OPENSSL_cleanup: cleanup secure memory

If the global DRBGs are allocated on the secure heap, then calling
CRYPTO_secure_malloc_done() inside main() will have no effect, unless
OPENSSL_cleanup() has been called explicitely before that, because
otherwise the DRBGs will still be allocated. So it is better to cleanup
the secure heap automatically at the end of OPENSSL_cleanup().

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5294)

diff --git a/crypto/init.c b/crypto/init.c
index 1b94d07e0465a3216dfcf67b0d796ba32ca8545f..4a88e9cc02bc251401d6f5c657761a52fe6ce886 100644 (file)
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -502,6 +502,8 @@ void OPENSSL_cleanup(void)
     obj_cleanup_int();
     err_cleanup();
 
+    CRYPTO_secure_malloc_done();
+
     base_inited = 0;
 }