optarg must be declared extern char *

Don't give error message about connection from bad port if the Kerberos
authentication fails and the only acceptable authentication is Kerberos....

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3087 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c
index 987720248b2af8eb85239e88f1d1e8c44d037ad8..d96abbd0192de83a9fb3add221a09f2a7bd311c0 100644 (file)
--- a/src/appl/bsd/krlogind.c
+++ b/src/appl/bsd/krlogind.c
@@ -263,7 +263,7 @@ main(argc, argv)
      char **argv;
 {
     extern int opterr, optind;
-    char * optarg;
+    extern char * optarg;
     int on = 1, fromlen, ch, i;
     struct sockaddr_in from;
     char *options;
@@ -1053,7 +1053,8 @@ do_krb_login(host)
     /*  The kerberos authenticated request must pass ruserok also
        if asked for. */
     
-    if (must_pass_rhosts || (!passed_krb && must_pass_one)) {
+    if (!must_pass_k5 &&
+       (must_pass_rhosts || (!passed_krb && must_pass_one))) {
        /* Cannot check .rhosts unless connection from a privileged port. */
        if (non_privileged) 
          fatal(netf, "Permission denied - Connection from bad port");
@@ -1071,7 +1072,7 @@ do_krb_login(host)
     
     if (ticket)
        krb5_free_ticket(ticket);
-    fatal(netf, "User is not authorized to login to specified account.");
+    fatal(netf, "User is not authorized to login to specified account");
 }