From cdc735a59b4d5620562902ea6b8f78f8185b49a3 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 19 Oct 2017 16:06:27 +0200
Subject: [PATCH] Make sure we audit properly from the new code

---
 openssh-7.6p1-audit.patch | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/openssh-7.6p1-audit.patch b/openssh-7.6p1-audit.patch
index c9e3e24..2058c60 100644
--- a/openssh-7.6p1-audit.patch
+++ b/openssh-7.6p1-audit.patch
@@ -1612,7 +1612,7 @@ diff -up openssh-7.6p1/packet.c.audit openssh-7.6p1/packet.c
  /*
   * Returns the IP-address of the remote host as a string.  The returned
   * string must not be freed.
-@@ -566,18 +574,11 @@ ssh_packet_close_internal(struct ssh *ss
+@@ -566,22 +574,19 @@ ssh_packet_close_internal(struct ssh *ss
  {
  	struct session_state *state = ssh->state;
  	u_int mode;
@@ -1630,14 +1630,24 @@ diff -up openssh-7.6p1/packet.c.audit openssh-7.6p1/packet.c
 -		}
 -	}
  	sshbuf_free(state->input);
++	state->input = NULL;
  	sshbuf_free(state->output);
++	state->output = NULL;
  	sshbuf_free(state->outgoing_packet);
-@@ -615,8 +616,16 @@ ssh_packet_close_internal(struct ssh *ss
++	state->outgoing_packet = NULL;
+	sshbuf_free(state->incoming_packet);
++	state->incoming_packet = NULL;
+ 	for (mode = 0; mode < MODE_MAX; mode++) {
+ 		kex_free_newkeys(state->newkeys[mode]);	/* current keys */
+ 		state->newkeys[mode] = NULL;
+@@ -615,8 +616,18 @@ ssh_packet_close_internal(struct ssh *ss
  	}
  	cipher_free(state->send_context);
  	cipher_free(state->receive_context);
-+	if (had_keys)
++	if (had_keys && state->server_side) {
++		/* Assuming this is called only from privsep child */
 +		audit_session_key_free(MODE_MAX);
++	}
  	state->send_context = state->receive_context = NULL;
  	if (do_close) {
 +		if (state->connection_in == state->connection_out) {