From 26f1c2ad5d1b05ff343c9dc4c30fe6f3e9be487c Mon Sep 17 00:00:00 2001
From: kouril <kouril>
Date: Thu, 5 Feb 2004 15:12:08 +0000
Subject: [PATCH] moved check for nonempty password to a proper place

---
 src/mod_auth_kerb.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/mod_auth_kerb.c b/src/mod_auth_kerb.c
index edd5ab0..c64e16d 100644
--- a/src/mod_auth_kerb.c
+++ b/src/mod_auth_kerb.c
@@ -651,13 +651,6 @@ int authenticate_user_krb5pwd(request_rec *r,
    }
 
    sent_pw = ap_pbase64decode(r->pool, auth_line);
-   if (sent_pw == NULL || *sent_pw == '\0') {
-      log_rerror(APLOG_MARK, APLOG_ERR, 0, r, 
-	         "empty passwords are not accepted");
-      ret = HTTP_UNAUTHORIZED;
-      goto end;
-   }
-
    sent_name = ap_getword (r->pool, &sent_pw, ':');
    /* do not allow user to override realm setting of server */
    if (strchr(sent_name, '@')) {
@@ -667,6 +660,13 @@ int authenticate_user_krb5pwd(request_rec *r,
       goto end;
    }
 
+   if (sent_pw == NULL || *sent_pw == '\0') {
+      log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+	         "empty passwords are not accepted");
+      ret = HTTP_UNAUTHORIZED;
+      goto end;
+   }
+
    /* XXX Heimdal allows to use the MEMORY: type with empty argument ? */
    ccname = ap_psprintf(r->pool, "MEMORY:%s/krb5cc_apache_XXXXXX", P_tmpdir);
    fd = mkstemp(ccname + strlen("MEMORY:"));
-- 
2.1.4