|
Lines 34-39
Link Here
|
| 34 |
#include <unistd.h> |
34 |
#include <unistd.h> |
| 35 |
#include <stdarg.h> |
35 |
#include <stdarg.h> |
| 36 |
#include <string.h> |
36 |
#include <string.h> |
|
|
37 |
#include <sys/types.h> |
| 38 |
#include <sys/security.h> |
| 39 |
#include <prot.h> |
| 40 |
#include <time.h> |
| 37 |
|
41 |
|
| 38 |
#include "ssh.h" |
42 |
#include "ssh.h" |
| 39 |
#include "key.h" |
43 |
#include "key.h" |
|
Lines 50-55
Link Here
|
| 50 |
extern char **saved_argv; |
54 |
extern char **saved_argv; |
| 51 |
|
55 |
|
| 52 |
int |
56 |
int |
|
|
57 |
sia_password_change_required(const char *user) |
| 58 |
{ |
| 59 |
struct es_passwd *acct; |
| 60 |
time_t pw_life; |
| 61 |
time_t pw_date; |
| 62 |
|
| 63 |
set_auth_parameters(saved_argc, saved_argv); |
| 64 |
|
| 65 |
if ((acct = getespwnam(user)) == NULL) { |
| 66 |
error("Couldn't access protected database entry for %s", user); |
| 67 |
endprpwent(); |
| 68 |
return (0); |
| 69 |
} |
| 70 |
|
| 71 |
/* If forced password change flag is set, honor it */ |
| 72 |
if (acct->uflg->fg_psw_chg_reqd && acct->ufld->fd_psw_chg_reqd) { |
| 73 |
endprpwent(); |
| 74 |
return (1); |
| 75 |
} |
| 76 |
|
| 77 |
/* Obtain password lifetime; if none, it can't have expired */ |
| 78 |
if (acct->uflg->fg_expire) |
| 79 |
pw_life = acct->ufld->fd_expire; |
| 80 |
else if (acct->sflg->fg_expire) |
| 81 |
pw_life = acct->sfld->fd_expire; |
| 82 |
else { |
| 83 |
endprpwent(); |
| 84 |
return (0); |
| 85 |
} |
| 86 |
|
| 87 |
/* Offset from last change; if none, it must be expired */ |
| 88 |
if (acct->uflg->fg_schange) |
| 89 |
pw_date = acct->ufld->fd_schange + pw_life; |
| 90 |
else { |
| 91 |
endprpwent(); |
| 92 |
return (1); |
| 93 |
} |
| 94 |
|
| 95 |
endprpwent(); |
| 96 |
|
| 97 |
/* If expiration date is prior to now, change password */ |
| 98 |
|
| 99 |
return (pw_date <= time((time_t *) NULL)); |
| 100 |
} |
| 101 |
|
| 102 |
int |
| 53 |
sys_auth_passwd(Authctxt *authctxt, const char *pass) |
103 |
sys_auth_passwd(Authctxt *authctxt, const char *pass) |
| 54 |
{ |
104 |
{ |
| 55 |
int ret; |
105 |
int ret; |
|
Lines 76-81
Link Here
|
| 76 |
|
126 |
|
| 77 |
sia_ses_release(&ent); |
127 |
sia_ses_release(&ent); |
| 78 |
|
128 |
|
|
|
129 |
authctxt->force_pwchange = sia_password_change_required( |
| 130 |
authctxt->user); |
| 131 |
|
| 79 |
return (1); |
132 |
return (1); |
| 80 |
} |
133 |
} |
| 81 |
|
134 |
|