Deprecate SSL_library_init.
It just calls CRYPTO_library_init and doesn't do anything else. If
anything, I'd like to make CRYPTO_library_init completely go away too.
We have CRYPTO_once now, so I think it's safe to assume that, if ssl/
ever grows initialization needs beyond that of crypto/, we can hide it
behind a CRYPTO_once and not burden callers.
Change-Id: I63dc362e0e9e98deec5516f4620d1672151a91b6
Reviewed-on: https://boringssl-review.googlesource.com/6311
Reviewed-by: Adam Langley <alangley@gmail.com>
diff --git a/PORTING.md b/PORTING.md
index 04b28fa..cf84115 100644
--- a/PORTING.md
+++ b/PORTING.md
@@ -149,10 +149,10 @@
strings and loading algorithms, etc. All of these functions still exist in
BoringSSL for convenience, but they do nothing and are not necessary.
-The one exception is `CRYPTO_library_init` (and `SSL_library_init` which merely
-calls it). In `BORINGSSL_NO_STATIC_INITIALIZER` builds, it must be called to
-query CPU capabitilies before the rest of the library. In the default
-configuration, this is done with a static initializer and is also unnecessary.
+The one exception is `CRYPTO_library_init`. In `BORINGSSL_NO_STATIC_INITIALIZER`
+builds, it must be called to query CPU capabitilies before the rest of the
+library. In the default configuration, this is done with a static initializer
+and is also unnecessary.
### Threading
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index af88094..11b757e 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -174,12 +174,6 @@
/* SSL implementation. */
-/* Initialization. */
-
-/* SSL_library_init initializes the crypto and SSL libraries and returns one. */
-OPENSSL_EXPORT int SSL_library_init(void);
-
-
/* SSL contexts.
*
* |SSL_CTX| objects manage shared state and configuration between multiple TLS
@@ -2859,6 +2853,9 @@
/* Deprecated functions. */
+/* SSL_library_init calls |CRYPTO_library_init| and returns one. */
+OPENSSL_EXPORT int SSL_library_init(void);
+
/* SSL_set_reject_peer_renegotiations calls |SSL_set_renegotiate_mode| with
* |ssl_never_renegotiate| if |reject| is one and |ssl_renegotiate_freely| if
* zero. */
diff --git a/ssl/pqueue/pqueue_test.c b/ssl/pqueue/pqueue_test.c
index 5a68fc4..f76e4a3 100644
--- a/ssl/pqueue/pqueue_test.c
+++ b/ssl/pqueue/pqueue_test.c
@@ -15,6 +15,7 @@
#include <stdio.h>
#include <string.h>
+#include <openssl/crypto.h>
#include <openssl/pqueue.h>
#include <openssl/ssl.h>
@@ -117,7 +118,7 @@
}
int main(void) {
- SSL_library_init();
+ CRYPTO_library_init();
if (!trivial() || !fixed_random()) {
return 1;
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 810d3fa..875fac8 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -20,6 +20,7 @@
#include <openssl/base64.h>
#include <openssl/bio.h>
+#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
@@ -819,7 +820,7 @@
}
int main() {
- SSL_library_init();
+ CRYPTO_library_init();
if (!TestCipherRules() ||
!TestSSL_SESSIONEncoding(kOpenSSLSession) ||
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
index 87f713f..a133d09 100644
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@@ -39,6 +39,7 @@
#include <openssl/buf.h>
#include <openssl/bytestring.h>
#include <openssl/cipher.h>
+#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/hmac.h>
#include <openssl/rand.h>
@@ -1364,9 +1365,7 @@
signal(SIGPIPE, SIG_IGN);
#endif
- if (!SSL_library_init()) {
- return 1;
- }
+ CRYPTO_library_init();
g_config_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
g_state_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, TestStateExFree);
if (g_config_index < 0 || g_state_index < 0) {
diff --git a/tool/tool.cc b/tool/tool.cc
index e4d5201..f67f0c7 100644
--- a/tool/tool.cc
+++ b/tool/tool.cc
@@ -15,6 +15,7 @@
#include <string>
#include <vector>
+#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
@@ -109,7 +110,7 @@
}
#endif
- SSL_library_init();
+ CRYPTO_library_init();
int starting_arg = 1;
tool_func_t tool = nullptr;