Deprecate OBJ_cleanup() and make it a no-op

OBJ_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

apps/asn1pars.c

@@ -327,7 +327,6 @@ int asn1parse_main(int argc, char **argv)
         OPENSSL_free(str);
     ASN1_TYPE_free(at);
     sk_OPENSSL_STRING_free(osk);
-    OBJ_cleanup();
     return (ret);
 }
 

apps/ca.c

@@ -1307,7 +1307,6 @@ end_of_options:
     X509_CRL_free(crl);
     NCONF_free(conf);
     NCONF_free(extconf);
-    OBJ_cleanup();
     return (ret);
 }
 

apps/req.c

@@ -867,7 +867,6 @@ int req_main(int argc, char **argv)
         OPENSSL_free(passin);
     if (passout != nofree_passout)
         OPENSSL_free(passout);
-    OBJ_cleanup();
     return (ret);
 }
 

apps/srp.c

@@ -653,7 +653,6 @@ int srp_main(int argc, char **argv)
         app_RAND_write_file(randfile);
     NCONF_free(conf);
     free_index(db);
-    OBJ_cleanup();
     return (ret);
 }
 #endif

apps/ts.c

@@ -383,7 +383,6 @@ int ts_main(int argc, char **argv)
     app_RAND_write_file(NULL);
     NCONF_free(conf);
     OPENSSL_free(password);
-    OBJ_cleanup();
     return (ret);
 }
 

apps/x509.c

@@ -919,7 +919,6 @@ int x509_main(int argc, char **argv)
  end:
     if (need_rand)
         app_RAND_write_file(NULL);
-    OBJ_cleanup();
     NCONF_free(extconf);
     BIO_free_all(out);
     X509_STORE_free(ctx);

crypto/asn1/asn_moid.c

@@ -63,6 +63,7 @@
 #include <openssl/conf.h>
 #include <openssl/x509.h>
 #include "internal/asn1_int.h"
+#include "internal/objects.h"
 
 /* Simple ASN1 OID module: add all objects in a given section */
 
@@ -92,7 +93,7 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
 
 static void oid_module_finish(CONF_IMODULE *md)
 {
-    OBJ_cleanup();
+    obj_cleanup_intern();
 }
 
 void ASN1_add_oid_module(void)

crypto/evp/names.c

@@ -58,7 +58,7 @@
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/evp.h>
-#include <openssl/objects.h>
+#include <internal/objects.h>
 #include <openssl/x509.h>
 #include "internal/evp_int.h"
 
@@ -142,7 +142,7 @@ void evp_cleanup_intern(void)
     EVP_PBE_cleanup();
     if (obj_cleanup_defer == 2) {
         obj_cleanup_defer = 0;
-        OBJ_cleanup();
+        obj_cleanup_intern();
     }
     OBJ_sigid_free();
 }

crypto/include/internal/objects.h

@@ -0,0 +1,11 @@
+/*
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * https://www.openssl.org/source/license.html
+ * or in the file LICENSE in the source distribution.
+ */
+
+#include <openssl/objects.h>
+
+void obj_cleanup_intern(void);

crypto/init.c

@@ -67,6 +67,7 @@
 #include <internal/engine.h>
 #include <internal/comp.h>
 #include <internal/err.h>
+#include <internal/objects.h>
 #include <stdlib.h>
 #include <assert.h>
 
@@ -468,7 +469,7 @@ void OPENSSL_cleanup(void)
     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
                     "evp_cleanup_intern()\n");
     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
-                    "OBJ_cleanup()\n");
+                    "obj_cleanup_intern()\n");
 #endif
     /*
      * Note that cleanup order is important:
@@ -489,7 +490,7 @@ void OPENSSL_cleanup(void)
     bio_sock_cleanup_intern();
 #endif
     evp_cleanup_intern();
-    OBJ_cleanup();
+    obj_cleanup_intern();
     base_inited = 0;
 }
 

crypto/objects/obj_dat.c

@@ -61,7 +61,7 @@
 #include "internal/cryptlib.h"
 #include <openssl/lhash.h>
 #include <openssl/asn1.h>
-#include <openssl/objects.h>
+#include "internal/objects.h"
 #include <openssl/bn.h>
 #include "internal/asn1_int.h"
 #include "obj_lcl.h"
@@ -210,7 +210,7 @@ void check_defer(int nid)
         obj_cleanup_defer = 1;
 }
 
-void OBJ_cleanup(void)
+void obj_cleanup_intern(void)
 {
     if (obj_cleanup_defer) {
         obj_cleanup_defer = 2;

doc/crypto/OBJ_nid2obj.pod

@@ -27,11 +27,16 @@ functions
  ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
 
  int OBJ_create(const char *oid,const char *sn,const char *ln);
- void OBJ_cleanup(void);
 
  size_t OBJ_length(const ASN1_OBJECT *obj);
  const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);
 
+Deprecated:
+
+ #if OPENSSL_API_COMPAT < 0x10100000L
+ # define OBJ_cleanup()
+ #endif
+
 =head1 DESCRIPTION
 
 The ASN1 object utility functions process ASN1_OBJECT structures which are
@@ -69,15 +74,17 @@ OBJ_create() adds a new object to the internal table. B<oid> is the
 numerical form of the object, B<sn> the short name and B<ln> the
 long name. A new NID is returned for the created object.
 
-OBJ_cleanup() cleans up OpenSSLs internal object table: this should
-be called before an application exits if any new objects were added
-using OBJ_create().
-
 OBJ_length() returns the size of the content octets of B<obj>.
 
 OBJ_get0_data() returns a pointer to the content octets of B<obj>.
 The returned pointer is an internal pointer which B<must not> be freed.
 
+In OpenSSL versions prior to 1.1.0 OBJ_cleanup() cleaned up OpenSSLs internal
+object table and was called before an application exits if any new objects were
+added using OBJ_create(). This function is deprecated in version 1.1.0 and now
+does nothing if called. No explicit de-initialisation is now required. See
+L<OPENSSL_init_crypto(3)> for further information.
+
 =head1 NOTES
 
 Objects in OpenSSL can have a short name, a long name and a numerical
@@ -160,6 +167,6 @@ L<ERR_get_error(3)>
 
 =head1 HISTORY
 
-TBA
+OBJ_cleanup() was deprecated in OpenSSL 1.1.0.
 
 =cut

include/openssl/objects.h

@@ -1103,7 +1103,9 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
 int OBJ_new_nid(int num);
 int OBJ_add_object(const ASN1_OBJECT *obj);
 int OBJ_create(const char *oid, const char *sn, const char *ln);
-void OBJ_cleanup(void);
+#if OPENSSL_API_COMPAT < 0x10100000L
+# define OBJ_cleanup()
+#endif
 int OBJ_create_objects(BIO *in);
 
 size_t OBJ_length(const ASN1_OBJECT *obj);