From 6df09c6275274eb6a13adaad5b5df4a974f26ca0 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Wed, 30 Mar 2005 08:27:54 +0000
Subject: [PATCH] <1112163342.018492.101240@f14g2000cwb.googlegroups.com> on
 comp.security.ssh contains a Dr Watson log which looks to me as if
 `unclean-close-crash' occurred due to a rekey timer going off after the
 session had closed. Hence, ssh2_timer() now avoids doing anything if the
 session is already closed, and also ssh_do_close() proactively calls
 expire_timer_context(). Between those I think they ought to solve the
 problem.

[originally from svn r5564]
---
 ssh.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ssh.c b/ssh.c
index 8ecd060b..b0cfa11a 100644
--- a/ssh.c
+++ b/ssh.c
@@ -2444,6 +2444,7 @@ static int ssh_do_close(Ssh ssh, int notify_exit)
     struct ssh_channel *c;
 
     ssh->state = SSH_STATE_CLOSED;
+    expire_timer_context(ssh);
     if (ssh->s) {
         sk_close(ssh->s);
         ssh->s = NULL;
@@ -7571,6 +7572,9 @@ static void ssh2_timer(void *ctx, long now)
 {
     Ssh ssh = (Ssh)ctx;
 
+    if (ssh->state == SSH_STATE_CLOSED)
+	return;
+
     if (!ssh->kex_in_progress && ssh->cfg.ssh_rekey_time != 0 &&
 	now - ssh->next_rekey >= 0) {
 	do_ssh2_transport(ssh, "timeout", -1, NULL);