===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/kexgexc.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- src/usr.bin/ssh/kexgexc.c	2021/01/31 22:55:29	1.37
+++ src/usr.bin/ssh/kexgexc.c	2021/12/19 22:08:06	1.38
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexc.c,v 1.37 2021/01/31 22:55:29 djm Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.38 2021/12/19 22:08:06 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -199,8 +199,26 @@
 	    hashlen, kex->hostkey_alg, ssh->compat, NULL)) != 0)
 		goto out;
 
-	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
-		r = kex_send_newkeys(ssh);
+	if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) != 0 ||
+	    (r = kex_send_newkeys(ssh)) != 0)
+		goto out;
+
+	/* save initial signature and hostkey */
+	if ((kex->flags & KEX_INITIAL) != 0) {
+		if (kex->initial_hostkey != NULL || kex->initial_sig != NULL) {
+			r = SSH_ERR_INTERNAL_ERROR;
+			goto out;
+		}
+		if ((kex->initial_sig = sshbuf_new()) == NULL) {
+			r = SSH_ERR_ALLOC_FAIL;
+			goto out;
+		}
+		if ((r = sshbuf_put(kex->initial_sig, signature, slen)) != 0)
+			goto out;
+		kex->initial_hostkey = server_host_key;
+		server_host_key = NULL;
+	}
+	/* success */
  out:
 	explicit_bzero(hash, sizeof(hash));
 	DH_free(kex->dh);