diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2004-02-21 23:43:15 +0100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2004-02-21 23:43:15 +0100 |
| commit | 15ee748f2835f301499f8c31b6b4e56f5deca7de (patch) | |
| tree | 513b99b8e7fcbaf90a7444bfb6ab47b86d90025d /auth.c | |
| parent | - (djm) [openbsd-compat/setproctitle.c] fix comments; from grange@ (diff) | |
| download | openssh-15ee748f2835f301499f8c31b6b4e56f5deca7de.tar.xz openssh-15ee748f2835f301499f8c31b6b4e56f5deca7de.zip | |
- (dtucker) [auth-shadow.c auth.c auth.h] Move shadow account expiry test
to auth-shadow.c, no functional change. ok djm@
Diffstat (limited to 'auth.c')
| -rw-r--r-- | auth.c | 33 |
1 files changed, 8 insertions, 25 deletions
@@ -28,9 +28,9 @@ RCSID("$OpenBSD: auth.c,v 1.51 2003/11/21 11:57:02 djm Exp $"); #ifdef HAVE_LOGIN_H #include <login.h> #endif -#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) +#ifdef USE_SHADOW #include <shadow.h> -#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ +#endif #ifdef HAVE_LIBGEN_H #include <libgen.h> @@ -76,7 +76,7 @@ allowed_user(struct passwd * pw) const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; char *shell; int i; -#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) +#ifdef USE_SHADOW struct spwd *spw = NULL; #endif @@ -84,34 +84,17 @@ allowed_user(struct passwd * pw) if (!pw || !pw->pw_name) return 0; -#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) +#ifdef USE_SHADOW if (!options.use_pam) spw = getspnam(pw->pw_name); #ifdef HAS_SHADOW_EXPIRE -#define DAY (24L * 60 * 60) /* 1 day in seconds */ - if (!options.use_pam && spw != NULL) { - int disabled = 0; - time_t today; - - today = time(NULL) / DAY; - debug3("allowed_user: today %d sp_expire %d sp_lstchg %d" - " sp_max %d", (int)today, (int)spw->sp_expire, - (int)spw->sp_lstchg, (int)spw->sp_max); - - /* - * We assume account and password expiration occurs the - * day after the day specified. - */ - if (spw->sp_expire != -1 && today > spw->sp_expire) { - logit("Account %.100s has expired", pw->pw_name); - return 0; - } - } + if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw)) + return 0; #endif /* HAS_SHADOW_EXPIRE */ -#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ +#endif /* USE_SHADOW */ /* grab passwd field for locked account check */ -#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) +#ifdef USE_SHADOW if (spw != NULL) passwd = spw->sp_pwdp; #else |