- (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string)

[openssh.git] / auth.c

diff --git a/auth.c b/auth.c
index 68c2824fb868b09f4a6672031e66865ecbc2f79d..2dc5c2be62939c0e9a283c78a073752c38603d6f 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.59 2005/06/06 11:20:36 djm Exp $");
+RCSID("$OpenBSD: auth.c,v 1.60 2005/06/17 02:44:32 djm Exp $");
 
 #ifdef HAVE_LOGIN_H
 #include <login.h>
@@ -76,7 +76,7 @@ allowed_user(struct passwd * pw)
        struct stat st;
        const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
        char *shell;
-       int i;
+       u_int i;
 #ifdef USE_SHADOW
        struct spwd *spw = NULL;
 #endif
@@ -97,7 +97,11 @@ allowed_user(struct passwd * pw)
        /* grab passwd field for locked account check */
 #ifdef USE_SHADOW
        if (spw != NULL)
+#if defined(HAVE_LIBIAF)  &&  !defined(BROKEN_LIBIAF)
+               passwd = get_iaf_password(pw);
+#else
                passwd = spw->sp_pwdp;
+#endif /* HAVE_LIBIAF  && !BROKEN_LIBIAF */
 #else
        passwd = pw->pw_passwd;
 #endif
@@ -119,6 +123,9 @@ allowed_user(struct passwd * pw)
                if (strstr(passwd, LOCKED_PASSWD_SUBSTR))
                        locked = 1;
 #endif
+#if defined(HAVE_LIBIAF)  &&  !defined(BROKEN_LIBIAF)
+               free(passwd);
+#endif /* HAVE_LIBIAF  && !BROKEN_LIBIAF */
                if (locked) {
                        logit("User %.100s not allowed because account is locked",
                            pw->pw_name);