if KRB4_GET_TICKETS is not defined.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12001
dc483132-0cff-0310-8789-
dd5450dbe970
+2000-02-04 Tom Yu <tlyu@mit.edu>
+
+ * login.c (main): Reorder some control flow to avoid security hole
+ if KRB4_GET_TICKETS is not defined.
+
2000-01-27 Ken Raeburn <raeburn@mit.edu>
* krlogin.c (speeds): Added some comments from net recommending
#ifdef KRB5_GET_TICKETS
if (login_krb5_get_tickets)
dofork();
- else
#endif
#ifdef KRB4_GET_TICKETS
- if (login_krb4_get_tickets)
- dofork();
+ else if (login_krb4_get_tickets)
+ dofork();
#endif
/* If the user's shell does not do job control we should put it in a
#ifdef KRB5_GET_TICKETS
if (forwarded_v5_tickets)
destroy_tickets();
- else
#endif
#ifdef KRB4_GET_TICKETS
- if (got_v4_tickets)
- destroy_tickets();
+ else if (got_v4_tickets)
+ destroy_tickets();
#endif
#ifdef OQUOTA