Date: Sun, 01 Jul 2001 00:34:26 -0400 (EDT) From: Mike Wiacek <mikew@magpage.com> To: freebsd-bugs@FreeBSD.org, mikew@magpage.com Subject: Re: [PATCH] bin/28311: ftpd and sshd do not honor expired pw ent Message-ID: <XFMail.010701003426.mikew@magpage.com>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
attached is a patch for ftpd to make it check
account expiration dates, when used with PAM.
Currently when compiled without PAM, expiration
dates are checked, but with PAM, no expiration
is checked.
Mike
[-- Attachment #2 --]
*** ftpd.c Wed Mar 21 09:40:36 2001
--- ftpd.new Fri Jun 22 19:33:01 2001
***************
*** 1151,1156 ****
--- 1151,1167 ----
if ((e = pam_get_item(pamh, PAM_USER, &item)) ==
PAM_SUCCESS) {
tmpl_user = (const char *) item;
+
+ /* Ok, the user is valid, BUT we have to check
+ * if their account has expired. If it has, deny
+ * access
+ */
+
+ if(pam_acct_mgmt(pamh, NULL) != PAM_SUCCESS){
+ rval = -1;
+ break;
+ }
+
if (strcmp((*ppw)->pw_name, tmpl_user) != 0)
*ppw = getpwnam(tmpl_user);
} else
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.010701003426.mikew>