diff options
Diffstat (limited to 'debian/patches-applied/pam_1.0.4_mindays')
-rw-r--r-- | debian/patches-applied/pam_1.0.4_mindays | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/debian/patches-applied/pam_1.0.4_mindays b/debian/patches-applied/pam_1.0.4_mindays new file mode 100644 index 00000000..0f766e91 --- /dev/null +++ b/debian/patches-applied/pam_1.0.4_mindays @@ -0,0 +1,36 @@ +Index: debian-pkg-pam/modules/pam_unix/pam_unix_acct.c +=================================================================== +--- debian-pkg-pam.orig/modules/pam_unix/pam_unix_acct.c 2009-04-17 11:30:15.000000000 -0700 ++++ debian-pkg-pam/modules/pam_unix/pam_unix_acct.c 2009-04-17 11:31:25.000000000 -0700 +@@ -250,6 +250,9 @@ + _make_remark(pamh, ctrl, PAM_ERROR_MSG, + _("Your account has expired; please contact your system administrator")); + break; ++ case PAM_AUTHTOK_ERR: ++ retval = PAM_SUCCESS; ++ /* fallthrough */ + case PAM_SUCCESS: + if (daysleft >= 0) { + pam_syslog(pamh, LOG_DEBUG, +Index: debian-pkg-pam/modules/pam_unix/passverify.c +=================================================================== +--- debian-pkg-pam.orig/modules/pam_unix/passverify.c 2009-04-17 11:30:07.000000000 -0700 ++++ debian-pkg-pam/modules/pam_unix/passverify.c 2009-04-17 11:30:59.000000000 -0700 +@@ -301,8 +301,16 @@ + *daysleft = (int)((spent->sp_lstchg + spent->sp_max) - curdays); + D(("warn before expiry")); + } ++ if ((curdays - spent->sp_lstchg < spent->sp_min) ++ && (spent->sp_min != -1)) { ++ /* ++ * The last password change was too recent. This error will be ignored ++ * if no password change is attempted. ++ */ ++ D(("password change too recent")); ++ return PAM_AUTHTOK_ERR; ++ } + return PAM_SUCCESS; +- + } + + /* passwd/salt conversion macros */ |