summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
authorKevin Steves <stevesk@pobox.com>2000-10-14 13:36:13 +0000
committerKevin Steves <stevesk@pobox.com>2000-10-14 13:36:13 +0000
commit092f2effc5a50e6aeb5059d2b02d5e7b9c03fb42 (patch)
treebbcd3917c9c8eaa4a807db4e8f8177f8bbe547af /session.c
parentf16b9d277383693fe7db29702a0b9763f9f14569 (diff)
- (stevesk) ~/.hushlogin shouldn't cause required password change to
be bypassed.
Diffstat (limited to 'session.c')
-rw-r--r--session.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/session.c b/session.c
index dacb6a09..fc56c273 100644
--- a/session.c
+++ b/session.c
@@ -720,6 +720,17 @@ do_login(Session *s)
record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
get_remote_name_or_ip(), (struct sockaddr *)&from);
+#ifdef USE_PAM
+ /*
+ * If password change is needed, do it now.
+ * This needs to occur before the ~/.hushlogin check.
+ */
+ if (pam_password_change_required()) {
+ print_pam_messages();
+ do_pam_chauthtok();
+ }
+#endif
+
/* Done if .hushlogin exists. */
snprintf(buf, sizeof(buf), "%.200s/.hushlogin", pw->pw_dir);
#ifdef HAVE_LOGIN_CAP
@@ -730,9 +741,8 @@ do_login(Session *s)
return;
#ifdef USE_PAM
- print_pam_messages();
- /* If password change is needed, do it now. */
- do_pam_chauthtok();
+ if (!pam_password_change_required())
+ print_pam_messages();
#endif /* USE_PAM */
#ifdef WITH_AIXAUTHENTICATE
if (aixloginmsg && *aixloginmsg)