From 82d2beb4d455f58c16ed4d2a811bb968351da7d9 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Tue, 26 Nov 2013 13:22:08 +0100
Subject: [PATCH] fix fatal() cleanup in the audit patch (#1029074)

---
 openssh-6.4p1-audit.patch | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/openssh-6.4p1-audit.patch b/openssh-6.4p1-audit.patch
index 0c4ce54..77a6fa4 100644
--- a/openssh-6.4p1-audit.patch
+++ b/openssh-6.4p1-audit.patch
@@ -2148,6 +2148,15 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c
  		}
  		/* Certs do not need demotion */
  	}
+@@ -652,7 +703,7 @@ privsep_preauth(Authctxt *authctxt)
+ 
+ 	if (use_privsep == PRIVSEP_ON)
+ 		box = ssh_sandbox_init();
+-	pid = fork();
++	pmonitor->m_pid = pid = fork();
+ 	if (pid == -1) {
+ 		fatal("fork of unprivileged child failed");
+ 	} else if (pid != 0) {
 @@ -708,6 +759,8 @@ privsep_preauth(Authctxt *authctxt)
  	}
  }
@@ -2244,7 +2253,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c
  				    pmonitor->m_pid, strerror(errno));
  		}
  	}
-+	is_privsep_child = use_privsep && pmonitor != NULL && !mm_is_monitor();
++	is_privsep_child = use_privsep && pmonitor != NULL && pmonitor->m_pid == 0;
 +	if (sensitive_data.host_keys != NULL)
 +		destroy_sensitive_data(is_privsep_child);
 +	packet_destroy_all(1, is_privsep_child);