Whoops, forgot changelog

[openssh.git] / auth.c

diff --git a/auth.c b/auth.c
index 5aeeec6dee62d93134cb96ffd327aa42937787cc..d0edab54bc69af3c82598c4e2c2e97866ab23fd2 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -1,11 +1,39 @@
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose.  Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ *
+ *
  * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $");
+RCSID("$OpenBSD: auth.c,v 1.11 2000/10/11 20:27:23 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -13,7 +41,6 @@ RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $");
 #include "pty.h"
 #include "packet.h"
 #include "buffer.h"
-#include "cipher.h"
 #include "mpaux.h"
 #include "servconf.h"
 #include "compat.h"
@@ -30,12 +57,9 @@ RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $");
 #include "ssh2.h"
 #include "auth.h"
 #include "session.h"
-#include "dispatch.h"
-
 
 /* import */
 extern ServerOptions options;
-extern char *forced_command;
 
 /*
  * Check if the user is allowed to log in via ssh. If user is listed in
@@ -56,8 +80,8 @@ allowed_user(struct passwd * pw)
 #ifdef WITH_AIXAUTHENTICATE
        char *loginmsg;
 #endif /* WITH_AIXAUTHENTICATE */
-#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \
-       defined(HAS_SHADOW_EXPIRE)
+#if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \
+       !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
   struct spwd *spw;
 
        /* Shouldn't be called if pw is NULL, but better safe than sorry... */
@@ -69,12 +93,12 @@ allowed_user(struct passwd * pw)
                int days = time(NULL) / 86400;
 
                /* Check account expiry */
-               if ((spw->sp_expire > 0) && (days > spw->sp_expire))
+               if ((spw->sp_expire >= 0) && (days > spw->sp_expire))
                        return 0;
 
                /* Check password expiry */
-               if ((spw->sp_lstchg > 0) && (spw->sp_inact > 0) && 
-                       (days > (spw->sp_lstchg + spw->sp_inact)))
+               if ((spw->sp_lstchg >= 0) && (spw->sp_max >= 0) && 
+                   (days > (spw->sp_lstchg + spw->sp_max)))
                        return 0;
        }
 #else