From d7c402c4f2d9c311a91616fd75c24a15afabe2e5 Mon Sep 17 00:00:00 2001
From: "Dr. Matthias St. Pierre" <Matthias.St.Pierre@ncp-e.com>
Date: Mon, 12 Feb 2018 02:37:27 +0100
Subject: [PATCH] OPENSSL_cleanup: cleanup secure memory

If the global DRBGs are allocated on the secure heap, then calling
CRYPTO_secure_malloc_done() inside main() will have no effect, unless
OPENSSL_cleanup() has been called explicitely before that, because
otherwise the DRBGs will still be allocated. So it is better to cleanup
the secure heap automatically at the end of OPENSSL_cleanup().

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5294)
---
 crypto/init.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/init.c b/crypto/init.c
index 1b94d07e04..4a88e9cc02 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -502,6 +502,8 @@ void OPENSSL_cleanup(void)
     obj_cleanup_int();
     err_cleanup();
 
+    CRYPTO_secure_malloc_done();
+
     base_inited = 0;
 }
 
-- 
2.34.1