$OpenBSD: patch-kpoppassd,v 1.2 2013/06/17 19:28:36 ajacoutot Exp $

Undefined NOPASSWD since a user can exist in Kerberos without a
corresponding UNIX account in /etc/passwd.

--- kpoppassd.c.orig	Tue Apr 29 04:12:05 2003
+++ kpoppassd.c	Sat Jun 15 18:44:17 2013
@@ -40,7 +40,7 @@
  */
  
 /** !!! IMPORTANT !!! Look these over and adjust for your system. **/
-#define VERSION "0.4"
+#define VERSION "0.5"
 #define BAD_PASS_DELAY 3	/* delay in seconds after bad 'Old password' */
 #define MAX_LEN_USERNAME "16"	/* maximum length of username */
 #define MAX_PARSELEN_PASS "126"	/* maximum length for sscanf */
@@ -48,7 +48,7 @@
 #define MIN_LEN_PASS 6
 #define BUFSIZE 128
 #define SALT_SIZE 2
-#define NOPASSWD                /* If this is defined then it will check
+/*#define NOPASSWD*/                /* If this is defined then it will check
 				   if the user exists in /etc/passwd! */
 
 #include <sys/types.h>
@@ -232,6 +232,7 @@ int main (int argc, char *argv[])
       exit(1);
     }
 
+#if defined(__OpenBSD__) /* login.conf(5) takes care of this on OpenBSD */
   /* Check for trusted system compliance. */
   for ( i = 0; i < length; i++ )
     {
@@ -245,6 +246,7 @@ int main (int argc, char *argv[])
       WriteToClient("500 New password must contain at least two alpha characters and one nonalpha character.");
       exit(1);
     }
+#endif
 
   if (ret = krb5_change_password(context, &creds, newpass,
 				 &result_code, &result_code_string,
