The pathces and a prototype tool to manipulate the ``flat password file

'' functionality of PostgreSQL6.1

1. File

Makefile

pg_passwd.c the source file of the tool.

2. How to specify pasword files and their format.

Specify the password file in the same style of Ident authentication in

$PGDATA/pg_hba.conf

host unv 133.65.96.250 255.255.255.255 password passwd

The above line allows access from 133.65.96.250 using the passwords listed

in $PGDATA/passwd.

The format of the password files follows those of /etc/passwd and

/etc/shadow: the first field is the user name, and the second field

is the encrypted password. The rest is completely ignored. Thus

the following three sample lines specify the same user and password pair:.

pg_guest:/nB7.w5Auq.BY:10031::::::

pg_guest:/nB7.w5Auq.BY:93001:930::/home/guest:/bin/tcsh

pg_guest:/nB7.w5Auq.BY:93001

Note that the original src/backend/libpq/password.c has a bug, which

disallows the first and the second format. If you want to use these

formats, please make sure you've applied the patch accompanied with

this tool.

3. Usage of pg_passwd

Supply the password file to the pg_passwd command. In the case described

above, after ``cd'ing to $PGDATA, the following command execution specify

the new password for pg_guest:

% pg_passwd passwd

Username: pg_guest

Password:

Re-enter password:

where the Password: and Re-enter password: prompts require the same

password input which are not displayed on the terminal.

The original password file is renamed to ``passwd.bk''.

4. How to specify pasasword authentication

You can use the password authentication fro psq, perl, or pg{tcl,tk}sh.

4.1 psql

Use the -u option. Note that the original distribution includes a bug.

Please make sure you've applied the patch distributed with this tool.

The following lines show the sample usage of the option:

% psql -h hyalos -u unv

Username: pg_guest

Password:

Welcome to the POSTGRESQL interactive sql monitor:

Please read the file COPYRIGHT for copyright terms of POSTGRESQL

type \? for help on slash commands

type \q to quit

type \g or terminate with semicolon to execute query

You are currently connected to the database: unv

unv=>

4.2 perl5

Use the new style of the Pg.pm like this

$conn = Pg::connectdb("host=hyalos authtype=password dbname=unv

user=pg_guest password=xxxxxxx");

For more details, the users refer to to ``src/pgsql_perl5/Pg.pm''.

4.3 pg{tcl,tk}sh

Use the pg_connect comamnd with -conninfo option thus

% set conn [pg_connect -conninfo \

"host=hyalos authtype=password dbname=unv \

user=pg_guest password=xxxxxxx "]

Use can list all of the keys for the option by executing the following

command:

% puts [ pg_conndefaults]

5. Acknowledgment

Mr. Ishii, SRA, pointed out the original bugs in the tool. He also

supplied the Makefile for this distribution.

-------------------------------------------------------------------------

July 2, 1997

Yoshihiko Ichikawa, Dept of Info Sci, Fac of Sci, Ochanomizu University

E-mail: ichikawa@is.ocha.ac.jp

PostgreSQL Data Base Management System (formerly known as Postgres, then

as Postgres95).

$(MAKE) -C pg_version $@

$(MAKE) -C psql $@

$(MAKE) -C pg_dump $@

$(MAKE) -C pg_passwd $@

$(MAKE) -C pg_passwd $@

SRCDIR= ../..

include ../../Makefile.global

OBJS= pg_passwd.o

all: pg_passwd

pg_passwd:$(OBJS)

$(CC) -o pg_passwd $(OBJS) $(LDFLAGS)

install: pg_passwd

$(INSTALL) $(INSTL_EXE_OPTS) pg_passwd $(DESTDIR)$(BINDIR)/pg_passwd

dependdep:

$(CC) -MM $(INCLUDE_OPT) *.c >depend

clean:

rm -f pg_passwd $(OBJS)

ifeq (depend,$(wildcard depend))

include depend

The pathces and a prototype tool to manipulate the ``flat password file

'' functionality of PostgreSQL6.1

1. File

Makefile

pg_passwd.c the source file of the tool.

2. How to specify pasword files and their format.

Specify the password file in the same style of Ident authentication in

$PGDATA/pg_hba.conf

host unv 133.65.96.250 255.255.255.255 password passwd

The above line allows access from 133.65.96.250 using the passwords listed

in $PGDATA/passwd.

The format of the password files follows those of /etc/passwd and

/etc/shadow: the first field is the user name, and the second field

is the encrypted password. The rest is completely ignored. Thus

the following three sample lines specify the same user and password pair:.

pg_guest:/nB7.w5Auq.BY:10031::::::

pg_guest:/nB7.w5Auq.BY:93001:930::/home/guest:/bin/tcsh

pg_guest:/nB7.w5Auq.BY:93001

Note that the original src/backend/libpq/password.c has a bug, which

disallows the first and the second format. If you want to use these

formats, please make sure you've applied the patch accompanied with

this tool.

