PR/36624: Edgar Fu: sshd should not check pw_{expire,change} if UsePam is

enabled. This is what the "portable" version of openssh does.
2007-07-10 15:48:56 +00:00 · 2007-07-10 15:48:56 +00:00 · 4d0c78dab0
commit 4d0c78dab0
parent a39c84a8c3
1 changed files with 8 additions and 2 deletions
--- a/crypto/dist/ssh/auth.c
+++ b/crypto/dist/ssh/auth.c
@ -1,4 +1,4 @@
-/*	$NetBSD: auth.c,v 1.25 2007/07/10 14:56:25 christos Exp $	*/
+/*	$NetBSD: auth.c,v 1.26 2007/07/10 15:48:56 christos Exp $	*/
 /* $OpenBSD: auth.c,v 1.75 2006/08/03 03:34:41 deraadt Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@ -25,7 +25,7 @@
 */

 #include "includes.h"
-__RCSID("$NetBSD: auth.c,v 1.25 2007/07/10 14:56:25 christos Exp $");
+__RCSID("$NetBSD: auth.c,v 1.26 2007/07/10 15:48:56 christos Exp $");
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/param.h>
@ -167,6 +167,9 @@ allowed_user(struct passwd * pw)
 	login_close(lc);
 #endif

+#ifdef USE_PAM
+	if (!options.use_pam) {
+#endif
 	/*
 	 * password/account expiration.
 	 */
@ -197,6 +200,9 @@ allowed_user(struct passwd * pw)
 			}
 		}
 	}
+#ifdef USE_PAM
+	}
+#endif

 	/*
 	 * Get the shell from the password data.  An empty shell field is