- (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on

logout to after the session close. Patch from Anicka Bernathova, ok djm.
author: dtucker <dtucker> 2009-07-12 12:07:21 +0000
committer: dtucker <dtucker> 2009-07-12 12:07:21 +0000
commit: 8df02948895a84bda8c9038c26fde836ffa890e1 (patch)
tree: 23efe89e0ae4dce7a42680285db0f933d129e0d6 /auth-pam.c
parent: d63cc765d4797a964ea2e7961079bab072fe6735 (diff)
download: openssh-8df02948895a84bda8c9038c26fde836ffa890e1.tar.gz
1 files changed, 5 insertions, 5 deletions
diff --git a/auth-pam.c b/auth-pam.c
index ccdb9937..675006e6 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -602,16 +602,16 @@ sshpam_cleanup(void)
 		return;
 	debug("PAM: cleanup");
 	pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv);
-	if (sshpam_cred_established) {
-		debug("PAM: deleting credentials");
-		pam_setcred(sshpam_handle, PAM_DELETE_CRED);
-		sshpam_cred_established = 0;
-	}
 	if (sshpam_session_open) {
 		debug("PAM: closing session");
 		pam_close_session(sshpam_handle, PAM_SILENT);
 		sshpam_session_open = 0;
 	}
+	if (sshpam_cred_established) {
+		debug("PAM: deleting credentials");
+		pam_setcred(sshpam_handle, PAM_DELETE_CRED);
+		sshpam_cred_established = 0;
+	}
 	sshpam_authenticated = 0;
 	pam_end(sshpam_handle, sshpam_err);
 	sshpam_handle = NULL;
author	dtucker <dtucker>	2009-07-12 12:07:21 +0000
committer	dtucker <dtucker>	2009-07-12 12:07:21 +0000
commit	8df02948895a84bda8c9038c26fde836ffa890e1 (patch)
tree	23efe89e0ae4dce7a42680285db0f933d129e0d6 /auth-pam.c
parent	d63cc765d4797a964ea2e7961079bab072fe6735 (diff)
download	openssh-8df02948895a84bda8c9038c26fde836ffa890e1.tar.gz