From fa5018db9a332f9cb1d941b57816be02ef05baa9 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@thkukuk.de>
Date: Mon, 9 Aug 2010 14:16:25 +0000
Subject: Relevant BUGIDs: 2923437

Purpose of commit: bugfix

Commit summary:
---------------

2010-08-09  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_unix/passverify.c (check_shadow_expiry): Correct
        check for expired date.

        * modules/pam_unix/pam_unix_passwd.c (_pam_unix_approve_pass): Remove
        check for password length. Bug #2923437.
---
 modules/pam_unix/passverify.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/pam_unix/passverify.c')

diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index ec63a431..5199a690 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -240,7 +240,7 @@ PAMH_ARG_DECL(int check_shadow_expiry,
 	*daysleft = -1;
 	curdays = (long int)(time(NULL) / (60 * 60 * 24));
 	D(("today is %d, last change %d", curdays, spent->sp_lstchg));
-	if ((curdays > spent->sp_expire) && (spent->sp_expire != -1)) {
+	if ((curdays >= spent->sp_expire) && (spent->sp_expire != -1)) {
 		D(("account expired"));
 		return PAM_ACCT_EXPIRED;
 	}
-- 
cgit v1.2.3