upstream commit

clear session keys from memory; ok djm@ Upstream-ID: ecd178819868975affd5fd6637458b7c712b6a0f
author: markus@openbsd.org <markus@openbsd.org> 2017-05-31 08:09:45 +0000
committer: Damien Miller <djm@mindrot.org> 2017-06-01 14:54:46 +1000
commit: 1e0cdf8efb745d0d1116e1aa22bdc99ee731695e (patch)
tree: 49ffdf3ef98eecd4141610e535f35bab5eea4603 /sshd.c
parent: 92e9fe633130376a95dd533df6e5e6a578c1e6b8 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/sshd.c b/sshd.c
index aa3729e7..06cb81f2 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.489 2017/05/31 07:00:13 markus Exp $ */
+/* $OpenBSD: sshd.c,v 1.490 2017/05/31 08:09:45 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -649,6 +649,7 @@ privsep_postauth(Authctxt *authctxt)
 	else if (pmonitor->m_pid != 0) {
 		verbose("User child is on pid %ld", (long)pmonitor->m_pid);
 		buffer_clear(&loginmsg);
+		monitor_clear_keystate(pmonitor);
 		monitor_child_postauth(pmonitor);
 
 		/* NEVERREACHED */
@@ -2032,6 +2033,7 @@ main(int ac, char **av)
 	 */
 	if (use_privsep) {
 		mm_send_keystate(pmonitor);
+		packet_clear_keys();
 		exit(0);
 	}
author	markus@openbsd.org <markus@openbsd.org>	2017-05-31 08:09:45 +0000
committer	Damien Miller <djm@mindrot.org>	2017-06-01 14:54:46 +1000
commit	1e0cdf8efb745d0d1116e1aa22bdc99ee731695e (patch)
tree	49ffdf3ef98eecd4141610e535f35bab5eea4603 /sshd.c
parent	92e9fe633130376a95dd533df6e5e6a578c1e6b8 (diff)