1 |
From 1b1ec5ce75e224bd1755650c18ccdaa6dc53e605 Mon Sep 17 00:00:00 2001 |
2 |
From: "Alan T. DeKok" <aland@freeradius.org> |
3 |
Date: Tue, 7 Feb 2012 20:58:52 +0100 |
4 |
Subject: [PATCH] heck for account and password expiration |
5 |
|
6 |
--- |
7 |
src/modules/rlm_unix/rlm_unix.c | 10 +++++++++- |
8 |
1 file changed, 9 insertions(+), 1 deletion(-) |
9 |
|
10 |
diff --git a/src/modules/rlm_unix/rlm_unix.c b/src/modules/rlm_unix/rlm_unix.c |
11 |
index 5c0fe0f..abec68c 100644 |
12 |
--- a/src/modules/rlm_unix/rlm_unix.c |
13 |
+++ b/src/modules/rlm_unix/rlm_unix.c |
14 |
@@ -272,9 +272,17 @@ static int unix_getpw(UNUSED void *instance, REQUEST *request, |
15 |
/* |
16 |
* Check if password has expired. |
17 |
*/ |
18 |
+ if (spwd && spwd->sp_lstchg > 0 && spwd->sp_max >= 0 && |
19 |
+ (request->timestamp / 86400) > (spwd->sp_lstchg + spwd->sp_max)) { |
20 |
+ radlog_request(L_AUTH, 0, request, "[%s]: password has expired", name); |
21 |
+ return RLM_MODULE_REJECT; |
22 |
+ } |
23 |
+ /* |
24 |
+ * Check if account has expired. |
25 |
+ */ |
26 |
if (spwd && spwd->sp_expire > 0 && |
27 |
(request->timestamp / 86400) > spwd->sp_expire) { |
28 |
- radlog_request(L_AUTH, 0, request, "[%s]: password has expired", name); |
29 |
+ radlog_request(L_AUTH, 0, request, "[%s]: account has expired", name); |
30 |
return RLM_MODULE_REJECT; |
31 |
} |
32 |
#endif |
33 |
-- |
34 |
1.7.10 |
35 |
|