openssh bugs - Aug 2003 - [Bug 442] sshd allows login via public-key when account locked

http://bugzilla.mindrot.org/show_bug.cgi?id=442

djm at mindrot.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
OtherBugsDependingO|                            |627
              nThis|                            |





------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=442

dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #249 is|0                           |1
           obsolete|                            |



------- Additional Comments From dtucker at zip.com.au  2003-08-24 11:39 -------
Created an attachment (id=368)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=368&action=view)
Check for locked accounts: update patch to -current.

Should the test be in a separate function, eg "int check_locked(char
*passwd)"?


If none of the account checks are defined, the if block is dead code.  Is it
worth adding "#if defined(LOCKED_PASSWD_STRING) || defined(...."?




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=442





------- Additional Comments From djm at mindrot.org  2003-08-25 10:13 -------
(From update of attachment 368)
>-#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \
>-    defined(HAS_SHADOW_EXPIRE)
>+#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
>+	if (!options.use_pam)
>+		spw = getspnam(pw->pw_name);
>+#if !defined(USE_PAM) && defined(HAS_SHADOW_EXPIRE)
The !USE_PAM should be removed and replaced with a !options.use_pam. The
behaviour for UsePAM=no should be the same as being configured --without-pam.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=442

dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #368 is|0                           |1
           obsolete|                            |



------- Additional Comments From dtucker at zip.com.au  2003-08-25 10:37 -------
Created an attachment (id=370)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=370&action=view)
Fix options.use_pam and log -> logit.

Whoops, missed that (and a log -> logit).  Both fixed.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=442

djm at mindrot.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
    Attachment #370|                            |ok
             Status|                            |



------- Additional Comments From djm at mindrot.org  2003-08-25 11:29 -------
(From update of attachment 370)
ok djm@




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=442

dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|                            |FIXED



------- Additional Comments From dtucker at zip.com.au  2003-08-25 11:52 -------
Applied, thanks.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.