openssl: Update to pristine 1.0.2n (security update)

3 files changed, 4 insertions, 1 deletions

diff --git a/thirdparty/openssl/crypto/pem/pem_lib.c b/thirdparty/openssl/crypto/pem/pem_lib.c
index c82b3c0ae2..865976bf8c 100644
--- a/thirdparty/openssl/crypto/pem/pem_lib.c
+++ b/thirdparty/openssl/crypto/pem/pem_lib.c
@@ -536,7 +536,8 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
               ((c >= '0') && (c <= '9'))))
             break;
 #else
-        if (!(isupper(c) || (c == '-') || isdigit(c)))
+        if (!(isupper((unsigned char)c) || (c == '-')
+            || isdigit((unsigned char)c)))
             break;
 #endif
         header++;
diff --git a/thirdparty/openssl/crypto/pem/pem_pk8.c b/thirdparty/openssl/crypto/pem/pem_pk8.c
index 5747c7366e..daf210fde0 100644
--- a/thirdparty/openssl/crypto/pem/pem_pk8.c
+++ b/thirdparty/openssl/crypto/pem/pem_pk8.c
@@ -178,6 +178,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
     }
     p8inf = PKCS8_decrypt(p8, psbuf, klen);
     X509_SIG_free(p8);
+    OPENSSL_cleanse(psbuf, klen);
     if (!p8inf)
         return NULL;
     ret = EVP_PKCS82PKEY(p8inf);
diff --git a/thirdparty/openssl/crypto/pem/pem_pkey.c b/thirdparty/openssl/crypto/pem/pem_pkey.c
index 04d6319a22..e8b3a1b92c 100644
--- a/thirdparty/openssl/crypto/pem/pem_pkey.c
+++ b/thirdparty/openssl/crypto/pem/pem_pkey.c
@@ -120,6 +120,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
         }
         p8inf = PKCS8_decrypt(p8, psbuf, klen);
         X509_SIG_free(p8);
+        OPENSSL_cleanse(psbuf, klen);
         if (!p8inf)
             goto p8err;
         ret = EVP_PKCS82PKEY(p8inf);