aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--modules/pam_unix/pam_unix.c26
-rw-r--r--modules/pam_unix/pam_unix.c~32
2 files changed, 39 insertions, 19 deletions
diff --git a/modules/pam_unix/pam_unix.c b/modules/pam_unix/pam_unix.c
index 64a2eb2..a1ab562 100644
--- a/modules/pam_unix/pam_unix.c
+++ b/modules/pam_unix/pam_unix.c
@@ -163,6 +163,9 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
if (user == NULL || (pwd = getpwnam(user)) == NULL)
return (PAM_SERVICE_ERR);
+
+
+ PAM_LOG("Got user [%s]" , user );
#ifndef __linux__
/*
@@ -190,8 +193,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
lc = login_getpwclass(pwd);
if (lc == NULL) {
- return (PAM_SERVICE_ERR);
-
+ PAM_ERR("Unable to get login class for user [%s]");
+ return (PAM_SERVICE_ERR);
}
#endif
/* Check if pw_lstchg or sp_expire is set */
@@ -203,10 +206,11 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
#ifndef __linux__
login_close(lc);
#endif
+ PAM_ERR("Account has expired!");
return (PAM_ACCT_EXPIRED);
} else if ( ( pwd->sp_expire - curtime < DEFAULT_WARN) ) {
-// pam_error(pamh, "Warning: your account expires on %s",
-// ctime(&pwd->sp_expire));
+ PAM_ERR(pamh, "Warning: your account expires on %s",
+ ctime(&pwd->sp_expire));
}
}
@@ -218,18 +222,24 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
if ((curtime > (pwd->sp_lstchg + pwd->sp_max + pwd->sp_inact)) &&
(pwd->sp_max != -1) && (pwd->sp_inact != -1) &&
- (pwd->sp_lstchg != 0))
+ (pwd->sp_lstchg != 0)) {
+ PAM_ERR("Account has expired!");
return (PAM_ACCT_EXPIRED);
+ }
if (((pwd->sp_lstchg + pwd->sp_max) < curtime) &&
- (pwd->sp_max != -1))
+ (pwd->sp_max != -1)) {
+ PAM_ERR("Account has expired!");
return (PAM_ACCT_EXPIRED);
+ }
if ((curtime - pwd->sp_lstchg > pwd->sp_max)
&& (curtime - pwd->sp_lstchg > pwd->sp_inact)
&& (curtime - pwd->sp_lstchg > pwd->sp_max + pwd->sp_inact)
- && (pwd->sp_max != -1) && (pwd->sp_inact != -1))
- return (PAM_ACCT_EXPIRED);
+ && (pwd->sp_max != -1) && (pwd->sp_inact != -1)) {
+ PAM_ERR("Account has expired!");
+ return (PAM_ACCT_EXPIRED);
+ }
pam_err = (PAM_SUCCESS);
diff --git a/modules/pam_unix/pam_unix.c~ b/modules/pam_unix/pam_unix.c~
index 06f335c..a1ab562 100644
--- a/modules/pam_unix/pam_unix.c~
+++ b/modules/pam_unix/pam_unix.c~
@@ -163,6 +163,9 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
if (user == NULL || (pwd = getpwnam(user)) == NULL)
return (PAM_SERVICE_ERR);
+
+
+ PAM_LOG("Got user [%s]" , user );
#ifndef __linux__
/*
@@ -190,8 +193,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
lc = login_getpwclass(pwd);
if (lc == NULL) {
- return (PAM_SERVICE_ERR);
-
+ PAM_ERR("Unable to get login class for user [%s]");
+ return (PAM_SERVICE_ERR);
}
#endif
/* Check if pw_lstchg or sp_expire is set */
@@ -203,10 +206,11 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
#ifndef __linux__
login_close(lc);
#endif
+ PAM_ERR("Account has expired!");
return (PAM_ACCT_EXPIRED);
} else if ( ( pwd->sp_expire - curtime < DEFAULT_WARN) ) {
-// pam_error(pamh, "Warning: your account expires on %s",
-// ctime(&pwd->sp_expire));
+ PAM_ERR(pamh, "Warning: your account expires on %s",
+ ctime(&pwd->sp_expire));
}
}
@@ -218,18 +222,24 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
if ((curtime > (pwd->sp_lstchg + pwd->sp_max + pwd->sp_inact)) &&
(pwd->sp_max != -1) && (pwd->sp_inact != -1) &&
- (pwd->sp_lstchg != 0))
+ (pwd->sp_lstchg != 0)) {
+ PAM_ERR("Account has expired!");
return (PAM_ACCT_EXPIRED);
+ }
if (((pwd->sp_lstchg + pwd->sp_max) < curtime) &&
- (pwd->sp_max != -1))
+ (pwd->sp_max != -1)) {
+ PAM_ERR("Account has expired!");
return (PAM_ACCT_EXPIRED);
+ }
if ((curtime - pwd->sp_lstchg > pwd->sp_max)
&& (curtime - pwd->sp_lstchg > pwd->sp_inact)
&& (curtime - pwd->sp_lstchg > pwd->sp_max + pwd->sp_inact)
- && (pwd->sp_max != -1) && (pwd->sp_inact != -1))
- return (PAM_ACCT_EXPIRED);
+ && (pwd->sp_max != -1) && (pwd->sp_inact != -1)) {
+ PAM_ERR("Account has expired!");
+ return (PAM_ACCT_EXPIRED);
+ }
pam_err = (PAM_SUCCESS);
@@ -456,9 +466,9 @@ static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
static void to64(char *s, long v, int n) {
while (--n >= 0) {
- *s++ = itoa64[v&0x3f];
- v >>= 6;
- }
+ *s++ = itoa64[v&0x3f];
+ v >>= 6;
+ }
}
/* Salt suitable for traditional DES and MD5 */