Bugzilla – Attachment 1194 Details for
Bug 1241
Connections to Tru64 hosts hang when password is expired.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Add password expiration checking to auth-sia.c
auth-sia.patch (text/plain), 1.69 KB, created by
R. Scott Bailey
on 2006-10-03 03:05:16 AEST
(
hide
)
Description:
Add password expiration checking to auth-sia.c
Filename:
MIME Type:
Creator:
R. Scott Bailey
Created:
2006-10-03 03:05:16 AEST
Size:
1.69 KB
patch
obsolete
>--- openssh-4.4p1-orig/auth-sia.c 2006-09-07 19:54:41.000000000 -0400 >+++ openssh-4.4p1/auth-sia.c 2006-10-02 11:42:41.000000000 -0400 >@@ -34,6 +34,10 @@ > #include <unistd.h> > #include <stdarg.h> > #include <string.h> >+#include <sys/types.h> >+#include <sys/security.h> >+#include <prot.h> >+#include <time.h> > > #include "ssh.h" > #include "key.h" >@@ -50,6 +54,52 @@ > extern char **saved_argv; > > int >+sia_password_change_required(const char *user) >+{ >+ struct es_passwd *acct; >+ time_t pw_life; >+ time_t pw_date; >+ >+ set_auth_parameters(saved_argc, saved_argv); >+ >+ if ((acct = getespwnam(user)) == NULL) { >+ error("Couldn't access protected database entry for %s", user); >+ endprpwent(); >+ return (0); >+ } >+ >+ /* If forced password change flag is set, honor it */ >+ if (acct->uflg->fg_psw_chg_reqd && acct->ufld->fd_psw_chg_reqd) { >+ endprpwent(); >+ return (1); >+ } >+ >+ /* Obtain password lifetime; if none, it can't have expired */ >+ if (acct->uflg->fg_expire) >+ pw_life = acct->ufld->fd_expire; >+ else if (acct->sflg->fg_expire) >+ pw_life = acct->sfld->fd_expire; >+ else { >+ endprpwent(); >+ return (0); >+ } >+ >+ /* Offset from last change; if none, it must be expired */ >+ if (acct->uflg->fg_schange) >+ pw_date = acct->ufld->fd_schange + pw_life; >+ else { >+ endprpwent(); >+ return (1); >+ } >+ >+ endprpwent(); >+ >+ /* If expiration date is prior to now, change password */ >+ >+ return (pw_date <= time((time_t *) NULL)); >+} >+ >+int > sys_auth_passwd(Authctxt *authctxt, const char *pass) > { > int ret; >@@ -76,6 +126,9 @@ > > sia_ses_release(&ent); > >+ authctxt->force_pwchange = sia_password_change_required( >+ authctxt->user); >+ > return (1); > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1194">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok?
Actions:
View
|
Diff
Attachments on
bug 1241
: 1194