From 886681a42131632098a46174d302776339207644 Mon Sep 17 00:00:00 2001
From: Jon Simons <jon@jonsimons.org>
Date: Tue, 29 Jan 2019 19:43:07 -0500
Subject: [PATCH] dh-gex: fix moduli file stream leak

Ensure to close the moduli file stream in `ssh_retrieve_dhgroup`.
The leak is observable with the pkd tests and valgrind with:

    valgrind \
      --track-fds=yes \
      ./pkd_hello -i1 \
      -t torture_pkd_openssh_rsa_rsa_diffie_hellman_group_exchange_sha256

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/dh-gex.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/dh-gex.c b/src/dh-gex.c
index f08b3ba3..a52be036 100644
--- a/src/dh-gex.c
+++ b/src/dh-gex.c
@@ -481,6 +481,7 @@ static int ssh_retrieve_dhgroup(uint32_t pmin,
                                    size,
                                    &generator,
                                    &modulus);
+    fclose(moduli);
     if (rc == SSH_ERROR || *size == 0) {
         goto error;
     }