Provided by: krb5-wallet-server_1.7_all bug

NAME
       Wallet::Object::Password - Password object implementation for wallet


SYNOPSIS
           my @name = qw(file mysql-lsdb)
           my @trace = ($user, $host, time);
           my $object = Wallet::Object::Password->create (@name, $schema, @trace);
           unless ($object->store ("the-password\n")) {
               die $object->error, "\n";
           }
           my $password = $object->get (@trace);
           $object->destroy (@trace);


DESCRIPTION
       Wallet::Object::Password is an extension of Wallet::Object::File, acting as a representation of simple
       file objects in the wallet.  The difference between the two is that if there is no data stored in a
       password object when a user tries to get it for the first time, then a random string suited for a
       password will be generated and put into the object data.

       It implements the wallet object API and provides the necessary glue to store a file on the wallet server,
       retrieve it later, and delete it when the password object is deleted.

       To use this object, the configuration option specifying where on the wallet server to store password
       objects must be set.  See Wallet::Config for details on this configuration parameter and information
       about how to set wallet configuration.


METHODS
       This object mostly inherits from Wallet::Object::File.  See the documentation for that class for all
       generic methods.  Below are only those methods that are overridden or behave specially for this
       implementation.

       get(PRINCIPAL, HOSTNAME [, DATETIME])
           Retrieves  the  current contents of the file object or undef on error.  store() must be called before
           get() will be successful.  The caller should call error() to get the error message if  get()  returns
           undef.  PRINCIPAL, HOSTNAME, and DATETIME are stored as history information.  PRINCIPAL should be the
           user who is downloading the keytab.  If DATETIME isn't given, the current time is used.


FILES
       PWD_FILE_BUCKET/<hash>/<file>
           Password  files  are  stored  on  the wallet server under the directory PWD_FILE_BUCKET as set in the
           wallet configuration.  <hash> is the first two characters of the hex-encoded MD5 hash of  the  wallet
           password  object  name,  used to not put too many files in the same directory.  <file> is the name of
           the password object with all characters other than alphanumerics, underscores, and dashes replaced by
           "%" and the hex code of the character.


LIMITATIONS
       The wallet implementation itself can handle arbitrary password object names. However, due to  limitations
       in the remctld server usually used to run wallet-backend, password object names containing nul characters
       (ASCII  0)  may  not  be  permitted.   The  file system used for storing file objects may impose a length
       limitation on the password object name.


SEE ALSO
       remctld(8), Wallet::Config(3), Wallet::Object::File(3), wallet-backend(8)

       This  module   is   part   of   the   wallet   system.    The   current   version   is   available   from
       <https://www.eyrie.org/~eagle/software/wallet/>.


AUTHORS
       Jon Robertson <jonrober@stanford.edu> Bill MacAllister <bill@ca-zephyr.org>

perl v5.40.0                                       2024-11-12                      Wallet::Object::Password(3pm)