From 3ab14c67cd92e3d898448fe6579b70aa78ac4bb1 Mon Sep 17 00:00:00 2001 From: Walt Karas Date: Tue, 24 May 2022 11:35:44 -0500 Subject: [PATCH] Deprecate TSSslSecretGet (not thread safe). The current version is not thread safe because it returns a pointer into a mutex-protected data structure, which may be invalidated by another thread. --- doc/developer-guide/api/functions/TSSslSecret.en.rst | 3 ++- include/ts/ts.h | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/doc/developer-guide/api/functions/TSSslSecret.en.rst b/doc/developer-guide/api/functions/TSSslSecret.en.rst index 87478e22542..459edbc3b7f 100644 --- a/doc/developer-guide/api/functions/TSSslSecret.en.rst +++ b/doc/developer-guide/api/functions/TSSslSecret.en.rst @@ -39,7 +39,8 @@ from the :cpp:enumerator:`TS_LIFECYCLE_SSL_SECRET_HOOK`. TSSslSecretGet ************** -Get the data associated with a secret name specified in the config. +Get the data associated with a secret name specified in the config. **Note:** this function is deprecated, it is not +thread safe. It will be replaced with a thread-safe function in Release 10. Synopsis ======== diff --git a/include/ts/ts.h b/include/ts/ts.h index 4d35972e7e0..b59bda56753 100644 --- a/include/ts/ts.h +++ b/include/ts/ts.h @@ -1304,6 +1304,8 @@ tsapi TSReturnCode TSSslServerCertUpdate(const char *cert_path, const char *key_ /* Update the transient secret table for SSL_CTX loading */ tsapi TSReturnCode TSSslSecretSet(const char *secret_name, int secret_name_length, const char *secret_data, int secret_data_len); +/* NOTE: TSSslSecretGet() is deprecated, it is not thread-safe. It will be replaced with a thread-safe function +** in Release 10 */ tsapi TSReturnCode TSSslSecretGet(const char *secret_name, int secret_name_length, const char **secret_data_return, int *secret_data_len);