3 files changed, 9 insertions, 4 deletions

diff --git a/ChangeLog b/ChangeLog
index e30ba3e5..68388c87 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2010-08-09  Thorsten Kukuk  <kukuk@thkukuk.de>
+
+	* modules/pam_unix/passverify.c (check_shadow_expiry): Correct
+	check for expired date.
+
+	* modules/pam_unix/pam_unix_passwd.c (_pam_unix_approve_pass): Remove
+	check for password length. Bug #2923437.
+
 2010-08-04  Thorsten Kukuk  <kukuk@thkukuk.de>
 
 	* modules/pam_tally2/pam_tally2.c (get_tally): Create file
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 1d70a7c2..f137570a 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -488,9 +488,6 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh
 		}
 	}
 	if (off(UNIX__IAMROOT, ctrl)) {
-		if (strlen(pass_new) < 6)
-		  remark = _("You must choose a longer password");
-		D(("length check [%s]", remark));
 		if (on(UNIX_REMEMBER_PASSWD, ctrl)) {
 			if ((retval = check_old_password(user, pass_new)) == PAM_AUTHTOK_ERR)
 			  remark = _("Password has been already used. Choose another.");
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index ec63a431..5199a690 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -240,7 +240,7 @@ PAMH_ARG_DECL(int check_shadow_expiry,
 	*daysleft = -1;
 	curdays = (long int)(time(NULL) / (60 * 60 * 24));
 	D(("today is %d, last change %d", curdays, spent->sp_lstchg));
-	if ((curdays > spent->sp_expire) && (spent->sp_expire != -1)) {
+	if ((curdays >= spent->sp_expire) && (spent->sp_expire != -1)) {
 		D(("account expired"));
 		return PAM_ACCT_EXPIRED;
 	}