From c708843e6a209b1c1f1a6d3e60b29be56d1d8894 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Sun, 2 Jul 2000 18:44:54 +1000
Subject:  - (djm) Stop shadow expiry checking from preventing logins with NIS.
 Based    on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>

---
 auth.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

(limited to 'auth.c')

diff --git a/auth.c b/auth.c
index bf5306be..5aeeec6d 100644
--- a/auth.c
+++ b/auth.c
@@ -65,17 +65,18 @@ allowed_user(struct passwd * pw)
 		return 0;
 
 	spw = getspnam(pw->pw_name);
-	if (spw == NULL)
-		return 0;
-	
-	/* Check account expiry */
-	if ((spw->sp_expire > 0) && ((time(NULL) / 86400) > spw->sp_expire))
-		return 0;
+	if (spw != NULL) {
+		int days = time(NULL) / 86400;
 
-	/* Check password expiry */
-	if ((spw->sp_lstchg > 0) && (spw->sp_inact > 0) && 
-		((time(NULL) / 86400) > (spw->sp_lstchg + spw->sp_inact)))
-		return 0;
+		/* Check account expiry */
+		if ((spw->sp_expire > 0) && (days > spw->sp_expire))
+			return 0;
+
+		/* Check password expiry */
+		if ((spw->sp_lstchg > 0) && (spw->sp_inact > 0) && 
+			(days > (spw->sp_lstchg + spw->sp_inact)))
+			return 0;
+	}
 #else
 	/* Shouldn't be called if pw is NULL, but better safe than sorry... */
 	if (!pw)
-- 
cgit v1.2.3