1 files changed, 13 insertions, 13 deletions
diff --git a/auth2.c b/auth2.c
index 05d6c2447..d8363bdba 100644
--- a/auth2.c
+++ b/auth2.c
@@ -398,20 +398,20 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
 #ifdef USE_PAM
        if (options.use_pam && authenticated) {
-                int r;
+                int r, success = PRIVSEP(do_pam_account());
-                if (!PRIVSEP(do_pam_account())) {
+                /* If PAM returned a message, send it to the user. */
-                        /* if PAM returned a message, send it to the user */
+                if (sshbuf_len(loginmsg) > 0) {
-                        if (sshbuf_len(loginmsg) > 0) {
+                        if ((r = sshbuf_put(loginmsg, "\0", 1)) != 0)
-                                if ((r = sshbuf_put(loginmsg, "\0", 1)) != 0)
+                                fatal("%s: buffer error: %s",
-                                        fatal("%s: buffer error: %s",
+                                    __func__, ssh_err(r));
-                                            __func__, ssh_err(r));
+                        userauth_send_banner(ssh, sshbuf_ptr(loginmsg));
-                                userauth_send_banner(ssh, sshbuf_ptr(loginmsg));
+                        if ((r = ssh_packet_write_wait(ssh)) != 0) {
-                                if ((r = ssh_packet_write_wait(ssh)) != 0) {
+                                sshpkt_fatal(ssh, r,
-                                        sshpkt_fatal(ssh, r,
+                                    "%s: send PAM banner", __func__);
-                                            "%s: send PAM banner", __func__);
-                                }
                        }
+                }
+                if (!success) {
                        fatal("Access denied for user %s by PAM account "
                            "configuration", authctxt->user);
                }

diff --git a/auth2.c b/auth2.c index 05d6c2447..d8363bdba 100644 --- a/auth2.c +++ b/auth2.c
@@ -398,20 +398,20 @@ userauth_finish(struct ssh ssh, int authenticated, const char method,
398		398
399	#ifdef USE_PAM	399	#ifdef USE_PAM
400	if (options.use_pam && authenticated) {	400	if (options.use_pam && authenticated) {
401	int r;	401	int r, success = PRIVSEP(do_pam_account());
402		402
403	if (!PRIVSEP(do_pam_account())) {	403	/* If PAM returned a message, send it to the user. */
404	/* if PAM returned a message, send it to the user */	404	if (sshbuf_len(loginmsg) > 0) {
405	if (sshbuf_len(loginmsg) > 0) {	405	if ((r = sshbuf_put(loginmsg, "\0", 1)) != 0)
406	if ((r = sshbuf_put(loginmsg, "\0", 1)) != 0)	406	fatal("%s: buffer error: %s",
407	fatal("%s: buffer error: %s",	407	__func__, ssh_err(r));
408	__func__, ssh_err(r));	408	userauth_send_banner(ssh, sshbuf_ptr(loginmsg));
409	userauth_send_banner(ssh, sshbuf_ptr(loginmsg));	409	if ((r = ssh_packet_write_wait(ssh)) != 0) {
410	if ((r = ssh_packet_write_wait(ssh)) != 0) {	410	sshpkt_fatal(ssh, r,
411	sshpkt_fatal(ssh, r,	411	"%s: send PAM banner", __func__);
412	"%s: send PAM banner", __func__);
413	}
414	}	412	}
		413	}
		414	if (!success) {
415	fatal("Access denied for user %s by PAM account "	415	fatal("Access denied for user %s by PAM account "
416	"configuration", authctxt->user);	416	"configuration", authctxt->user);
417	}	417	}