3. Usage of pg_passwd

Supply the password file to the pg_passwd command. In the case described

above, after ``cd'ing to $PGDATA, the following command execution specify

the new password for pg_guest:

% pg_passwd passwd

Username: pg_guest

Password:

Re-enter password:

where the Password: and Re-enter password: prompts require the same

password input which are not displayed on the terminal.

The original password file is renamed to ``passwd.bk''.

4. How to specify pasasword authentication

You can use the password authentication fro psq, perl, or pg{tcl,tk}sh.

4.1 psql

Use the -u option. Note that the original distribution includes a bug.

Please make sure you've applied the patch distributed with this tool.

The following lines show the sample usage of the option:

% psql -h hyalos -u unv

Username: pg_guest

Password:

Welcome to the POSTGRESQL interactive sql monitor:

Please read the file COPYRIGHT for copyright terms of POSTGRESQL

type \? for help on slash commands

type \q to quit

type \g or terminate with semicolon to execute query

You are currently connected to the database: unv

unv=>

4.2 perl5

Use the new style of the Pg.pm like this

$conn = Pg::connectdb("host=hyalos authtype=password dbname=unv

user=pg_guest password=xxxxxxx");

For more details, the users refer to to ``src/pgsql_perl5/Pg.pm''.

4.3 pg{tcl,tk}sh

Use the pg_connect comamnd with -conninfo option thus

% set conn [pg_connect -conninfo \

"host=hyalos authtype=password dbname=unv \

user=pg_guest password=xxxxxxx "]

Use can list all of the keys for the option by executing the following

command:

% puts [ pg_conndefaults]

5. Acknowledgment

Mr. Ishii, SRA, pointed out the original bugs in the tool. He also

supplied the Makefile for this distribution.

-------------------------------------------------------------------------

July 2, 1997

Yoshihiko Ichikawa, Dept of Info Sci, Fac of Sci, Ochanomizu University

E-mail: ichikawa@is.ocha.ac.jp

PostgreSQL Data Base Management System (formerly known as Postgres, then

as Postgres95).

This directory contains the version 6.1 release of the PostgreSQL

database server. The server is not ANSI SQL compliant, but it gets

closer with every release. After you unzip and untar the distribution

file, look at file INSTALL for the installation notes and file HISTORY

for the changes.

The latest version of this software may be obtained at

ftp://ftp.postgresql.org/pub/. For more information look at our WWW

home page located at http://www.postgreSQL.org/.

PostgreSQL is not public domain software. It is copyrighted by the

University of California but may be used according to the licensing

terms of the the copyright below:

------------------------------------------------------------------------

POSTGRES95 Data Base Management System (formerly known as Postgres, then

as Postgres95).

Copyright (c) 1994-7 Regents of the University of California

Permission to use, copy, modify, and distribute this software and its

documentation for any purpose, without fee, and without a written agreement

is hereby granted, provided that the above copyright notice and this

paragraph and the following two paragraphs appear in all copies.

IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR

DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING

LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS

DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE

POSSIBILITY OF SUCH DAMAGE.

THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES,

INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS

ON AN "AS IS" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO

PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.

#defineissaltchar(c) (isalnum(c) || (c) == '.' || (c) == '/')

externchar*crypt(constchar*,constchar*);

char*comname;

voidusage(FILE*stream);

voidread_pwd_file(char*filename);

voidwrite_pwd_file(char*filename,char*bkname);

voidencrypt_pwd(charkey[9],charsalt[3],charpasswd[14]);

intcheck_pwd(charkey[9],charpasswd[14]);

voidprompt_for_username(char*username);

voidprompt_for_password(char*prompt,char*password);

voidusage(FILE*stream)

{

fprintf(stream,"Usage: %s <password file>\n",comname);

}

typedefstruct {

char*uname;

char*pwd;

char*rest;

}pg_pwd;

#defineMAXPWDS 1024

pg_pwdpwds[MAXPWDS];

intnpwds=0;

voidread_pwd_file(char*filename)

{

FILE*fp;

staticcharline[512];

staticcharans[128];

inti;

try_again:

fp=fopen(filename,"r");

if (fp==NULL) {

if (errno==ENOENT) {

printf("File \"%s\" does not exist. Create? (y/n): ",filename);

fflush(stdout);

fgets(ans,128,stdin);

switch (ans[0]) {

case'y':case'Y':

fp=fopen(filename,"w");

if (fp==NULL) {

perror(filename);

exit(1);

}

fclose(fp);

gototry_again;

default:

exit(1);

}

}else {

perror(filename);

exit(1);

}

}

for (npwds=0;npwds<MAXPWDS&&fgets(line,512,fp)!=NULL;++npwds)