-/* Copyright (C) 1996-2018 Free Software Foundation, Inc.
+/* Copyright (C) 1996-2019 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
-/* Declaration of types and functions for shadow password suite. */
+/* Declaration of types and functions for "shadow" storage of hashed
+ passphrases. The shadow database is like the user database, but is
+ only accessible with special privileges, so that malicious users
+ cannot retrieve everyone else's hashed passphrase to brute-force at
+ their convenience. */
#ifndef _SHADOW_H
#define _SHADOW_H 1
__BEGIN_DECLS
-/* Structure of the password file. */
+/* A record in the shadow database. */
struct spwd
{
char *sp_namp; /* Login name. */
- char *sp_pwdp; /* Encrypted password. */
+ char *sp_pwdp; /* Hashed passphrase. */
long int sp_lstchg; /* Date of last change. */
long int sp_min; /* Minimum number of days between changes. */
long int sp_max; /* Maximum number of days between changes. */
therefore not marked with __THROW. */
extern struct spwd *fgetspent (FILE *__stream);
-/* Write line containing shadow password entry to stream.
+/* Write line containing shadow entry to stream.
This function is not part of POSIX and therefore no official
cancellation point. But due to similarity with an POSIX interface
/* The simple locking functionality provided here is not suitable for
multi-threaded applications. */
-/* Protect password file against multi writers. */
+/* Request exclusive access to /etc/passwd and /etc/shadow. */
extern int lckpwdf (void) __THROW;
-/* Unlock password file. */
+/* Release exclusive access to /etc/passwd and /etc/shadow. */
extern int ulckpwdf (void) __THROW;
__END_DECLS