Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / ef73f50a1218b3ce0143131fd71c4061a9a4a83e^! / .
commitef73f50a1218b3ce0143131fd71c4061a9a4a83e[log] [tgz]
authorDamien Miller <djm@mindrot.org>Wed Sep 25 12:20:17 2002 +1000
committerDamien Miller <djm@mindrot.org>Wed Sep 25 12:20:17 2002 +1000
treeaa0ab963cd3c4cd923f244012537506da15b02d4
parent7db40c9e2e457441b1935d425326e507e945c039 [diff]
   - markus@cvs.openbsd.org 2002/09/24 08:46:04
     [monitor.c]
     only call kerberos code for authctxt->valid

diff --git a/ChangeLog b/ChangeLog
index 18dbc78..f6aa78c 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -7,6 +7,9 @@
    - markus@cvs.openbsd.org 2002/09/23 22:11:05
      [monitor.c]
      only call auth_krb5 if kerberos is enabled; ok deraadt@
+   - markus@cvs.openbsd.org 2002/09/24 08:46:04
+     [monitor.c]
+     only call kerberos code for authctxt->valid
 
 20020923
  - (tim) [configure.ac] s/return/exit/ patch by dtucker@zip.com.au
@@ -706,4 +709,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2478 2002/09/25 02:19:39 djm Exp $
+$Id: ChangeLog,v 1.2479 2002/09/25 02:20:17 djm Exp $

diff --git a/monitor.c b/monitor.c
index 69a51fc..e07e97e 100644
--- a/monitor.c
+++ b/monitor.c

@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.27 2002/09/23 22:11:05 markus Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.28 2002/09/24 08:46:04 markus Exp $");
 
 #include <openssl/dh.h>
 
@@ -1299,7 +1299,8 @@
 	tkt.data = buffer_get_string(m, &len);
 	tkt.length = len;
 
-	success = (options.kerberos_authentication == 1) &&
+	success = options.kerberos_authentication &&
+	    authctxt->valid &&
 	    auth_krb5(authctxt, &tkt, &client_user, &reply);
 
 	if (tkt.length)