Date: Tue, 2 Feb 2010 13:47:18 +0000 (UTC) From: Dag-Erling Smorgrav <des@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r203377 - head/lib/libpam/modules/pam_unix Message-ID: <201002021347.o12DlI55075998@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: des Date: Tue Feb 2 13:47:18 2010 New Revision: 203377 URL: http://svn.freebsd.org/changeset/base/203377 Log: Respect passwordtime from login.conf if set. PR: bin/93473 Submitted by: Björn König <bkoenig@cs.tu-berlin.de> MFC after: 1 week Modified: head/lib/libpam/modules/pam_unix/pam_unix.c Modified: head/lib/libpam/modules/pam_unix/pam_unix.c ============================================================================== --- head/lib/libpam/modules/pam_unix/pam_unix.c Tue Feb 2 11:09:28 2010 (r203376) +++ head/lib/libpam/modules/pam_unix/pam_unix.c Tue Feb 2 13:47:18 2010 (r203377) @@ -271,10 +271,11 @@ pam_sm_chauthtok(pam_handle_t *pamh, int const void *yp_domain, *yp_server; #endif char salt[SALTSIZE + 1]; - login_cap_t * lc; + login_cap_t *lc; struct passwd *pwd, *old_pwd; const char *user, *old_pass, *new_pass; char *encrypted; + time_t passwordtime; int pfd, tfd, retval; if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) @@ -377,11 +378,17 @@ pam_sm_chauthtok(pam_handle_t *pamh, int if ((old_pwd = pw_dup(pwd)) == NULL) return (PAM_BUF_ERR); - pwd->pw_change = 0; lc = login_getclass(pwd->pw_class); if (login_setcryptfmt(lc, password_hash, NULL) == NULL) openpam_log(PAM_LOG_ERROR, "can't set password cipher, relying on default"); + + /* set password expiry date */ + pwd->pw_change = 0; + passwordtime = login_getcaptime(lc, "passwordtime", 0, 0); + if (passwordtime > 0) + pwd->pw_change = time(NULL) + passwordtime; + login_close(lc); makesalt(salt); pwd->pw_passwd = crypt(new_pass, salt);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201002021347.o12DlI55075998>