From fa5018db9a332f9cb1d941b57816be02ef05baa9 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Mon, 9 Aug 2010 14:16:25 +0000 Subject: Relevant BUGIDs: 2923437 Purpose of commit: bugfix Commit summary: --------------- 2010-08-09 Thorsten Kukuk * modules/pam_unix/passverify.c (check_shadow_expiry): Correct check for expired date. * modules/pam_unix/pam_unix_passwd.c (_pam_unix_approve_pass): Remove check for password length. Bug #2923437. --- modules/pam_unix/pam_unix_passwd.c | 3 --- modules/pam_unix/passverify.c | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) (limited to 'modules/pam_unix') diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index 1d70a7c2..f137570a 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -488,9 +488,6 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh } } if (off(UNIX__IAMROOT, ctrl)) { - if (strlen(pass_new) < 6) - remark = _("You must choose a longer password"); - D(("length check [%s]", remark)); if (on(UNIX_REMEMBER_PASSWD, ctrl)) { if ((retval = check_old_password(user, pass_new)) == PAM_AUTHTOK_ERR) remark = _("Password has been already used. Choose another."); diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c index ec63a431..5199a690 100644 --- a/modules/pam_unix/passverify.c +++ b/modules/pam_unix/passverify.c @@ -240,7 +240,7 @@ PAMH_ARG_DECL(int check_shadow_expiry, *daysleft = -1; curdays = (long int)(time(NULL) / (60 * 60 * 24)); D(("today is %d, last change %d", curdays, spent->sp_lstchg)); - if ((curdays > spent->sp_expire) && (spent->sp_expire != -1)) { + if ((curdays >= spent->sp_expire) && (spent->sp_expire != -1)) { D(("account expired")); return PAM_ACCT_EXPIRED; } -- cgit v1.2.3