mirror of git://anongit.mindrot.org/openssh.git
- dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently
causes problems in some Tru64 configurations.
This commit is contained in:
Darren Tucker
parent
82edf23fff
commit
28b973ea26
|
|
@ -1,3 +1,7 @@
|
||||||
|
20090828
|
||||||
|
- dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently
|
||||||
|
causes problems in some Tru64 configurations.
|
||||||
|
|
||||||
20090820
|
20090820
|
||||||
- (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not
|
- (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not
|
||||||
using it since the type conflicts can cause problems on FreeBSD. Patch
|
using it since the type conflicts can cause problems on FreeBSD. Patch
|
||||||
|
|
|
||||||
53
auth-sia.c
53
auth-sia.c
|
|
@ -34,10 +34,6 @@
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <stdarg.h>
|
#include <stdarg.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <sys/types.h>
|
|
||||||
#include <sys/security.h>
|
|
||||||
#include <prot.h>
|
|
||||||
#include <time.h>
|
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "key.h"
|
#include "key.h"
|
||||||
|
|
@ -53,52 +49,6 @@ extern ServerOptions options;
|
||||||
extern int saved_argc;
|
extern int saved_argc;
|
||||||
extern char **saved_argv;
|
extern char **saved_argv;
|
||||||
|
|
||||||
static int
|
|
||||||
sia_password_change_required(const char *user)
|
|
||||||
{
|
|
||||||
struct es_passwd *acct;
|
|
||||||
time_t pw_life;
|
|
||||||
time_t pw_date;
|
|
||||||
|
|
||||||
set_auth_parameters(saved_argc, saved_argv);
|
|
||||||
|
|
||||||
if ((acct = getespwnam(user)) == NULL) {
|
|
||||||
error("Couldn't access protected database entry for %s", user);
|
|
||||||
endprpwent();
|
|
||||||
return (0);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* If forced password change flag is set, honor it */
|
|
||||||
if (acct->uflg->fg_psw_chg_reqd && acct->ufld->fd_psw_chg_reqd) {
|
|
||||||
endprpwent();
|
|
||||||
return (1);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Obtain password lifetime; if none, it can't have expired */
|
|
||||||
if (acct->uflg->fg_expire)
|
|
||||||
pw_life = acct->ufld->fd_expire;
|
|
||||||
else if (acct->sflg->fg_expire)
|
|
||||||
pw_life = acct->sfld->fd_expire;
|
|
||||||
else {
|
|
||||||
endprpwent();
|
|
||||||
return (0);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Offset from last change; if none, it must be expired */
|
|
||||||
if (acct->uflg->fg_schange)
|
|
||||||
pw_date = acct->ufld->fd_schange + pw_life;
|
|
||||||
else {
|
|
||||||
endprpwent();
|
|
||||||
return (1);
|
|
||||||
}
|
|
||||||
|
|
||||||
endprpwent();
|
|
||||||
|
|
||||||
/* If expiration date is prior to now, change password */
|
|
||||||
|
|
||||||
return (pw_date <= time((time_t *) NULL));
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
int
|
||||||
sys_auth_passwd(Authctxt *authctxt, const char *pass)
|
sys_auth_passwd(Authctxt *authctxt, const char *pass)
|
||||||
{
|
{
|
||||||
|
|
@ -126,9 +76,6 @@ sys_auth_passwd(Authctxt *authctxt, const char *pass)
|
||||||
|
|
||||||
sia_ses_release(&ent);
|
sia_ses_release(&ent);
|
||||||
|
|
||||||
authctxt->force_pwchange = sia_password_change_required(
|
|
||||||
authctxt->user);
|
|
||||||
|
|
||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue