Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | #include "includes.h" | - |
26 | | - |
27 | #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) | - |
28 | #include <shadow.h> | - |
29 | #include <stdarg.h> | - |
30 | #include <string.h> | - |
31 | #include <time.h> | - |
32 | | - |
33 | #include "hostfile.h" | - |
34 | #include "auth.h" | - |
35 | #include "sshbuf.h" | - |
36 | #include "ssherr.h" | - |
37 | #include "log.h" | - |
38 | | - |
39 | #ifdef DAY | - |
40 | # undef DAY | - |
41 | #endif | - |
42 | #define DAY (24L * 60 * 60) /* 1 day in seconds */ | - |
43 | | - |
44 | extern struct sshbuf *loginmsg; | - |
45 | | - |
46 | | - |
47 | | - |
48 | | - |
49 | | - |
50 | | - |
51 | | - |
52 | | - |
53 | | - |
54 | | - |
55 | int | - |
56 | auth_shadow_acctexpired(struct spwd *spw) | - |
57 | { | - |
58 | time_t today; | - |
59 | int daysleft; | - |
60 | int r; | - |
61 | | - |
62 | today = time(NULL) / DAY; | - |
63 | daysleft = spw->sp_expire - today; | - |
64 | debug3("%s: today %d sp_expire %d days left %d", __func__, (int)today, | - |
65 | (int)spw->sp_expire, daysleft); | - |
66 | | - |
67 | if (spw->sp_expire == -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
68 | debug3("account expiration disabled"); | - |
69 | } else if (daysleft < 0) { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
70 | logit("Account %.100s has expired", spw->sp_namp); | - |
71 | return 1; never executed: return 1; | 0 |
72 | } else if (daysleft <= spw->sp_warn) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
73 | debug3("account will expire in %d days", daysleft); | - |
74 | if ((r = sshbuf_putf(loginmsg, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
75 | "Your account will expire in %d day%s.\n", daysleft,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
76 | daysleft == 1 ? "" : "s")) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
77 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
78 | } never executed: end of block | 0 |
79 | | - |
80 | return 0; never executed: return 0; | 0 |
81 | } | - |
82 | | - |
83 | | - |
84 | | - |
85 | | - |
86 | | - |
87 | int | - |
88 | auth_shadow_pwexpired(Authctxt *ctxt) | - |
89 | { | - |
90 | struct spwd *spw = NULL; | - |
91 | const char *user = ctxt->pw->pw_name; | - |
92 | time_t today; | - |
93 | int r, daysleft, disabled = 0; | - |
94 | | - |
95 | if ((spw = getspnam((char *)user)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
96 | error("Could not get shadow information for %.100s", user); | - |
97 | return 0; never executed: return 0; | 0 |
98 | } | - |
99 | | - |
100 | today = time(NULL) / DAY; | - |
101 | debug3("%s: today %d sp_lstchg %d sp_max %d", __func__, (int)today, | - |
102 | (int)spw->sp_lstchg, (int)spw->sp_max); | - |
103 | | - |
104 | #if defined(__hpux) && !defined(HAVE_SECUREWARE) | - |
105 | if (iscomsec()) { | - |
106 | struct pr_passwd *pr; | - |
107 | | - |
108 | pr = getprpwnam((char *)user); | - |
109 | | - |
110 | | - |
111 | if (pr != NULL && pr->ufld.fd_min == 0 && | - |
112 | pr->ufld.fd_lifetime == 0 && pr->ufld.fd_expire == 0 && | - |
113 | pr->ufld.fd_pw_expire_warning == 0 && | - |
114 | pr->ufld.fd_schange != 0) | - |
115 | disabled = 1; | - |
116 | } | - |
117 | #endif | - |
118 | | - |
119 | | - |
120 | daysleft = spw->sp_lstchg + spw->sp_max - today; | - |
121 | if (disabled) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
122 | debug3("password expiration disabled"); | - |
123 | } else if (spw->sp_lstchg == 0) { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
124 | logit("User %.100s password has expired (root forced)", user); | - |
125 | return 1; never executed: return 1; | 0 |
126 | } else if (spw->sp_max == -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
127 | debug3("password expiration disabled"); | - |
128 | } else if (daysleft < 0) { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
129 | logit("User %.100s password has expired (password aged)", user); | - |
130 | return 1; never executed: return 1; | 0 |
131 | } else if (daysleft <= spw->sp_warn) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
132 | debug3("password will expire in %d days", daysleft); | - |
133 | if ((r = sshbuf_putf(loginmsg, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
134 | "Your password will expire in %d day%s.\n", daysleft,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
135 | daysleft == 1 ? "" : "s")) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
136 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 0 |
137 | } never executed: end of block | 0 |
138 | | - |
139 | return 0; never executed: return 0; | 0 |
140 | } | - |
141 | #endif /* USE_SHADOW && HAS_SHADOW_EXPIRE */ | - |
| | |