d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Respect passwordtime from login.conf if set.

Browse Source 
PR:		bin/93473
Submitted by:	Björn König <bkoenig@cs.tu-berlin.de>
MFC after:	1 week
This commit is contained in:
des 2010-02-02 13:47:18 +00:00
parent b5b6d6b0e0
commit 154cd7f251
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/libpam/modules/pam_unix/pam_unix.c
View File

@ -275,6 +275,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
struct passwd *pwd, *old_pwd;
const char *user, *old_pass, *new_pass;
char *encrypted;
time_t passwordtime;
int pfd, tfd, retval;
if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF))
@ -377,11 +378,17 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
if ((old_pwd = pw_dup(pwd)) == NULL)
return (PAM_BUF_ERR);
pwd->pw_change = 0;
lc = login_getclass(pwd->pw_class);
if (login_setcryptfmt(lc, password_hash, NULL) == NULL)
openpam_log(PAM_LOG_ERROR,
"can't set password cipher, relying on default");
/* set password expiry date */
pwd->pw_change = 0;
passwordtime = login_getcaptime(lc, "passwordtime", 0, 0);
if (passwordtime > 0)
pwd->pw_change = time(NULL) + passwordtime;
login_close(lc);
makesalt(salt);
pwd->pw_passwd = crypt(new_pass, salt);