upstream commit

clear session keys from memory; ok djm@ Upstream-ID: ecd178819868975affd5fd6637458b7c712b6a0f
author: markus@openbsd.org <markus@openbsd.org> 2017-05-31 08:09:45 +0000
committer: Damien Miller <djm@mindrot.org> 2017-06-01 14:54:46 +1000
commit: 1e0cdf8efb745d0d1116e1aa22bdc99ee731695e (patch)
tree: 49ffdf3ef98eecd4141610e535f35bab5eea4603 /monitor.c
parent: 92e9fe633130376a95dd533df6e5e6a578c1e6b8 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/monitor.c b/monitor.c
index 2dee9721d..ef107a2e8 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.169 2017/05/30 14:10:53 markus Exp $ */
+/* $OpenBSD: monitor.c,v 1.170 2017/05/31 08:09:45 markus Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1584,6 +1584,17 @@ mm_answer_audit_command(int socket, Buffer *m)
 #endif /* SSH_AUDIT_EVENTS */
 void
+monitor_clear_keystate(struct monitor *pmonitor)
+{
+        struct ssh *ssh = active_state; /* XXX */
+        ssh_clear_newkeys(ssh, MODE_IN);
+        ssh_clear_newkeys(ssh, MODE_OUT);
+        sshbuf_free(child_state);
+        child_state = NULL;
+}
+void
 monitor_apply_keystate(struct monitor *pmonitor)
 {
        struct ssh *ssh = active_state; /* XXX */
author	markus@openbsd.org <markus@openbsd.org>	2017-05-31 08:09:45 +0000
committer	Damien Miller <djm@mindrot.org>	2017-06-01 14:54:46 +1000
commit	1e0cdf8efb745d0d1116e1aa22bdc99ee731695e (patch)
tree	49ffdf3ef98eecd4141610e535f35bab5eea4603 /monitor.c
parent	92e9fe633130376a95dd533df6e5e6a578c1e6b8 (diff)

diff --git a/monitor.c b/monitor.c index 2dee9721d..ef107a2e8 100644 --- a/monitor.c +++ b/monitor.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor.c,v 1.169 2017/05/30 14:10:53 markus Exp $ */	1	/* $OpenBSD: monitor.c,v 1.170 2017/05/31 08:09:45 markus Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1584,6 +1584,17 @@ mm_answer_audit_command(int socket, Buffer *m)
1584	#endif /* SSH_AUDIT_EVENTS */	1584	#endif /* SSH_AUDIT_EVENTS */
1585		1585
1586	void	1586	void
		1587	monitor_clear_keystate(struct monitor *pmonitor)
		1588	{
		1589	struct ssh ssh = active_state; / XXX */
		1590
		1591	ssh_clear_newkeys(ssh, MODE_IN);
		1592	ssh_clear_newkeys(ssh, MODE_OUT);
		1593	sshbuf_free(child_state);
		1594	child_state = NULL;
		1595	}
		1596
		1597	void
1587	monitor_apply_keystate(struct monitor *pmonitor)	1598	monitor_apply_keystate(struct monitor *pmonitor)
1588	{	1599	{
1589	struct ssh ssh = active_state; / XXX */	1600	struct ssh ssh = active_state; / XXX */