Remove SSHv1 code path.

Server-side support for Protocol 1 has been removed so remove !compat20
PAM code path.

diff --git a/auth-pam.c b/auth-pam.c
index bc8e5e02d8349765e0b5be928bb6020e63097bbd..9574d9ac764060ed18b8d167f5c919400ddac7cf 100644 (file)
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -106,7 +106,6 @@ extern char *__progname;
 
 extern ServerOptions options;
 extern Buffer loginmsg;
-extern int compat20;
 extern u_int utmp_len;
 
 /* so we don't silently change behaviour */
@@ -468,18 +467,16 @@ sshpam_thread(void *ctxtp)
        if (sshpam_err != PAM_SUCCESS)
                goto auth_fail;
 
-       if (compat20) {
-               if (!do_pam_account()) {
-                       sshpam_err = PAM_ACCT_EXPIRED;
+       if (!do_pam_account()) {
+               sshpam_err = PAM_ACCT_EXPIRED;
+               goto auth_fail;
+       }
+       if (sshpam_authctxt->force_pwchange) {
+               sshpam_err = pam_chauthtok(sshpam_handle,
+                   PAM_CHANGE_EXPIRED_AUTHTOK);
+               if (sshpam_err != PAM_SUCCESS)
                        goto auth_fail;
-               }
-               if (sshpam_authctxt->force_pwchange) {
-                       sshpam_err = pam_chauthtok(sshpam_handle,
-                           PAM_CHANGE_EXPIRED_AUTHTOK);
-                       if (sshpam_err != PAM_SUCCESS)
-                               goto auth_fail;
-                       sshpam_password_change_required(0);
-               }
+               sshpam_password_change_required(0);
        }
 
        buffer_put_cstring(&buffer, "OK");