NAME

password: get, put, setpwfile − read and write password entries in the password file

SYNOPSIS

include "keyring.m"; include "security.m"; pw := load Password Password->PATH;
 
PW: adt {
    id:     string;         # user id
    pw:     array of byte;  # hashed password
    expire: int;            # expiration time
    other:  string;         # about the account };
 
get:    fn(id: string): ref PW; put:    fn(pass: ref PW): int; setpwfile:   fn(file: string): string;

DESCRIPTION

This module provides a convenient interface to a server’s password file (default: /keydb/password).  Each entry in the file contains information corresponding to the members of the PW adt, with the following members:

id user identification string (should be less than Sys->NAMELEN bytes)

pw password hashed by the SHA algorithm (see keyring-sha(2)) into a byte array

expire
password entry expiry date expressed as seconds from the epoch (1 Jan 1970 00:00:00 GMT); see daytime(2)

other arbitrary administrative comment

The functions provide access to the file.  If user id has got a corresponding entry in the password file, get returns a PW adt with the data from that entry.  Otherwise, it returns a nil reference. 

Put creates or updates the password entry for pass.id, with the data in pass. The password file itself is created if necessary.

The standard system password file is used by default, but an application might maintain a set of passwords of its own.  It can use the Password module to access the file, by first calling setpwfile to name the file to be used by get and put. 

FILES

/keydb/password

SOURCE

/appl/lib/password.b

SEE ALSO

changelogin(8), logind(8)

BUGS

Access to the password file is not serialised; the password file entries should be protected by encryption.  Both problems will be solved by replacing these routines by a file server to manage the entries.