def get_entry(auth, user)
  File.open(auth){|f|
    f.each_line{|line|
      line.chop!
      a_user,a_pass,a_time,a_chpass = line.split(":")
      return [a_user,a_pass,a_time,a_chpass]
    }
  }
  return nil
end
  
PAM.dispatch(:authenticate){|pamh, flags, args|
  authfile = args[0]
  user = pamh.get_item(PAM::PAM_USER)
  msg1 = PAM::Message.new(PAM::PAM_PROMPT_ECHO_ON, "user name: ")
  msg2 = PAM::Message.new(PAM::PAM_PROMPT_ECHO_OFF, "password: ")
  msgs = [msg1, msg2]
  rs = pamh.conv(msgs)
  r_user = rs[0].resp
  r_pass = rs[1].resp
  if( user != r_user )
    raise PAM::PAM_AUTH_ERR, "user(#{user}) is different from ruser(#{r_user})"
  end
  entry = get_entry(authfile, r_user)
  if( !entry )
    raise PAM::PAM_USER_UNKNOWN, "can't find the entry for #{r_user}"
  end
  if( entry[1] != r_pass )
    raise PAM::PAM_AUTH_ERR, "the password is not correct"
  end
}

PAM.dispatch(:acct_mgmt){|pamh, flags, args|
  t = Time.now
  authfile = args[0]
  user = pamh.get_item(PAM::PAM_USER)
  entry = get_entry(authfile, user)
  if( !entry )
    raise PAM::PAM_USER_UNKNOWN
  end 
  t1,t2 = entry[2].split("-")
  t1_hour = t1.to_i
  t2_hour = t2.to_i
  if( !(t1_hour < t.hour && t.hour < t2_hour) )
    raise PAM::PERM_DENIED, "out of the time"
  end
}

PAM.dispatch(:open_session){|pamh, flags, args|
}

PAM.dispatch(:close_session){|pamh, flags, args|
}

PAM.dispatch(:chauthtok){
}

PAM.dispatch(:setcred){
}