summaryrefslogtreecommitdiffstats
path: root/lib/libpam/modules/pam_unix/pam_unix.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libpam/modules/pam_unix/pam_unix.c')
-rw-r--r--lib/libpam/modules/pam_unix/pam_unix.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/libpam/modules/pam_unix/pam_unix.c b/lib/libpam/modules/pam_unix/pam_unix.c
index 26084ec..46b5f47 100644
--- a/lib/libpam/modules/pam_unix/pam_unix.c
+++ b/lib/libpam/modules/pam_unix/pam_unix.c
@@ -70,6 +70,9 @@ __FBSDID("$FreeBSD$");
#define DEFAULT_WARN (2L * 7L * 86400L) /* Two weeks */
#define SALTSIZE 32
+#define LOCKED_PREFIX "*LOCKED*"
+#define LOCKED_PREFIX_LEN (sizeof(LOCKED_PREFIX) - 1)
+
static void makesalt(char []);
static char password_hash[] = PASSWORD_HASH;
@@ -176,6 +179,9 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags __unused,
(flags & PAM_DISALLOW_NULL_AUTHTOK) != 0)
return (PAM_NEW_AUTHTOK_REQD);
+ if (strncmp(pwd->pw_passwd, LOCKED_PREFIX, LOCKED_PREFIX_LEN) == 0)
+ return (PAM_AUTH_ERR);
+
lc = login_getpwclass(pwd);
if (lc == NULL) {
PAM_LOG("Unable to get login class for user %s", user);
OpenPOWER on IntegriCloud