3 files changed, 87 insertions, 318 deletions

diff --git a/src/lib/libcrypto/man/CRYPTO_set_locking_callback.3 b/src/lib/libcrypto/man/CRYPTO_set_locking_callback.3
index c00fb75dc2..d6676819ef 100644
--- a/src/lib/libcrypto/man/CRYPTO_set_locking_callback.3
+++ b/src/lib/libcrypto/man/CRYPTO_set_locking_callback.3
@@ -1,110 +1,37 @@
-.\"     $OpenBSD: CRYPTO_set_locking_callback.3,v 1.10 2018/03/27 17:35:50 schwarze Exp $
+.\"     $OpenBSD: CRYPTO_set_locking_callback.3,v 1.11 2019/03/10 14:50:05 schwarze Exp $
 .\"     OpenSSL doc/crypto/threads.pod fb552ac6 Sep 30 23:43:01 2009 +0000
 .\"
-.\" This file was written by Ulf Moeller <ulf@openssl.org>,
-.\" Richard Levitte <levitte@openssl.org>, Bodo Moeller <bodo@openssl.org>,
-.\" and Geoff Thorpe <geoff@openssl.org>.
-.\" Copyright (c) 2000, 2001, 2005, 2006, 2008, 2009 The OpenSSL Project.
-.\" All rights reserved.
+.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
 .\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
 .\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in
-.\"    the documentation and/or other materials provided with the
-.\"    distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\"    software must display the following acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\"    endorse or promote products derived from this software without
-.\"    prior written permission. For written permission, please contact
-.\"    openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\"    nor may "OpenSSL" appear in their names without prior written
-.\"    permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\"    acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: March 27 2018 $
+.Dd $Mdocdate: March 10 2019 $
 .Dt CRYPTO_SET_LOCKING_CALLBACK 3
 .Os
 .Sh NAME
-.Nm CRYPTO_THREADID_set_numeric ,
-.Nm CRYPTO_THREADID_set_pointer ,
-.Nm CRYPTO_THREADID_set_callback ,
-.Nm CRYPTO_THREADID_get_callback ,
 .Nm CRYPTO_THREADID_current ,
 .Nm CRYPTO_THREADID_cmp ,
 .Nm CRYPTO_THREADID_cpy ,
 .Nm CRYPTO_THREADID_hash ,
-.Nm CRYPTO_num_locks ,
-.Nm CRYPTO_set_dynlock_create_callback ,
-.Nm CRYPTO_set_dynlock_lock_callback ,
-.Nm CRYPTO_set_dynlock_destroy_callback ,
-.Nm CRYPTO_get_new_dynlockid ,
-.Nm CRYPTO_destroy_dynlockid ,
 .Nm CRYPTO_lock ,
 .Nm CRYPTO_w_lock ,
 .Nm CRYPTO_w_unlock ,
 .Nm CRYPTO_r_lock ,
 .Nm CRYPTO_r_unlock ,
 .Nm CRYPTO_add
-.Nd OpenSSL thread support
+.Nd thread support
 .Sh SYNOPSIS
 .In openssl/crypto.h
-.Bd -literal
-/* Don't use this structure directly. */
-typedef struct crypto_threadid_st {
-        void *ptr;
-        unsigned long val;
-} CRYPTO_THREADID;
-/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
-.Ed
-.Pp
-.Ft void
-.Fo CRYPTO_THREADID_set_numeric
-.Fa "CRYPTO_THREADID *id"
-.Fa "unsigned long val"
-.Fc
-.Ft void
-.Fo CRYPTO_THREADID_set_pointer
-.Fa "CRYPTO_THREADID *id"
-.Fa "void *ptr"
-.Fc
-.Ft int
-.Fo CRYPTO_THREADID_set_callback
-.Fa "void (*threadid_func)(CRYPTO_THREADID *)"
-.Fc
-.Ft void
-.Fo "(*CRYPTO_THREADID_get_callback(void))"
-.Fa "CRYPTO_THREADID *"
-.Fc
 .Ft void
 .Fo CRYPTO_THREADID_current
 .Fa "CRYPTO_THREADID *id"
@@ -123,45 +50,19 @@ typedef struct crypto_threadid_st {
 .Fo CRYPTO_THREADID_hash
 .Fa "const CRYPTO_THREADID *id"
 .Fc
-.Ft int
-.Fo CRYPTO_num_locks
-.Fa void
-.Fc
-.Bd -literal
-/* struct CRYPTO_dynlock_value needs to be defined by the user */
-struct CRYPTO_dynlock_value;
-.Ed
-.Pp
-.Ft void
