Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 622d5c561bf940c0c2d329d8001ca1e60b862ca2^! / . / auth-pam.c
commit622d5c561bf940c0c2d329d8001ca1e60b862ca2[log] [tgz]
authorDarren Tucker <dtucker@zip.com.au>Sun Jul 12 22:07:21 2009 +1000
committerDarren Tucker <dtucker@zip.com.au>Sun Jul 12 22:07:21 2009 +1000
tree686f7ba9b7f52e54983b26b6e028c5e6fa97faee
parent8fdcba5caf124bec3d17e6c6688ca2f1857329c3 [diff] [blame]
 - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on
   logout to after the session close.  Patch from Anicka Bernathova, ok djm.

diff --git a/auth-pam.c b/auth-pam.c
index ccdb993..675006e 100644
--- a/auth-pam.c
+++ b/auth-pam.c

@@ -602,16 +602,16 @@
 		return;
 	debug("PAM: cleanup");
 	pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv);
-	if (sshpam_cred_established) {
-		debug("PAM: deleting credentials");
-		pam_setcred(sshpam_handle, PAM_DELETE_CRED);
-		sshpam_cred_established = 0;
-	}
 	if (sshpam_session_open) {
 		debug("PAM: closing session");
 		pam_close_session(sshpam_handle, PAM_SILENT);
 		sshpam_session_open = 0;
 	}
+	if (sshpam_cred_established) {
+		debug("PAM: deleting credentials");
+		pam_setcred(sshpam_handle, PAM_DELETE_CRED);
+		sshpam_cred_established = 0;
+	}
 	sshpam_authenticated = 0;
 	pam_end(sshpam_handle, sshpam_err);
 	sshpam_handle = NULL;