1 files changed, 24 insertions, 0 deletions
diff --git a/auth.c b/auth.c
index 685b8bb35..bf5306be4 100644
--- a/auth.c
+++ b/auth.c
@@ -22,6 +22,9 @@ RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $");
 #ifdef HAVE_LOGIN_H
 #include <login.h>
 #endif
+#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
+#include <shadow.h>
+#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
 #include "bufaux.h"
 #include "ssh2.h"
@@ -53,11 +56,32 @@ allowed_user(struct passwd * pw)
 #ifdef WITH_AIXAUTHENTICATE
        char *loginmsg;
 #endif /* WITH_AIXAUTHENTICATE */
+#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \
+        defined(HAS_SHADOW_EXPIRE)
+  struct spwd *spw;
        /* Shouldn't be called if pw is NULL, but better safe than sorry... */
        if (!pw)
                return 0;
+        spw = getspnam(pw->pw_name);
+        if (spw == NULL)
+                return 0;
+        
+        /* Check account expiry */
+        if ((spw->sp_expire > 0) && ((time(NULL) / 86400) > spw->sp_expire))
+                return 0;
+        /* Check password expiry */
+        if ((spw->sp_lstchg > 0) && (spw->sp_inact > 0) && 
+                ((time(NULL) / 86400) > (spw->sp_lstchg + spw->sp_inact)))
+                return 0;
+#else
+        /* Shouldn't be called if pw is NULL, but better safe than sorry... */
+        if (!pw)
+                return 0;
+#endif
        /*
         * Get the shell from the password data.  An empty shell field is
         * legal, and means /bin/sh.

diff --git a/auth.c b/auth.c index 685b8bb35..bf5306be4 100644 --- a/auth.c +++ b/auth.c
@@ -22,6 +22,9 @@ RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $");
22	#ifdef HAVE_LOGIN_H	22	#ifdef HAVE_LOGIN_H
23	#include <login.h>	23	#include <login.h>
24	#endif	24	#endif
		25	#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
		26	#include <shadow.h>
		27	#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
25		28
26	#include "bufaux.h"	29	#include "bufaux.h"
27	#include "ssh2.h"	30	#include "ssh2.h"
@@ -53,11 +56,32 @@ allowed_user(struct passwd * pw)
53	#ifdef WITH_AIXAUTHENTICATE	56	#ifdef WITH_AIXAUTHENTICATE
54	char *loginmsg;	57	char *loginmsg;
55	#endif /* WITH_AIXAUTHENTICATE */	58	#endif /* WITH_AIXAUTHENTICATE */
		59	#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \
		60	defined(HAS_SHADOW_EXPIRE)
		61	struct spwd *spw;
56		62
57	/* Shouldn't be called if pw is NULL, but better safe than sorry... */	63	/* Shouldn't be called if pw is NULL, but better safe than sorry... */
58	if (!pw)	64	if (!pw)
59	return 0;	65	return 0;
60		66
		67	spw = getspnam(pw->pw_name);
		68	if (spw == NULL)
		69	return 0;
		70
		71	/* Check account expiry */
		72	if ((spw->sp_expire > 0) && ((time(NULL) / 86400) > spw->sp_expire))
		73	return 0;
		74
		75	/* Check password expiry */
		76	if ((spw->sp_lstchg > 0) && (spw->sp_inact > 0) &&
		77	((time(NULL) / 86400) > (spw->sp_lstchg + spw->sp_inact)))
		78	return 0;
		79	#else
		80	/* Shouldn't be called if pw is NULL, but better safe than sorry... */
		81	if (!pw)
		82	return 0;
		83	#endif
		84
61	/*	85	/*
62	* Get the shell from the password data. An empty shell field is	86	* Get the shell from the password data. An empty shell field is
63	* legal, and means /bin/sh.	87	* legal, and means /bin/sh.