- (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove

   duplicate call.  ok djm@

1 files changed, 4 insertions, 8 deletions

diff --git a/auth2.c b/auth2.c
index 613b0e2bc..d255242ed 100644
--- a/auth2.c
+++ b/auth2.c
@@ -156,21 +156,17 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
                 if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
                         authctxt->valid = 1;
                         debug2("input_userauth_request: setting up authctxt for %s", user);
-#ifdef USE_PAM
-                        if (options.use_pam)
-                                PRIVSEP(start_pam(authctxt));
-#endif
                 } else {
                         logit("input_userauth_request: invalid user %s", user);
                         authctxt->pw = fakepw();
-#ifdef USE_PAM
-                        if (options.use_pam)
-                                PRIVSEP(start_pam(authctxt));
-#endif
 #ifdef SSH_AUDIT_EVENTS
                         PRIVSEP(audit_event(SSH_INVALID_USER));
 #endif
                 }
+#ifdef USE_PAM
+                if (options.use_pam)
+                        PRIVSEP(start_pam(authctxt));
+#endif
                 setproctitle("%s%s", authctxt->valid ? user : "unknown",
                     use_privsep ? " [net]" : "");
                 authctxt->service = xstrdup(service);