From 9142e1c66d64bcca850b51cc445fe37920266c48 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 16 Aug 2007 23:28:04 +1000 Subject: - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated connections too. Based on a patch from Sandro Wefel, with & ok djm@ --- ChangeLog | 6 +++++- session.c | 20 ++++++++++++-------- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 56ecc293..c56c6bd3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20070816 + - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated + connections too. Based on a patch from Sandro Wefel, with & ok djm@ + 20070815 - (dtucker) OpenBSD CVS Sync - markus@cvs.openbsd.org 2007/08/15 08:14:46 @@ -3169,4 +3173,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4730 2007/08/15 12:20:22 dtucker Exp $ +$Id: ChangeLog,v 1.4731 2007/08/16 13:28:04 dtucker Exp $ diff --git a/session.c b/session.c index 8c09c17c..9a606ef8 100644 --- a/session.c +++ b/session.c @@ -2478,8 +2478,19 @@ do_cleanup(Authctxt *authctxt) return; called = 1; - if (authctxt == NULL || !authctxt->authenticated) + if (authctxt == NULL) return; + +#ifdef USE_PAM + if (options.use_pam) { + sshpam_cleanup(); + sshpam_thread_cleanup(); + } +#endif + + if (!authctxt->authenticated) + return; + #ifdef KRB5 if (options.kerberos_ticket_cleanup && authctxt->krb5_ctx) @@ -2491,13 +2502,6 @@ do_cleanup(Authctxt *authctxt) ssh_gssapi_cleanup_creds(); #endif -#ifdef USE_PAM - if (options.use_pam) { - sshpam_cleanup(); - sshpam_thread_cleanup(); - } -#endif - /* remove agent socket */ auth_sock_cleanup_proc(authctxt->pw); -- cgit v1.2.3