-.Fo CRYPTO_set_dynlock_create_callback
-.Fa "struct CRYPTO_dynlock_value *"
-.Fa "(*dyn_create_function)(char *file, int line)"
-.Fc
-.Ft void
-.Fo CRYPTO_set_dynlock_lock_callback
-.Fa "void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l,\
- const char *file, int line)"
-.Fc
-.Ft void
-.Fo CRYPTO_set_dynlock_destroy_callback
-.Fa "void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l,\
- const char *file, int line)"
-.Fc
-.Ft int
-.Fo CRYPTO_get_new_dynlockid
-.Fa void
-.Fc
-.Ft void
-.Fo CRYPTO_destroy_dynlockid
-.Fa "int i"
-.Fc
 .Ft void
 .Fo CRYPTO_lock
 .Fa "int mode"
-.Fa "int n"
+.Fa "int type"
 .Fa "const char *file"
 .Fa "int line"
 .Fc
+.Ft int
+.Fo CRYPTO_add
+.Fa "int *p"
+.Fa "int amount"
+.Fa "int type"
+.Fc
 .Bd -literal
 #define CRYPTO_w_lock(type) \e
         CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE, type, __FILE__, __LINE__)
@@ -171,200 +72,89 @@ struct CRYPTO_dynlock_value;
         CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ, type, __FILE__, __LINE__)
 #define CRYPTO_r_unlock(type) \e
         CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ, type, __FILE__, __LINE__)
-#define CRYPTO_add(addr,amount,type) \e
-        CRYPTO_add_lock(addr, amount, type, __FILE__, __LINE__)
 .Ed
 .Sh DESCRIPTION
-OpenSSL can safely be used in multi-threaded applications provided that
-at least two callback functions are set,
-.Fn locking_function
-and
-.Fn threadid_func .
-.Pp
-.Fo locking_function
-.Fa "int mode"
-.Fa "int n"
-.Fa "const char *file"
-.Fa "int line"
-.Fc
-is needed to perform locking on shared data structures.
-Note that OpenSSL uses a number of global data structures that will be
-implicitly shared whenever multiple threads use OpenSSL.
-Multi-threaded applications will crash at random if it is not set.
-.Pp
-.Fn locking_function
-must be able to handle up to
-.Fn CRYPTO_num_locks
-different mutex locks.
-It sets the
-.Fa n Ns -th
-lock if
-.Fa mode
-includes
-.Dv CRYPTO_LOCK ,
-and releases it otherwise.
+These functions are obsolete.
 .Pp
-.Fa file
-and
-.Fa line
-are the file number of the function setting the lock.
-They can be useful for debugging.
-.Pp
-.Fo threadid_func
-.Fa "CRYPTO_THREADID *id"
-.Fc
-is needed to record the currently-executing thread's identifier into
+.Fn CRYPTO_THREADID_current
+stores a unique identifier of the currently executing thread
+into the opaque object
 .Fa id .
-The implementation of this callback should not fill in
-.Fa id
-directly, but should use
-.Fn CRYPTO_THREADID_set_numeric
-if thread IDs are numeric, or
-.Fn CRYPTO_THREADID_set_pointer
-if they are pointer-based.
-If the application does not register such a callback using
-.Fn CRYPTO_THREADID_set_callback ,
-then a default implementation is used - on Windows and BeOS this uses
-the system's default thread identifying APIs, and on all other platforms
-it uses the address of
-.Va errno .
-The latter is satisfactory for thread-safety if and only if the platform
-has a thread-local error number facility.
 .Pp
-Once
-.Fn threadid_func
-is registered, or if the built-in default implementation is to be used,
-.Bl -bullet
-.It
-.Fn CRYPTO_THREADID_current
-records the currently-executing thread ID into the given
-.Fa id
-object.
-.It
-.Fn CRYPTO_THREADID_cmp
-compares two thread IDs (returning zero for equality, i.e. the same
-semantics as
-.Xr memcmp 3 ) .
-.It
 .Fn CRYPTO_THREADID_cpy
-duplicates a thread ID value.
