From aab76bad2fa0f6bb7dafff402b6dae0ceb9dc48c Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@thkukuk.de>
Date: Wed, 4 Aug 2010 13:54:02 +0000
Subject: Relevant BUGIDs: 2730965

Purpose of commit: workaround

Commit summary:
---------------

2010-08-04  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_unix/passverify.c (PAMH_ARG_DECL): Don't request
        password change if time is not yet set (1.1.1970). Bug #2730965.
---
 modules/pam_unix/passverify.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'modules/pam_unix')

diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index d175dfa5..ec63a431 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -909,6 +909,9 @@ PAMH_ARG_DECL(int unix_update_shadow,
 	if (!strcmp(stmpent->sp_namp, forwho)) {
 	    stmpent->sp_pwdp = towhat;
 	    stmpent->sp_lstchg = time(NULL) / (60 * 60 * 24);
+	    if (stmpent->sp_lstchg == 0)
+	        stmpent->sp_lstchg = -1; /* Don't request passwort change
+					    only because time isn't set yet. */
 	    wroteentry = 1;
 	    D(("Set password %s for %s", stmpent->sp_pwdp, forwho));
 	}
@@ -928,6 +931,9 @@ PAMH_ARG_DECL(int unix_update_shadow,
 	spwdent.sp_namp = forwho;
 	spwdent.sp_pwdp = towhat;
 	spwdent.sp_lstchg = time(NULL) / (60 * 60 * 24);
+	if (spwdent.sp_lstchg == 0)
+	    spwdent.sp_lstchg = -1; /* Don't request passwort change
+				       only because time isn't set yet. */
 	spwdent.sp_min = spwdent.sp_max = spwdent.sp_warn = spwdent.sp_inact =
 	    spwdent.sp_expire = -1;
 	spwdent.sp_flag = (unsigned long)-1l;
-- 
cgit v1.2.3