From 06394a6cc7c784b46bc6d1e65a1ff39637093934 Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Thu, 24 Jun 2021 23:51:53 +1000
Subject: [PATCH] doc: Document that the OBJ creation functions are now thread
 safe.

With the OBJ_ thread locking in place, these documentation changes are not
required.

This reverts commit 0218bcdd3feab456135207c140998305df73ab7b.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15713)
---
 doc/man3/OBJ_nid2obj.pod   | 6 ++----
 doc/man7/provider-base.pod | 7 +++++--
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/doc/man3/OBJ_nid2obj.pod b/doc/man3/OBJ_nid2obj.pod
index 58fc94f6dd97a..2d16cc83ccd6c 100644
--- a/doc/man3/OBJ_nid2obj.pod
+++ b/doc/man3/OBJ_nid2obj.pod
@@ -139,6 +139,8 @@ These functions cannot return B<const> because an B<ASN1_OBJECT> can
 represent both an internal, constant, OID and a dynamically-created one.
 The latter cannot be constant because it needs to be freed after use.
 
+These functions were not thread safe in OpenSSL 3.0 and before.
+
 =head1 RETURN VALUES
 
 OBJ_nid2obj() returns an B<ASN1_OBJECT> structure or B<NULL> is an
@@ -181,10 +183,6 @@ Instead I<buf> must point to a valid buffer and I<buf_len> should
 be set to a positive value. A buffer length of 80 should be more
 than enough to handle any OID encountered in practice.
 
-Neither OBJ_create() nor OBJ_add_sigid() do any locking and are thus not
-thread safe.  Moreover, none of the other functions should be called while
-concurrent calls to these two functions are possible.
-
 =head1 SEE ALSO
 
 L<ERR_get_error(3)>
diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod
index d1e26baa11dc1..5af35bf4dcd39 100644
--- a/doc/man7/provider-base.pod
+++ b/doc/man7/provider-base.pod
@@ -269,7 +269,6 @@ It will treat as success the case where the OID already exists (even if the
 short name I<sn> or long name I<ln> provided as arguments differ from those
 associated with the existing OID, in which case the new names are not
 associated).
-This function is not thread safe.
 
 The core_obj_add_sigid() function registers a new composite signature algorithm
 (I<sign_name>) consisting of an underlying signature algorithm (I<pkey_name>)
@@ -283,7 +282,6 @@ to identify the object. It will treat as success the case where the composite
 signature algorithm already exists (even if registered against a different
 underlying signature or digest algorithm). It returns 1 on success or 0 on
 failure.
-This function is not thread safe.
 
 CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_memdup(), CRYPTO_strdup(),
 CRYPTO_strndup(), CRYPTO_free(), CRYPTO_clear_free(),
@@ -613,6 +611,11 @@ or maximum. A -1 indicates that the group should not be used in that protocol.
 
 =back
 
+=head1 NOTES
+
+The core_obj_create() and core_obj_add_sigid() functions were not thread safe
+in OpenSSL 3.0.
+
 =head1 EXAMPLES
 
 This is an example of a simple provider made available as a