diff options
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | auth-pam.c | 10 |
2 files changed, 7 insertions, 5 deletions
@@ -3,6 +3,8 @@ prevents configure complaining on older BSDs. - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch from Corinna Vinschen. + - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on + logout to after the session close. Patch from Anicka Bernathova, ok djm. 20090707 - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated @@ -602,16 +602,16 @@ sshpam_cleanup(void) return; debug("PAM: cleanup"); pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); - if (sshpam_cred_established) { - debug("PAM: deleting credentials"); - pam_setcred(sshpam_handle, PAM_DELETE_CRED); - sshpam_cred_established = 0; - } if (sshpam_session_open) { debug("PAM: closing session"); pam_close_session(sshpam_handle, PAM_SILENT); sshpam_session_open = 0; } + if (sshpam_cred_established) { + debug("PAM: deleting credentials"); + pam_setcred(sshpam_handle, PAM_DELETE_CRED); + sshpam_cred_established = 0; + } sshpam_authenticated = 0; pam_end(sshpam_handle, sshpam_err); sshpam_handle = NULL; |