===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/gss-serv.c,v
retrieving revision 1.5.4.1
retrieving revision 1.6
diff -u -r1.5.4.1 -r1.6
--- src/usr.bin/ssh/gss-serv.c	2005/09/02 03:45:00	1.5.4.1
+++ src/usr.bin/ssh/gss-serv.c	2005/06/17 02:44:32	1.6
@@ -1,4 +1,4 @@
-/*	$OpenBSD: gss-serv.c,v 1.5.4.1 2005/09/02 03:45:00 brad Exp $	*/
+/*	$OpenBSD: gss-serv.c,v 1.6 2005/06/17 02:44:32 djm Exp $	*/
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -164,7 +164,7 @@
 	 */
 	if (tok[4] != 0x06 || tok[5] != oidl ||
 	    ename->length < oidl+6 ||
-	    !ssh_gssapi_check_oid(ctx,tok+6,oidl))
+	   !ssh_gssapi_check_oid(ctx,tok+6,oidl))
 		return GSS_S_FAILURE;
 
 	offset = oidl+6;
@@ -267,7 +267,7 @@
 		debug("Setting %s to %s", gssapi_client.store.envvar,
 		gssapi_client.store.envval);
 		child_set_env(envp, envsizep, gssapi_client.store.envvar,
-		    gssapi_client.store.envval);
+		     gssapi_client.store.envval);
 	}
 }
 
@@ -275,24 +275,13 @@
 int
 ssh_gssapi_userok(char *user)
 {
-	OM_uint32 lmin;
-
 	if (gssapi_client.exportedname.length == 0 ||
 	    gssapi_client.exportedname.value == NULL) {
 		debug("No suitable client data");
 		return 0;
 	}
 	if (gssapi_client.mech && gssapi_client.mech->userok)
-		if ((*gssapi_client.mech->userok)(&gssapi_client, user))
-			return 1;
-		else {
-			/* Destroy delegated credentials if userok fails */
-			gss_release_buffer(&lmin, &gssapi_client.displayname);
-			gss_release_buffer(&lmin, &gssapi_client.exportedname);
-			gss_release_cred(&lmin, &gssapi_client.creds);
-			memset(&gssapi_client, 0, sizeof(ssh_gssapi_client));
-			return 0;
-		}
+		return ((*gssapi_client.mech->userok)(&gssapi_client, user));
 	else
 		debug("ssh_gssapi_userok: Unknown GSSAPI mechanism");
 	return (0);