-.It
-.Fn CRYPTO_THREADID_hash
-returns a numeric value usable as a hash-table key.
-This is usually the exact numeric or pointer-based thread ID used
-internally, however this also handles the unusual case where pointers
-are larger than
-.Vt long
-variables and the platform's thread IDs are pointer-based \(em in
-this case, mixing is done to attempt to produce a unique numeric
-value even though it is not as wide as the platform's true thread
-IDs.
-.El
-.Pp
-Additionally, OpenSSL supports dynamic locks and, sometimes, some parts
-of OpenSSL need it for better performance.
-To enable this, the following is required:
-.Bl -bullet
-.It
-Three additional callback functions,
-.Fn dyn_create_function ,
-.Fn dyn_lock_function ,
-and
-.Fn dyn_destroy_function .
-.It
-A structure defined with the data that each lock needs to handle.
-.El
-.Pp
-.Vt struct CRYPTO_dynlock_value
-has to be defined to contain whatever structure is needed to handle locks.
-.Pp
-.Fo dyn_create_function
-.Fa "const char *file"
-.Fa "int line"
-.Fc
-is needed to create a lock.
-Multi-threaded applications might crash at random if it is not set.
-.Pp
-.Fo dyn_lock_function
-.Fa "int mode"
-.Fa "CRYPTO_dynlock *l"
-.Fa "const char *file"
-.Fa "int line"
-.Fc
-is needed to perform locking off dynamic lock numbered n.
-Multi-threaded applications might crash at random if it is not set.
-.Pp
-.Fo dyn_destroy_function
-.Fa "CRYPTO_dynlock *l"
-.Fa "const char *file"
-.Fa "int line"
-.Fc
-is needed to destroy the lock
-.Fa l .
-Multi-threaded applications might crash at random if it is not set.
-.Pp
-.Fn CRYPTO_get_new_dynlockid
-is used to create locks.
-It will call
-.Fn dyn_create_function
-for the actual creation.
-.Pp
-.Fn CRYPTO_destroy_dynlockid
-is used to destroy locks.
-It will call
-.Fn dyn_destroy_function
-for the actual destruction.
+copies the contents of
+.Fa src
+to
+.Fa dest .
 .Pp
 .Fn CRYPTO_lock
-is used to lock and unlock the locks.
+locks or unlocks a mutex lock.
+.Pp
 .Fa mode
 is a bitfield describing what should be done with the lock.
-.Fa n
-is the number of the lock as returned from
-.Fn CRYPTO_get_new_dynlockid .
-.Fa mode
-can be combined from the following values.
-These values are pairwise exclusive, with undefined behaviour if misused
-(for example,
+For each call, either
+.Dv CRYPTO_LOCK
+or
+.Dv CRYPTO_UNLOCK
+must be included.
+In the LibreSSL implementation,
 .Dv CRYPTO_READ
 and
 .Dv CRYPTO_WRITE
-should not be used together):
-.Bd -literal -offset indent
-CRYPTO_LOCK     0x01
-CRYPTO_UNLOCK   0x02
-CRYPTO_READ     0x04
-CRYPTO_WRITE    0x08
-.Ed
+are ignored.
+.Pp
+.Fa type
+is a number in the range 0 <=
+.Fa type No < Dv CRYPTO_NUM_LOCKS
+identifying a particular lock.
+Currently, the value of
+.Dv CRYPTO_NUM_LOCKS
+is 41.
+.Pp
+The
+.Ar file
+and
+.Ar line
+arguments are ignored.
 .Pp
-You can find out if OpenSSL was configured with thread support:
-.Bd -literal -offset indent
-#define OPENSSL_THREAD_DEFINES
-#include <openssl/opensslconf.h>
-#if defined(OPENSSL_THREADS)
-        /* thread support enabled */
-#else
-        /* no thread support */
-#endif
-.Ed
+In the LibreSSL implementation,
+.Fn CRYPTO_lock
+is a wrapper around
+.Xr pthread_mutex_lock 3
+and
+.Xr pthread_mutex_unlock 3 .
 .Pp
-Also, dynamic locks are currently not used internally by OpenSSL, but
-may do so in the future.
+.Fn CRYPTO_add
+locks the lock number
+.Fa type ,
+adds
+.Fa amount
+to
+.Pf * Fa p ,
+and unlocks the lock number
+.Fa type
+again.
