- (djm) Revert fix for Bug #442 for now.

ChangeLog

@@ -1,3 +1,6 @@
+20030118
+ - (djm) Revert fix for Bug #442 for now.
+
 20030117
  - (djm) Bug #470: Detect strnvis, not strvis in configure.
     From d_wllms@lanl.gov
@@ -1031,4 +1034,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2574 2003/01/16 23:31:38 djm Exp $
+$Id: ChangeLog,v 1.2575 2003/01/18 05:24:06 djm Exp $

auth.c

@@ -72,43 +72,26 @@ int
 allowed_user(struct passwd * pw)
 {
 	struct stat st;
-	const char *hostname = NULL, *ipaddr = NULL, *passwd;
+	const char *hostname = NULL, *ipaddr = NULL;
 	char *shell;
 	int i;
 #ifdef WITH_AIXAUTHENTICATE
 	char *loginmsg;
 #endif /* WITH_AIXAUTHENTICATE */
-#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
+#if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \
+    !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
 	struct spwd *spw;
-#if !defined(USE_PAM) && defined(HAS_SHADOW_EXPIRE)
 	time_t today;
-#endif
 #endif
 
 	/* Shouldn't be called if pw is NULL, but better safe than sorry... */
 	if (!pw || !pw->pw_name)
 		return 0;
 
-	/* Grab the password for locked account checking */
-#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
-	spw = getspnam(pw->pw_name);
-	if (!spw)
-		return 0;
-	passwd = spw->sp_pwdp;
-#else
-	passwd = pw->pw_passwd;
-#endif
-
-	/* check for locked account */
-	if (strcmp(passwd, "*LK*") == 0 || passwd[0] == '!') {
-		log("User %.100s not allowed because account is locked",
-		    pw->pw_name);
-		return 0;
-	}
-
 #if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \
     !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
 #define	DAY		(24L * 60 * 60) /* 1 day in seconds */
+	if ((spw = getspnam(pw->pw_name)) != NULL) {
 		today = time(NULL) / DAY;
 		debug3("allowed_user: today %d sp_expire %d sp_lstchg %d"
 		    " sp_max %d", (int)today, (int)spw->sp_expire,
@@ -135,6 +118,7 @@ allowed_user(struct passwd * pw)
 			    pw->pw_name);
 			return 0;
 		}
+	}
 #endif
 
 	/*