summaryrefslogtreecommitdiff
path: root/debian/patches-applied/pam_1.0.4_mindays
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches-applied/pam_1.0.4_mindays')
-rw-r--r--debian/patches-applied/pam_1.0.4_mindays36
1 files changed, 36 insertions, 0 deletions
diff --git a/debian/patches-applied/pam_1.0.4_mindays b/debian/patches-applied/pam_1.0.4_mindays
new file mode 100644
index 00000000..0f766e91
--- /dev/null
+++ b/debian/patches-applied/pam_1.0.4_mindays
@@ -0,0 +1,36 @@
+Index: debian-pkg-pam/modules/pam_unix/pam_unix_acct.c
+===================================================================
+--- debian-pkg-pam.orig/modules/pam_unix/pam_unix_acct.c 2009-04-17 11:30:15.000000000 -0700
++++ debian-pkg-pam/modules/pam_unix/pam_unix_acct.c 2009-04-17 11:31:25.000000000 -0700
+@@ -250,6 +250,9 @@
+ _make_remark(pamh, ctrl, PAM_ERROR_MSG,
+ _("Your account has expired; please contact your system administrator"));
+ break;
++ case PAM_AUTHTOK_ERR:
++ retval = PAM_SUCCESS;
++ /* fallthrough */
+ case PAM_SUCCESS:
+ if (daysleft >= 0) {
+ pam_syslog(pamh, LOG_DEBUG,
+Index: debian-pkg-pam/modules/pam_unix/passverify.c
+===================================================================
+--- debian-pkg-pam.orig/modules/pam_unix/passverify.c 2009-04-17 11:30:07.000000000 -0700
++++ debian-pkg-pam/modules/pam_unix/passverify.c 2009-04-17 11:30:59.000000000 -0700
+@@ -301,8 +301,16 @@
+ *daysleft = (int)((spent->sp_lstchg + spent->sp_max) - curdays);
+ D(("warn before expiry"));
+ }
++ if ((curdays - spent->sp_lstchg < spent->sp_min)
++ && (spent->sp_min != -1)) {
++ /*
++ * The last password change was too recent. This error will be ignored
++ * if no password change is attempted.
++ */
++ D(("password change too recent"));
++ return PAM_AUTHTOK_ERR;
++ }
+ return PAM_SUCCESS;
+-
+ }
+
+ /* passwd/salt conversion macros */
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-24 08:13:47 +0000