* login.c (main): Reorder some control flow to avoid security hole
authorTom Yu <tlyu@mit.edu>
Sun, 6 Feb 2000 21:57:32 +0000 (21:57 +0000)
committerTom Yu <tlyu@mit.edu>
Sun, 6 Feb 2000 21:57:32 +0000 (21:57 +0000)
if KRB4_GET_TICKETS is not defined.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12001 dc483132-0cff-0310-8789-dd5450dbe970

src/appl/bsd/ChangeLog
src/appl/bsd/login.c

index dcf0d0436790d430050efb533a759baa62c724d6..e5b56a40a8ba133bbb48fe9d2e857ba01b6505d4 100644 (file)
@@ -1,3 +1,8 @@
+2000-02-04  Tom Yu  <tlyu@mit.edu>
+
+       * login.c (main): Reorder some control flow to avoid security hole
+       if KRB4_GET_TICKETS is not defined.
+
 2000-01-27  Ken Raeburn  <raeburn@mit.edu>
 
        * krlogin.c (speeds): Added some comments from net recommending
index d9789a721af5808fc36b51d6c8b6df6a910dd438..237cb4a7de44d0124287cde601d74bc32837cbb1 100644 (file)
@@ -1455,11 +1455,10 @@ int main(argc, argv)
 #ifdef KRB5_GET_TICKETS
     if (login_krb5_get_tickets)
        dofork();
-    else
 #endif
 #ifdef KRB4_GET_TICKETS
-       if (login_krb4_get_tickets)
-           dofork();
+    else if (login_krb4_get_tickets)
+       dofork();
 #endif
 
 /* If the user's shell does not do job control we should put it in a
@@ -1587,11 +1586,10 @@ int main(argc, argv)
 #ifdef KRB5_GET_TICKETS
     if (forwarded_v5_tickets)
        destroy_tickets();
-    else
 #endif
 #ifdef KRB4_GET_TICKETS
-       if (got_v4_tickets)
-           destroy_tickets();
+    else if (got_v4_tickets)
+        destroy_tickets();
 #endif
 
 #ifdef OQUOTA