Make sure we audit properly from the new code

openssh-7.6p1-audit.patch

@@ -1612,7 +1612,7 @@ diff -up openssh-7.6p1/packet.c.audit openssh-7.6p1/packet.c
  /*
   * Returns the IP-address of the remote host as a string.  The returned
   * string must not be freed.
-@@ -566,18 +574,11 @@ ssh_packet_close_internal(struct ssh *ss
+@@ -566,22 +574,19 @@ ssh_packet_close_internal(struct ssh *ss
  {
  	struct session_state *state = ssh->state;
  	u_int mode;
@@ -1630,14 +1630,24 @@ diff -up openssh-7.6p1/packet.c.audit openssh-7.6p1/packet.c
 -		}
 -	}
  	sshbuf_free(state->input);
++	state->input = NULL;
  	sshbuf_free(state->output);
++	state->output = NULL;
  	sshbuf_free(state->outgoing_packet);
-@@ -615,8 +616,16 @@ ssh_packet_close_internal(struct ssh *ss
++	state->outgoing_packet = NULL;
+	sshbuf_free(state->incoming_packet);
++	state->incoming_packet = NULL;
+ 	for (mode = 0; mode < MODE_MAX; mode++) {
+ 		kex_free_newkeys(state->newkeys[mode]);	/* current keys */
+ 		state->newkeys[mode] = NULL;
+@@ -615,8 +616,18 @@ ssh_packet_close_internal(struct ssh *ss
  	}
  	cipher_free(state->send_context);
  	cipher_free(state->receive_context);
-+	if (had_keys)
++	if (had_keys && state->server_side) {
++		/* Assuming this is called only from privsep child */
 +		audit_session_key_free(MODE_MAX);
++	}
  	state->send_context = state->receive_context = NULL;
  	if (do_close) {
 +		if (state->connection_in == state->connection_out) {