Ensure that the "ex_data" member of an RSA structure is initialised before

the RSA_METHOD's "init()" handler is called, and is cleaned up after the
RSA_METHOD's "finish()" handler is called. Custom RSA_METHODs may wish to
initialise contexts and other specifics in the RSA structure upon creation
and that was previously not possible - "ex_data" is where that stuff
should go and it was being initialised too late for it to be used.

diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 6ebb0b552a54b629f3535712cbedf1576e1d8032..d09dbd4a33c921be3441847be70e85bdc57c468e 100644 (file)
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -191,13 +191,13 @@ RSA *RSA_new_method(ENGINE *engine)
        ret->blinding=NULL;
        ret->bignum_data=NULL;
        ret->flags=meth->flags;
+       CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data);
        if ((meth->init != NULL) && !meth->init(ret))
                {
+               CRYPTO_free_ex_data(rsa_meth, ret, &ret->ex_data);
                OPENSSL_free(ret);
                ret=NULL;
                }
-       else
-               CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data);
        return(ret);
        }
 
@@ -221,13 +221,13 @@ void RSA_free(RSA *r)
                }
 #endif
 
-       CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data);
-
        meth = ENGINE_get_RSA(r->engine);
        if (meth->finish != NULL)
                meth->finish(r);
        ENGINE_finish(r->engine);
 
+       CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data);
+
        if (r->n != NULL) BN_clear_free(r->n);
        if (r->e != NULL) BN_clear_free(r->e);
        if (r->d != NULL) BN_clear_free(r->d);