(main): move down login incorrect to disallow account guessing

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6753 ec53bebd-3082-4978-b11e-865c3cabbd6b
1999-08-05 12:20:17 +00:00
parent fd6e3126dc
commit 51943ce882
1 changed files with 6 additions and 5 deletions
--- a/appl/login/login.c
+++ b/appl/login/login.c
@@ -570,11 +570,6 @@ main(int argc, char **argv)
 		continue;
 	}
        pwd = k_getpwnam(username);
-	if(pwd == NULL){
-	    fprintf(stderr, "Login incorrect.\n");
-	    ask = 1;
-	    continue;
-	}
 #ifdef ALLOW_NULL_PASSWORD
        if (pwd != NULL && (pwd->pw_passwd[0] == '\0')) {
            strcpy(password,"");
@@ -587,6 +582,12 @@ main(int argc, char **argv)
 		continue;
 	}
 	
+	if(pwd == NULL){
+	    fprintf(stderr, "Login incorrect.\n");
+	    ask = 1;
+	    continue;
+	}
+
 	if(f_flag == 0 && check_password(pwd, password)){
 	    fprintf(stderr, "Login incorrect.\n");
            ask = 1;