 .Sh RETURN VALUES
-.Fn CRYPTO_num_locks
-returns the required number of locks.
+.Fn CRYPTO_THREADID_cmp
+returns 0 if
+.Fa a
+and
+.Fa b
+refer to the same thread or a non-zero value otherwise.
 .Pp
-.Fn CRYPTO_get_new_dynlockid
-returns the index to the newly created lock.
+.Fn CRYPTO_THREADID_hash
+returns a numeric value usable as a hash-table key.
+In the LibreSSL implementation, it is the value returned from
+.Xr pthread_self 3
+for the thread
+.Fa id .
 .Pp
-The other functions return no values.
-.Sh EXAMPLES
-.Pa crypto/threads/mttest.c
-shows examples of the callback functions on Solaris, Irix and Win32.
+.Fn CRYPTO_add
+returns the new value of
+.Pf * Fa p .
 .Sh SEE ALSO
 .Xr crypto 3
 .Sh HISTORY
-.Fn CRYPTO_set_locking_callback ,
 .Fn CRYPTO_lock ,
 .Fn CRYPTO_w_lock ,
 .Fn CRYPTO_w_unlock ,
@@ -377,23 +167,6 @@ first appeared in SSLeay 0.6.2.
 These functions have been available since
 .Ox 2.4 .
 .Pp
-.Fn CRYPTO_num_locks
-first appeared in OpenSSL 0.9.4 and have been available since
-.Ox 2.6 .
-.Pp
-.Fn CRYPTO_set_dynlock_create_callback ,
-.Fn CRYPTO_set_dynlock_lock_callback ,
-.Fn CRYPTO_set_dynlock_destroy_callback ,
-.Fn CRYPTO_get_new_dynlockid ,
-and
-.Fn CRYPTO_destroy_dynlockid
-first appeared in OpenSSL 0.9.6 and have been available since
-.Ox 2.9 .
-.Pp
-.Fn CRYPTO_THREADID_set_numeric ,
-.Fn CRYPTO_THREADID_set_pointer ,
-.Fn CRYPTO_THREADID_set_callback ,
-.Fn CRYPTO_THREADID_get_callback ,
 .Fn CRYPTO_THREADID_current ,
 .Fn CRYPTO_THREADID_cmp ,
 .Fn CRYPTO_THREADID_cpy ,
diff --git a/src/lib/libcrypto/man/ERR.3 b/src/lib/libcrypto/man/ERR.3
index 973ba2713a..63787f1fa5 100644
--- a/src/lib/libcrypto/man/ERR.3
+++ b/src/lib/libcrypto/man/ERR.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ERR.3,v 1.5 2016/11/23 17:54:15 schwarze Exp $
+.\"     $OpenBSD: ERR.3,v 1.6 2019/03/10 14:50:05 schwarze Exp $
 .\"     OpenSSL 186bb907 Apr 13 11:05:13 2015 -0700
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org> and
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 23 2016 $
+.Dd $Mdocdate: March 10 2019 $
 .Dt ERR 3
 .Os
 .Sh NAME
@@ -200,7 +200,6 @@ The hash tables can be obtained by calling
 and
 .Fn ERR_get_string_table .
 .Sh SEE ALSO
-.Xr CRYPTO_set_locking_callback 3 ,
 .Xr ERR_clear_error 3 ,
 .Xr ERR_error_string 3 ,
 .Xr ERR_get_error 3 ,
diff --git a/src/lib/libcrypto/man/crypto.3 b/src/lib/libcrypto/man/crypto.3
index cbc8f1169c..3a009ed32c 100644
--- a/src/lib/libcrypto/man/crypto.3
+++ b/src/lib/libcrypto/man/crypto.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: crypto.3,v 1.18 2018/02/27 20:43:41 schwarze Exp $
+.\"     $OpenBSD: crypto.3,v 1.19 2019/03/10 14:50:05 schwarze Exp $
 .\"     OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org> and
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 27 2018 $
+.Dd $Mdocdate: March 10 2019 $
 .Dt CRYPTO 3
 .Os
 .Sh NAME
@@ -116,9 +116,6 @@ configuration file handling: see
 error reporting: see
 .Xr ERR 3
 .It
-thread support: see
-.Xr CRYPTO_set_locking_callback 3
-.It
 .Xr OCSP_REQUEST_new 3
 .El
 .Pp