diff --git a/crypto/dist/ssh/auth.c b/crypto/dist/ssh/auth.c index e12c57273ba1..34d87df2ac17 100644 --- a/crypto/dist/ssh/auth.c +++ b/crypto/dist/ssh/auth.c @@ -1,4 +1,4 @@ -/* $NetBSD: auth.c,v 1.16 2002/12/06 03:39:07 thorpej Exp $ */ +/* $NetBSD: auth.c,v 1.17 2003/03/24 18:25:21 lukem Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -160,12 +160,26 @@ allowed_user(struct passwd * pw) (void)gettimeofday(&tv, (struct timezone *)NULL); if (pw->pw_expire) { - if (tv.tv_sec >= pw->pw_expire) + if (tv.tv_sec >= pw->pw_expire) { + logit("User %.100s not allowed because account has expired", + pw->pw_name); return 0; /* expired */ + } } +#ifdef _PASSWORD_CHGNOW + if (pw->pw_change == _PASSWORD_CHGNOW) { + logit("User %.100s not allowed because password needs to be changed", + pw->pw_name); + + return 0; /* can't force password change (yet) */ + } +#endif if (pw->pw_change) { - if (tv.tv_sec >= pw->pw_change) + if (tv.tv_sec >= pw->pw_change) { + logit("User %.100s not allowed because password has expired", + pw->pw_name); return 0; /* expired */ + } } } diff --git a/crypto/dist/ssh/session.c b/crypto/dist/ssh/session.c index 220625cb7b74..eeba113be56a 100644 --- a/crypto/dist/ssh/session.c +++ b/crypto/dist/ssh/session.c @@ -1,4 +1,4 @@ -/* $NetBSD: session.c,v 1.28 2002/12/06 03:39:10 thorpej Exp $ */ +/* $NetBSD: session.c,v 1.29 2003/03/24 18:25:22 lukem Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -675,6 +675,11 @@ do_login(Session *s, const char *command) if (pw->pw_expire && pw->pw_expire - tv.tv_sec < pw_warntime) printf("Warning: your account expires on %s", ctime(&pw->pw_expire)); +#ifdef _PASSWORD_CHGNOW + if (pw->pw_change == _PASSWORD_CHGNOW) { + printf("Warning: your password has expired. Please change it as soon as possible.\n"); + } else +#endif if (pw->pw_change && pw->pw_change - tv.tv_sec < pw_warntime) printf("Warning: your password expires on %s", ctime(&pw->pw_change));