diff --git a/lib/gssapi/krb5/verify_mic.c b/lib/gssapi/krb5/verify_mic.c
index 929462a49..33d0f4503 100644
--- a/lib/gssapi/krb5/verify_mic.c
+++ b/lib/gssapi/krb5/verify_mic.c
@@ -59,10 +59,8 @@ verify_mic_des
   ret = gssapi_krb5_verify_header (&p,
 				   token_buffer->length,
 				   type);
-  if (ret) {
-      *minor_status = 0;
+  if (ret)
       return ret;
-  }
 
   if (memcmp(p, "\x00\x00", 2) != 0)
       return GSS_S_BAD_SIG;
@@ -88,7 +86,6 @@ verify_mic_des
   if (memcmp (p - 8, hash, 8) != 0) {
     memset (deskey, 0, sizeof(deskey));
     memset (schedule, 0, sizeof(schedule));
-    *minor_status = 0;
     return GSS_S_BAD_MIC;
   }
 
@@ -115,7 +112,6 @@ verify_mic_des
   memset (schedule, 0, sizeof(schedule));
 
   if (memcmp (p, seq_data, 8) != 0) {
-    *minor_status = 0;
     return GSS_S_BAD_MIC;
   }
 
@@ -124,7 +120,6 @@ verify_mic_des
 				++seq_number);
   HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
 
-  *minor_status = 0;
   return GSS_S_COMPLETE;
 }
 
@@ -154,10 +149,8 @@ verify_mic_des3
   ret = gssapi_krb5_verify_header (&p,
 				   token_buffer->length,
 				   type);
-  if (ret) {
-      *minor_status = 0;
+  if (ret)
       return ret;
-  }
 
   if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */
       return GSS_S_BAD_SIG;
@@ -260,7 +253,6 @@ retry:
   HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
 
   krb5_crypto_destroy (gssapi_krb5_context, crypto);
-  *minor_status = 0;
   return GSS_S_COMPLETE;
 }
 
@@ -284,6 +276,7 @@ gss_verify_mic_internal
 	*minor_status = ret;
 	return GSS_S_FAILURE;
     }
+    *minor_status = 0;
     krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
     switch (keytype) {
     case KEYTYPE_DES :
diff --git a/lib/gssapi/verify_mic.c b/lib/gssapi/verify_mic.c
index 929462a49..33d0f4503 100644
--- a/lib/gssapi/verify_mic.c
+++ b/lib/gssapi/verify_mic.c
@@ -59,10 +59,8 @@ verify_mic_des
   ret = gssapi_krb5_verify_header (&p,
 				   token_buffer->length,
 				   type);
-  if (ret) {
-      *minor_status = 0;
+  if (ret)
       return ret;
-  }
 
   if (memcmp(p, "\x00\x00", 2) != 0)
       return GSS_S_BAD_SIG;
@@ -88,7 +86,6 @@ verify_mic_des
   if (memcmp (p - 8, hash, 8) != 0) {
     memset (deskey, 0, sizeof(deskey));
     memset (schedule, 0, sizeof(schedule));
-    *minor_status = 0;
     return GSS_S_BAD_MIC;
   }
 
@@ -115,7 +112,6 @@ verify_mic_des
   memset (schedule, 0, sizeof(schedule));
 
   if (memcmp (p, seq_data, 8) != 0) {
-    *minor_status = 0;
     return GSS_S_BAD_MIC;
   }
 
@@ -124,7 +120,6 @@ verify_mic_des
 				++seq_number);
   HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
 
-  *minor_status = 0;
   return GSS_S_COMPLETE;
 }
 
@@ -154,10 +149,8 @@ verify_mic_des3
   ret = gssapi_krb5_verify_header (&p,
 				   token_buffer->length,
 				   type);
-  if (ret) {
-      *minor_status = 0;
+  if (ret)
       return ret;
-  }
 
   if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */
       return GSS_S_BAD_SIG;
@@ -260,7 +253,6 @@ retry:
   HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
 
   krb5_crypto_destroy (gssapi_krb5_context, crypto);
-  *minor_status = 0;
   return GSS_S_COMPLETE;
 }
 
@@ -284,6 +276,7 @@ gss_verify_mic_internal
 	*minor_status = ret;
 	return GSS_S_FAILURE;
     }
+    *minor_status = 0;
     krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
     switch (keytype) {
     case KEYTYPE_DES :