Bug 657 - libunbound(3) recommends deprecated CRYPTO_set_id_callback
libunbound(3) recommends deprecated CRYPTO_set_id_callback
Status: RESOLVED FIXED
Product: unbound
Classification: Unclassified
Component: server
1.5.3
x86_64 Linux
: P5 enhancement
Assigned To: unbound team
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-03-24 23:48 CET by Daniel Kahn Gillmor
Modified: 2015-03-25 09:07 CET (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Kahn Gillmor 2015-03-24 23:48:23 CET
(this is from unbound 1.5.3, which isn't listed in the version dropdown above).

libunbound(3) recommends openssl's deprecated CRYPTO_set_id_callback().  It should recommend CRYPTO_THREADID_set_callback instead, at least when building against OpenSSL 1.0.0 or later.

Background:

libunbound(3) says:

FUNCTIONS
       ub_ctx_create
              Create  a  new context, initialised with defaults.  The informa‐
              tion from /etc/resolv.conf and /etc/hosts  is  not  utilised  by
              default.  Use  ub_ctx_resolvconf  and ub_ctx_hosts to read them.
              Before   you   call   this,   use    the    openssl    functions
              CRYPTO_set_id_callback and CRYPTO_set_locking_callback to set up
              asyncronous operation if you use lib  openssl  (the  application
              calls these functions once for initialisation).

But CRYPTO_set_locking_callback(3ssl) says:
 
       CRYPTO_set_locking_callback() is available in all versions of SSLeay
       and OpenSSL.  CRYPTO_num_locks() was added in OpenSSL 0.9.4.  All
       functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
       CRYPTO_THREADID and associated functions were introduced in OpenSSL
       1.0.0 to replace (actually, deprecate) the previous
       CRYPTO_set_id_callback(), CRYPTO_get_id_callback(), and
       CRYPTO_thread_id() functions which assumed thread IDs to always be
       represented by 'unsigned long'.
Comment 1 Wouter Wijngaards 2015-03-25 09:07:18 CET
Hi Daniel,

Fixed it.  It looks like this:

FUNCTIONS
       ub_ctx_create
              Create  a new context, initialised with defaults.  The informa‐
              tion from /etc/resolv.conf and /etc/hosts is  not  utilised  by
              default.  Use  ub_ctx_resolvconf and ub_ctx_hosts to read them.
              Before   you   call   this,   use   the    openssl    functions
              CRYPTO_set_id_callback  and  CRYPTO_set_locking_callback to set
              up asyncronous operation if you use lib openssl  (the  applica‐
              tion  calls  these functions once for initialisation).  Openssl
              1.0.0 or later uses the CRYPTO_THREADID_set_callback function.

Best regards,
   Wouter