+++ /dev/null
---- Linux-PAM-1.4.0/modules/pam_unix/passverify.c~ 2020-06-08 12:17:27.000000000 +0200
-+++ Linux-PAM-1.4.0/modules/pam_unix/passverify.c 2023-03-09 13:12:17.643235815 +0100
-@@ -289,7 +289,7 @@ PAMH_ARG_DECL(int check_shadow_expiry,
- D(("account expired"));
- return PAM_ACCT_EXPIRED;
- }
--#if defined(CRYPT_CHECKSALT_AVAILABLE) && CRYPT_CHECKSALT_AVAILABLE
-+#if 0 && defined(CRYPT_CHECKSALT_AVAILABLE) && CRYPT_CHECKSALT_AVAILABLE
- if (spent->sp_lstchg == 0 ||
- crypt_checksalt(spent->sp_pwdp) == CRYPT_SALT_METHOD_LEGACY ||
- crypt_checksalt(spent->sp_pwdp) == CRYPT_SALT_TOO_CHEAP) {
+++ /dev/null
-diff -urNp -x '*.orig' Linux-PAM-1.4.0.org/modules/pam_tally/pam_tally.c Linux-PAM-1.4.0/modules/pam_tally/pam_tally.c
---- Linux-PAM-1.4.0.org/modules/pam_tally/pam_tally.c 2020-06-08 12:17:27.000000000 +0200
-+++ Linux-PAM-1.4.0/modules/pam_tally/pam_tally.c 2021-03-21 13:19:54.832594925 +0100
-@@ -320,6 +320,7 @@ get_tally(pam_handle_t *pamh, tally_t *t
- }
- lstat_ret = fstat(fileno(*TALLY),&fileinfo);
- fclose(*TALLY);
-+ *TALLY = NULL;
- }
-
- if ( lstat_ret ) {
-@@ -350,6 +351,7 @@ get_tally(pam_handle_t *pamh, tally_t *t
- if ( fseeko( *TALLY, (off_t) uid * sizeof(struct faillog), SEEK_SET ) ) {
- pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
- fclose(*TALLY);
-+ *TALLY = NULL;
- return PAM_AUTH_ERR;
- }
-
-@@ -398,6 +400,7 @@ set_tally(pam_handle_t *pamh, tally_t ta
- }
-
- if ( fclose(*TALLY) ) {
-+ *TALLY = NULL;
- pam_syslog(pamh, LOG_ALERT, "update (fclose) failed for %s", filename);
- return PAM_AUTH_ERR;
- }