diff -up Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h.unix-hpux-aging Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h
--- Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h.unix-hpux-aging	2008-01-08 14:43:36.000000000 +0100
+++ Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h	2008-01-08 15:49:43.000000000 +0100
@@ -13,7 +13,7 @@
 #define OLD_PASSWORDS_FILE      "/etc/security/opasswd"
 
 int
-verify_pwd_hash(const char *p, const char *hash, unsigned int nullok);
+verify_pwd_hash(const char *p, char *hash, unsigned int nullok);
 
 int
 is_pwd_shadowed(const struct passwd *pwd);
diff -up Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c.unix-hpux-aging Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c
--- Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c.unix-hpux-aging	2008-01-08 14:43:36.000000000 +0100
+++ Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c	2008-01-08 15:49:02.000000000 +0100
@@ -44,14 +44,32 @@
 # include "./lckpwdf.-c"
 #endif
 
+static void
+strip_hpux_aging(char *p)
+{
+	const char *valid = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+			    "abcdefghijklmnopqrstuvwxyz"
+			    "0123456789./";
+	if ((*p != '$') && (strlen(p) > 13)) {
+		for (p += 13; *p != '\0'; p++) {
+			if (strchr(valid, *p) == NULL) {
+				*p = '\0';
+				break;
+			}
+		}
+	}
+}
+
 int
-verify_pwd_hash(const char *p, const char *hash, unsigned int nullok)
+verify_pwd_hash(const char *p, char *hash, unsigned int nullok)
 {
-	size_t hash_len = strlen(hash);
+	size_t hash_len;
 	char *pp = NULL;
 	int retval;
 	D(("called"));
 
+	strip_hpux_aging(hash);
+	hash_len = strlen(hash);
 	if (!hash_len) {
 		/* the stored password is NULL */
 		if (nullok) { /* this means we've succeeded */