1 files changed, 13 insertions, 12 deletions

diff --git a/nslcd/db_pam.c b/nslcd/db_pam.c
index 99edf40..e93a04d 100644
--- a/nslcd/db_pam.c
+++ b/nslcd/db_pam.c
@@ -32,6 +32,7 @@
 #include <stdint.h>
 #endif /* HAVE_STDINT_H */
 #include <time.h>
+#include <stdbool.h>
 
 #include "common.h"
 #include "log.h"
@@ -62,7 +63,7 @@ static int check_password(const char *password, const char *hash)
 
 static int check_password_age(struct session *session, const char *username,
                               char *authzmsg, size_t authzmsgsz,
-                              int check_maxdays, int check_mindays)
+                              bool check_maxdays, bool check_mindays)
 {
   /* hackers.git doesn't use aging features */
   return NSLCD_PAM_SUCCESS;
@@ -118,11 +119,13 @@ NSLCD_HANDLE_UID(PAM, AUTHC
                   ? NSLCD_PAM_SUCCESS
                   : NSLCD_PAM_AUTH_ERR;
   entry->authz_rc = entry->authc_rc;
-  /*myldap_get_policy_response(session, &(entry->authz_rc), &(entry->authz_msg))*/
 
-  /* perform shadow attribute checks */
-  if (entry->authz_rc == NSLCD_PAM_SUCCESS)
-    entry->authz_rc = check_password_age(session, username, entry->authz_msg, sizeof(entry->authz_msg), 1, 0);
+  if (entry->authz_rc == NSLCD_PAM_SUCCESS) {
+    /* perform shadow attribute checks */
+    entry->authz_rc = check_password_age(session, username,
+      entry->authz_msg, sizeof(entry->authz_msg),
+      true, false);
+  }
 
   return entry;
   ,/* write */
@@ -172,19 +175,17 @@ NSLCD_HANDLE(PAM, AUTHZ
   if (user == NULL)
     return NULL;
 
-  /* check authorisation search */
-  /* TODO */
-  /*int rc = LDAP_SUCCESS;
-  if (rc != LDAP_SUCCESS)*/
+  /* Parabola doesn't have any weird reasons for authorization to
+     suddenly fail */
   if (0)
   {
     entry->authz_rc = NSLCD_PAM_PERM_DENIED;
-    strcpy(entry->authz_msg, "LDAP authorisation check failed");
+    strcpy(entry->authz_msg, "hackers.git authorization check failed");
   } else {
     /* perform shadow attribute checks */
     entry->authz_rc = check_password_age(session, username,
-	    entry->authz_msg, sizeof(entry->authz_msg),
-	    0, 0);
+      entry->authz_msg, sizeof(entry->authz_msg),
+      false, false);
   }
 
   return entry;