diff options
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | modules/pam_unix/passverify.c | 6 |
2 files changed, 9 insertions, 0 deletions
@@ -1,5 +1,8 @@ 2010-08-04 Thorsten Kukuk <kukuk@thkukuk.de> + * modules/pam_unix/passverify.c (PAMH_ARG_DECL): Don't request + password change if time is not yet set (1.1.1970). Bug #2730965. + * modules/pam_access/pam_access.c (user_match): Make sure that user@host will not match @@netgroup. Bug #3035919. diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c index d175dfa5..ec63a431 100644 --- a/modules/pam_unix/passverify.c +++ b/modules/pam_unix/passverify.c @@ -909,6 +909,9 @@ PAMH_ARG_DECL(int unix_update_shadow, if (!strcmp(stmpent->sp_namp, forwho)) { stmpent->sp_pwdp = towhat; stmpent->sp_lstchg = time(NULL) / (60 * 60 * 24); + if (stmpent->sp_lstchg == 0) + stmpent->sp_lstchg = -1; /* Don't request passwort change + only because time isn't set yet. */ wroteentry = 1; D(("Set password %s for %s", stmpent->sp_pwdp, forwho)); } @@ -928,6 +931,9 @@ PAMH_ARG_DECL(int unix_update_shadow, spwdent.sp_namp = forwho; spwdent.sp_pwdp = towhat; spwdent.sp_lstchg = time(NULL) / (60 * 60 * 24); + if (spwdent.sp_lstchg == 0) + spwdent.sp_lstchg = -1; /* Don't request passwort change + only because time isn't set yet. */ spwdent.sp_min = spwdent.sp_max = spwdent.sp_warn = spwdent.sp_inact = spwdent.sp_expire = -1; spwdent.sp_flag = (unsigned long)-1l; |