summaryrefslogtreecommitdiff
path: root/auth.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth.c')
-rw-r--r--auth.c33
1 files changed, 8 insertions, 25 deletions
diff --git a/auth.c b/auth.c
index c6e7c21c4..6d999221c 100644
--- a/auth.c
+++ b/auth.c
@@ -28,9 +28,9 @@ RCSID("$OpenBSD: auth.c,v 1.51 2003/11/21 11:57:02 djm Exp $");
28#ifdef HAVE_LOGIN_H 28#ifdef HAVE_LOGIN_H
29#include <login.h> 29#include <login.h>
30#endif 30#endif
31#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 31#ifdef USE_SHADOW
32#include <shadow.h> 32#include <shadow.h>
33#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ 33#endif
34 34
35#ifdef HAVE_LIBGEN_H 35#ifdef HAVE_LIBGEN_H
36#include <libgen.h> 36#include <libgen.h>
@@ -76,7 +76,7 @@ allowed_user(struct passwd * pw)
76 const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; 76 const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
77 char *shell; 77 char *shell;
78 int i; 78 int i;
79#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 79#ifdef USE_SHADOW
80 struct spwd *spw = NULL; 80 struct spwd *spw = NULL;
81#endif 81#endif
82 82
@@ -84,34 +84,17 @@ allowed_user(struct passwd * pw)
84 if (!pw || !pw->pw_name) 84 if (!pw || !pw->pw_name)
85 return 0; 85 return 0;
86 86
87#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 87#ifdef USE_SHADOW
88 if (!options.use_pam) 88 if (!options.use_pam)
89 spw = getspnam(pw->pw_name); 89 spw = getspnam(pw->pw_name);
90#ifdef HAS_SHADOW_EXPIRE 90#ifdef HAS_SHADOW_EXPIRE
91#define DAY (24L * 60 * 60) /* 1 day in seconds */ 91 if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw))
92 if (!options.use_pam && spw != NULL) { 92 return 0;
93 int disabled = 0;
94 time_t today;
95
96 today = time(NULL) / DAY;
97 debug3("allowed_user: today %d sp_expire %d sp_lstchg %d"
98 " sp_max %d", (int)today, (int)spw->sp_expire,
99 (int)spw->sp_lstchg, (int)spw->sp_max);
100
101 /*
102 * We assume account and password expiration occurs the
103 * day after the day specified.
104 */
105 if (spw->sp_expire != -1 && today > spw->sp_expire) {
106 logit("Account %.100s has expired", pw->pw_name);
107 return 0;
108 }
109 }
110#endif /* HAS_SHADOW_EXPIRE */ 93#endif /* HAS_SHADOW_EXPIRE */
111#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ 94#endif /* USE_SHADOW */
112 95
113 /* grab passwd field for locked account check */ 96 /* grab passwd field for locked account check */
114#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 97#ifdef USE_SHADOW
115 if (spw != NULL) 98 if (spw != NULL)
116 passwd = spw->sp_pwdp; 99 passwd = spw->sp_pwdp;
117#else 100#else
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-14 03:53:28 +0000