Backfit a bugfix from 0.9.7-dev to 0.9.6-stable. init() and finish()

handlers were previously getting called before (and after, respectively)
the "ex_data" structures - this meant init() had very little that it
could initialise, and finish() had very little it could cleanup.

CHANGES

@@ -4,6 +4,12 @@
 
  Changes between 0.9.6 and 0.9.6a  [xx XXX 2001]
 
+  *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling
+     the method-specific "init()" handler. Also clean up ex_data after
+     calling the method-specific "finish()" handler. Previously, this was
+     happening the other way round.
+     [Geoff Thorpe]
+
   *) Avoid coredump with unsupported or invalid public keys by checking if
      X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
      PKCS7_verify() fails with non detached data.

crypto/dh/dh_lib.c

@@ -120,13 +120,13 @@ DH *DH_new_method(DH_METHOD *meth)
 	ret->method_mont_p=NULL;
 	ret->references = 1;
 	ret->flags=ret->meth->flags;
+	CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
 	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
 		{
+		CRYPTO_free_ex_data(dh_meth,ret,&ret->ex_data);
 		OPENSSL_free(ret);
 		ret=NULL;
 		}
-	else
-		CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
 	return(ret);
 	}
 
@@ -147,10 +147,10 @@ void DH_free(DH *r)
 	}
 #endif
 
-	CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
-
 	if(r->meth->finish) r->meth->finish(r);
 
+	CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
+
 	if (r->p != NULL) BN_clear_free(r->p);
 	if (r->g != NULL) BN_clear_free(r->g);
 	if (r->q != NULL) BN_clear_free(r->q);

crypto/dsa/dsa_lib.c

@@ -125,13 +125,13 @@ DSA *DSA_new_method(DSA_METHOD *meth)
 
 	ret->references=1;
 	ret->flags=ret->meth->flags;
+	CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data);
 	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
 		{
+		CRYPTO_free_ex_data(dsa_meth,ret,&ret->ex_data);
 		OPENSSL_free(ret);
 		ret=NULL;
 		}
-	else
-		CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data);
 	
 	return(ret);
 	}
@@ -155,10 +155,10 @@ void DSA_free(DSA *r)
 		}
 #endif
 
-	CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data);
-
 	if(r->meth->finish) r->meth->finish(r);
 
+	CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data);
+
 	if (r->p != NULL) BN_clear_free(r->p);
 	if (r->q != NULL) BN_clear_free(r->q);
 	if (r->g != NULL) BN_clear_free(r->g);

crypto/rsa/rsa_lib.c

@@ -145,13 +145,13 @@ RSA *RSA_new_method(RSA_METHOD *meth)
 	ret->blinding=NULL;
 	ret->bignum_data=NULL;
 	ret->flags=ret->meth->flags;
+	CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data);
 	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
 		{
+		CRYPTO_free_ex_data(rsa_meth,ret,&ret->ex_data);
 		OPENSSL_free(ret);
 		ret=NULL;
 		}
-	else
-		CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data);
 	return(ret);
 	}
 
@@ -174,11 +174,11 @@ void RSA_free(RSA *r)
 		}
 #endif
 
-	CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data);
-
 	if (r->meth->finish != NULL)
 		r->meth->finish(r);
 
+	CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data);
+
 	if (r->n != NULL) BN_clear_free(r->n);
 	if (r->e != NULL) BN_clear_free(r->e);
 	if (r->d != NULL) BN_clear_free(r->d);