- (djm) Add new UsePAM configuration directive to allow runtime control

[openssh.git] / auth.c

diff --git a/auth.c b/auth.c
index 10f7b2a1fc74b3a5cca671aed6710ce9ee62383a..8b58cc671b3e0fbd2fba98a91a67975c00bc5358 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.46 2002/11/04 10:07:53 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.47 2003/04/08 20:21:28 itojun Exp $");
 
 #ifdef HAVE_LOGIN_H
 #include <login.h>
@@ -78,8 +78,8 @@ allowed_user(struct passwd * pw)
 #ifdef WITH_AIXAUTHENTICATE
        char *loginmsg;
 #endif /* WITH_AIXAUTHENTICATE */
-#if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \
-    !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
+#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \
+    defined(HAS_SHADOW_EXPIRE)
        struct spwd *spw;
        time_t today;
 #endif
@@ -88,10 +88,10 @@ allowed_user(struct passwd * pw)
        if (!pw || !pw->pw_name)
                return 0;
 
-#if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \
-    !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
+#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \
+    defined(HAS_SHADOW_EXPIRE)
 #define        DAY             (24L * 60 * 60) /* 1 day in seconds */
-       if ((spw = getspnam(pw->pw_name)) != NULL) {
+       if (!options.use_pam && (spw = getspnam(pw->pw_name)) != NULL) {
                today = time(NULL) / DAY;
                debug3("allowed_user: today %d sp_expire %d sp_lstchg %d"
                    " sp_max %d", (int)today, (int)spw->sp_expire,