diff -up openssh-5.8p1/packet.c.audit4a openssh-5.8p1/packet.c
--- openssh-5.8p1/packet.c.audit4a	2011-03-08 08:52:12.000000000 +0100
+++ openssh-5.8p1/packet.c	2011-03-08 08:52:39.000000000 +0100
@@ -473,6 +473,13 @@ packet_get_connection_out(void)
 	return active_state->connection_out;
 }
 
+static int
+packet_state_has_keys (const struct session_state *state)
+{
+	return state != NULL &&
+		(state->newkeys[MODE_IN] != NULL || state->newkeys[MODE_OUT] != NULL);
+}
+
 /* Closes the connection and clears and frees internal data structures. */
 
 void
@@ -481,13 +488,6 @@ packet_close(void)
 	if (!active_state->initialized)
 		return;
 	active_state->initialized = 0;
-	if (active_state->connection_in == active_state->connection_out) {
-		shutdown(active_state->connection_out, SHUT_RDWR);
-		close(active_state->connection_out);
-	} else {
-		close(active_state->connection_in);
-		close(active_state->connection_out);
-	}
 	buffer_free(&active_state->input);
 	buffer_free(&active_state->output);
 	buffer_free(&active_state->outgoing_packet);
@@ -496,9 +496,18 @@ packet_close(void)
 		buffer_free(&active_state->compression_buffer);
 		buffer_compress_uninit();
 	}
-	cipher_cleanup(&active_state->send_context);
-	cipher_cleanup(&active_state->receive_context);
-	audit_session_key_free(2);
+	if (packet_state_has_keys(active_state)) {
+		cipher_cleanup(&active_state->send_context);
+		cipher_cleanup(&active_state->receive_context);
+		audit_session_key_free(2);
+	}
+	if (active_state->connection_in == active_state->connection_out) {
+		shutdown(active_state->connection_out, SHUT_RDWR);
+		close(active_state->connection_out);
+	} else {
+		close(active_state->connection_in);
+		close(active_state->connection_out);
+	}
 }
 
 /* Sets remote side protocol flags. */
@@ -1945,13 +1954,6 @@ packet_destroy_state(struct session_stat
 //	memset(state, 0, sizeof(state));
 }
 
-static int
-packet_state_has_keys (const struct session_state *state)
-{
-	return state != NULL &&
-		(state->newkeys[MODE_IN] != NULL || state->newkeys[MODE_OUT] != NULL);
-}
-
 void
 packet_destroy_all(int audit_it, int privsep)
 {
diff -up openssh-5.8p1/sshd.c.audit4a openssh-5.8p1/sshd.c
--- openssh-5.8p1/sshd.c.audit4a	2011-03-08 08:53:02.000000000 +0100
+++ openssh-5.8p1/sshd.c	2011-03-08 08:55:23.000000000 +0100
@@ -2033,7 +2033,7 @@ main(int ac, char **av)
 	do_authenticated(authctxt);
 
 	/* The connection has been terminated. */
-	packet_destroy_all(1, 0);
+	packet_destroy_all(1, 1);
 
 	packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes);
 	packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes);