If md5_done doesn't return CRYPT_OK then hs may be uninitialized in
sign_key_md5_fingerprint().

It is unlikely, but listensocks may not have all of its fds filled in.
Setting them to 0 early on makes sure that there is at least a known
quantity there.

From: Erik Hovland <erik@hovland.org>

---

 signkey.c  |    3 ++-
 svr-main.c |    1 +
 2 files changed, 3 insertions(+), 1 deletions(-)

--- signkey.c
+++ signkey.c
@@ -527,7 +527,8 @@
 	/* skip the size int of the string - this is a bit messy */
 	md5_process(&hs, keyblob, keybloblen);
 
-	md5_done(&hs, hash);
+	if (md5_done(&hs, hash) != CRYPT_OK)
+		return NULL;
 
 	/* "md5 hexfingerprinthere\0", each hex digit is "AB:" etc */
 	buflen = 4 + 3*MD5_HASH_SIZE;
--- svr-main.c
+++ svr-main.c
@@ -128,6 +128,7 @@
 	int childsock;
 	int childpipe[2];
 
+	memset(listensocks, 0, sizeof(listensocks));
 	/* Note: commonsetup() must happen before we daemon()ise. Otherwise
 	   daemon() will chdir("/"), and we won't be able to find local-dir
 	   hostkeys. */