1 files changed, 12 insertions, 12 deletions

diff --git a/lib/libpam/modules/pam_unix/pam_unix.c b/lib/libpam/modules/pam_unix/pam_unix.c
index 7afa45a..af6f989 100644
--- a/lib/libpam/modules/pam_unix/pam_unix.c
+++ b/lib/libpam/modules/pam_unix/pam_unix.c
@@ -152,8 +152,6 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
 
 		retval = strcmp(encrypted, pwd->pw_passwd) == 0 ?
 		    PAM_SUCCESS : PAM_AUTH_ERR;
-		if (pwd->pw_expire && time(NULL) >= pwd->pw_expire)
-			retval = PAM_AUTH_ERR;
 	}
 	else {
 
@@ -504,14 +502,15 @@ local_passwd(const char *user, const char *pass)
 		syslog(LOG_ERR, "cannot set password cipher");
 	login_close(lc);
 	/* Salt suitable for anything */
+	srandomdev();
 	gettimeofday(&tv, 0);
-	to64(&salt[0], arc4random(), 3);
+	to64(&salt[0], random(), 3);
 	to64(&salt[3], tv.tv_usec, 3);
 	to64(&salt[6], tv.tv_sec, 2);
-	to64(&salt[8], arc4random(), 5);
-	to64(&salt[13], arc4random(), 5);
-	to64(&salt[17], arc4random(), 5);
-	to64(&salt[22], arc4random(), 5);
+	to64(&salt[8], random(), 5);
+	to64(&salt[13], random(), 5);
+	to64(&salt[17], random(), 5);
+	to64(&salt[22], random(), 5);
 	salt[27] = '\0';
 
 	pwd->pw_passwd = crypt(pass, salt);
@@ -597,14 +596,15 @@ yp_passwd(const char *user, const char *pass)
 		syslog(LOG_ERR, "cannot set password cipher");
 	login_close(lc);
 	/* Salt suitable for anything */
+	srandomdev();
 	gettimeofday(&tv, 0);
-	to64(&salt[0], arc4random(), 3);
+	to64(&salt[0], random(), 3);
 	to64(&salt[3], tv.tv_usec, 3);
 	to64(&salt[6], tv.tv_sec, 2);
-	to64(&salt[8], arc4random(), 5);
-	to64(&salt[13], arc4random(), 5);
-	to64(&salt[17], arc4random(), 5);
-	to64(&salt[22], arc4random(), 5);
+	to64(&salt[8], random(), 5);
+	to64(&salt[13], random(), 5);
+	to64(&salt[17], random(), 5);
+	to64(&salt[22], random(), 5);
 	salt[27] = '\0';
 
 	if (suser_override)