--- a/components/openssl/openssl-1.0.1/patches/36_evp_leak.patch Tue Mar 24 10:15:01 2015 -0700
+++ b/components/openssl/openssl-1.0.1/patches/36_evp_leak.patch Tue Mar 24 20:05:38 2015 -0700
@@ -1,144 +1,144 @@
Patch developed in-house. Solaris-specific; not suitable for upstream.
---- openssl-1.0.1f/crypto/evp/evp_enc.c.orig Mon Feb 11 07:26:04 2013
-+++ openssl-1.0.1f/crypto/evp/evp_enc.c Mon Feb 3 16:40:48 2014
-@@ -394,10 +394,14 @@
- {
- ret = M_do_cipher(ctx, out, NULL, 0);
- if (ret < 0)
-- return 0;
-+ {
-+ ret = 0;
-+ goto cleanup;
-+ }
- else
- *outl = ret;
-- return 1;
-+ ret = 1;
-+ goto cleanup;
- }
+--- openssl-1.0.1f/crypto/evp/evp_enc.c.orig Mon Feb 11 07:26:04 2013
++++ openssl-1.0.1f/crypto/evp/evp_enc.c Mon Feb 3 16:40:48 2014
+@@ -379,11 +379,13 @@
+
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ ret = M_do_cipher(ctx, out, NULL, 0);
+- if (ret < 0)
+- return 0;
+- else
++ if (ret < 0) {
++ ret = 0;
++ goto cleanup;
++ } else
+ *outl = ret;
+- return 1;
++ ret = 1;
++ goto cleanup;
+ }
+
+ b = ctx->cipher->block_size;
+@@ -390,7 +392,8 @@
+ OPENSSL_assert(b <= sizeof ctx->buf);
+ if (b == 1) {
+ *outl = 0;
+- return 1;
++ ret = 1;
++ goto cleanup;
+ }
+ bl = ctx->buf_len;
+ if (ctx->flags & EVP_CIPH_NO_PADDING) {
+@@ -397,10 +400,12 @@
+ if (bl) {
+ EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
+ EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+- return 0;
++ ret = 0;
++ goto cleanup;
+ }
+ *outl = 0;
+- return 1;
++ ret = 1;
++ goto cleanup;
+ }
- b=ctx->cipher->block_size;
-@@ -405,7 +409,8 @@
- if (b == 1)
- {
- *outl=0;
-- return 1;
-+ ret = 1;
-+ goto cleanup;
- }
- bl=ctx->buf_len;
- if (ctx->flags & EVP_CIPH_NO_PADDING)
-@@ -413,10 +418,12 @@
- if(bl)
- {
- EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
-- return 0;
-+ ret = 0;
-+ goto cleanup;
- }
- *outl = 0;
-- return 1;
-+ ret = 1;
-+ goto cleanup;
- }
-
- n=b-bl;
-@@ -428,6 +435,12 @@
- if(ret)
- *outl=b;
+ n = b - bl;
+@@ -411,6 +416,11 @@
+ if (ret)
+ *outl = b;
+cleanup:
-+ if (ctx->cipher->cleanup)
-+ {
-+ ctx->cipher->cleanup(ctx);
-+ }
++ if (ctx->cipher->cleanup) {
++ ctx->cipher->cleanup(ctx);
++ }
+
- return ret;
- }
-
-@@ -501,6 +501,7 @@
- int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
- {
- int i,n;
-+ int err = 1;
- unsigned int b;
- *outl=0;
+ return ret;
+ }
-@@ -508,10 +509,14 @@
- {
- i = M_do_cipher(ctx, out, NULL, 0);
- if (i < 0)
-- return 0;
-+ {
-+ err = 0;
-+ goto cleanup;
-+ }
- else
- *outl = i;
-- return 1;
-+ err = 1;
-+ goto cleanup;
- }
+@@ -478,6 +488,7 @@
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+ {
+ int i, n;
++ int err = 1;
+ unsigned int b;
+ *outl = 0;
- b=ctx->cipher->block_size;
-@@ -520,10 +525,12 @@
- if(ctx->buf_len)
- {
- EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
-- return 0;
-+ err = 0;
-+ goto cleanup;
- }
- *outl = 0;
-- return 1;
-+ err = 1;
-+ goto cleanup;
- }
- if (b > 1)
- {
-@@ -530,7 +537,8 @@
- if (ctx->buf_len || !ctx->final_used)
- {
- EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
-- return(0);
-+ err = 0;
-+ goto cleanup;
- }
- OPENSSL_assert(b <= sizeof ctx->final);
+@@ -483,11 +494,13 @@
+
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ i = M_do_cipher(ctx, out, NULL, 0);
+- if (i < 0)
+- return 0;
+- else
++ if (i < 0) {
++ err = 0;
++ goto cleanup;
++ } else
+ *outl = i;
+- return 1;
++ err = 1;
++ goto cleanup;
+ }
+
+ b = ctx->cipher->block_size;
+@@ -495,10 +508,12 @@
+ if (ctx->buf_len) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
+ EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+- return 0;
++ err = 0;
++ goto cleanup;
+ }
+ *outl = 0;
+- return 1;
++ err = 1;
++ goto cleanup;
+ }
+ if (b > 1) {
+ if (ctx->buf_len || !ctx->final_used) {
+@@ -503,7 +518,8 @@
+ if (b > 1) {
+ if (ctx->buf_len || !ctx->final_used) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
+- return (0);
++ err = 0;
++ goto cleanup;
+ }
+ OPENSSL_assert(b <= sizeof ctx->final);
-@@ -542,7 +550,8 @@
- if (n == 0 || n > (int)b)
- {
- EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
-- return(0);
-+ err = 0;
-+ goto cleanup;
- }
- for (i=0; i<n; i++)
- {
-@@ -549,7 +558,8 @@
- if (ctx->final[--b] != n)
- {
- EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
-- return(0);
-+ err = 0;
-+ goto cleanup;
- }
- }
- n=ctx->cipher->block_size-n;
-@@ -559,7 +569,13 @@
- }
- else
- *outl=0;
-- return(1);
-+ err = 1;
+@@ -514,7 +530,8 @@
+ n = ctx->final[b - 1];
+ if (n == 0 || n > (int)b) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
+- return (0);
++ err = 0;
++ goto cleanup;
+ }
+ for (i = 0; i < n; i++) {
+ if (ctx->final[--b] != n) {
+@@ -519,7 +536,8 @@
+ for (i = 0; i < n; i++) {
+ if (ctx->final[--b] != n) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
+- return (0);
++ err = 0;
++ goto cleanup;
+ }
+ }
+ n = ctx->cipher->block_size - n;
+@@ -528,7 +546,12 @@
+ *outl = n;
+ } else
+ *outl = 0;
+- return (1);
++ err = 1;
+cleanup:
-+ if (ctx->cipher->cleanup)
-+ {
-+ ctx->cipher->cleanup(ctx);
-+ }
-+ return err;
- }
++ if (ctx->cipher->cleanup) {
++ ctx->cipher->cleanup(ctx);
++ }
++ return err;
+ }
void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)