Add the function OPENSSL_thread_stop_ex()

This adds the ability to clean up a thread on a per OPENSSL_CTX basis.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9040)

crypto/initthread.c

@@ -97,6 +97,17 @@ void cleanup_thread(void)
     destructor_key.sane = -1;
 }
 
+void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx)
+{
+    ctx = openssl_ctx_get_concrete(ctx);
+    /*
+     * TODO(3.0). It would be nice if we could figure out a way to do this on
+     * all threads that have used the OPENSSL_CTX when the OPENSSL_CTX is freed.
+     * This is currently not possible due to the use of thread local variables.
+     */
+    ossl_ctx_thread_stop(ctx);
+}
+
 void OPENSSL_thread_stop(void)
 {
     if (destructor_key.sane != -1) {

include/openssl/crypto.h

@@ -415,6 +415,7 @@ void OPENSSL_cleanup(void);
 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
 int OPENSSL_atexit(void (*handler)(void));
 void OPENSSL_thread_stop(void);
+void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx);
 
 /* Low-level control of initialization */
 OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);

test/evp_extra_test.c

@@ -1220,6 +1220,11 @@ static int test_EVP_MD_fetch(int tst)
     EVP_MD_meth_free(md);
     OSSL_PROVIDER_unload(defltprov);
     OSSL_PROVIDER_unload(fipsprov);
+    /* Not normally needed, but we would like to test that
+     * OPENSSL_thread_stop_ex() behaves as expected.
+     */
+    if (ctx != NULL)
+        OPENSSL_thread_stop_ex(ctx);
     OPENSSL_CTX_free(ctx);
     return ret;
 }

util/libcrypto.num

@@ -4831,3 +4831,4 @@ OPENSSL_CTX_get0_public_drbg            4775	3_0_0	EXIST::FUNCTION:
 OPENSSL_CTX_get0_private_drbg           4776	3_0_0	EXIST::FUNCTION:
 BN_CTX_new_ex                           4777	3_0_0	EXIST::FUNCTION:
 BN_CTX_secure_new_ex                    4778	3_0_0	EXIST::FUNCTION:
+OPENSSL_thread_stop_ex                  4779	3_0_0	EXIST::FUNCTION: