all_algorithms_conf() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+                         | OPENSSL_INIT_ADD_ALL_DIGESTS \
+                         | OPENSSL_INIT_LOAD_CONFIG, NULL)
+ #  define OPENSSL_add_all_algorithms_noconf() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+                         | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+ #  ifdef OPENSSL_LOAD_CONF
+ #   define OpenSSL_add_all_algorithms() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+                         | OPENSSL_INIT_ADD_ALL_DIGESTS \
+                         | OPENSSL_INIT_LOAD_CONFIG, NULL)
+ #  else
+ #   define OpenSSL_add_all_algorithms() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+                         | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+ #  endif
+
+ #  define OpenSSL_add_all_ciphers() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL)
+ #  define OpenSSL_add_all_digests() \
+     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+ #  define EVP_cleanup()
+# endif
 
 =head1 DESCRIPTION
 
 OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
-this table to lookup ciphers via functions such as EVP_get_cipher_byname().
+this table to lookup ciphers via functions such as EVP_get_cipher_byname(). In
+OpenSSL versions prior to 1.1.0 these functions initialised and de-initialised
+this table. From OpenSSL 1.1.0 are deprecated. No explicit initialisation or
+de-initialisation is required. See L<OPENSSL_init_crypto(3)> for further
+information.
 
 OpenSSL_add_all_digests() adds all digest algorithms to the table.
 
@@ -28,7 +56,8 @@ ciphers).
 OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
 password based encryption algorithms.
 
-EVP_cleanup() removes all ciphers and digests from the table.
+In versions prior to 1.1.0 EVP_cleanup() removed all ciphers and digests from
+the table. It no longer has any effect in OpenSSL 1.1.0.
 
 =head1 RETURN VALUES
 

include/openssl/evp.h

@@ -888,11 +888,11 @@ const EVP_CIPHER *EVP_seed_ofb(void);
 # endif
 
 # if OPENSSL_API_COMPAT < 0x10100000L
-#   define OPENSSL_add_all_algorithms_conf() \
+#  define OPENSSL_add_all_algorithms_conf() \
     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
                         | OPENSSL_INIT_ADD_ALL_DIGESTS \
                         | OPENSSL_INIT_LOAD_CONFIG, NULL)
-#   define OPENSSL_add_all_algorithms_noconf() \
+#  define OPENSSL_add_all_algorithms_noconf() \
     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
                         | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
 
@@ -907,10 +907,12 @@ const EVP_CIPHER *EVP_seed_ofb(void);
                         | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
 #  endif
 
-#   define OpenSSL_add_all_ciphers() \
+#  define OpenSSL_add_all_ciphers() \
     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL)
-#   define OpenSSL_add_all_digests() \
+#  define OpenSSL_add_all_digests() \
     OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+#  define EVP_cleanup()
 # endif
 
 int EVP_add_cipher(const EVP_CIPHER *cipher);
@@ -918,7 +920,6 @@ int EVP_add_digest(const EVP_MD *digest);
 
 const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
 const EVP_MD *EVP_get_digestbyname(const char *name);
-void EVP_cleanup(void);
 
 void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
                                    const char *from, const char *to, void *x),