Copyright (C) 2000-2012 |
GNU Info (libc.info)getpassReading Passwords ================= When reading in a password, it is desirable to avoid displaying it on the screen, to help keep it secret. The following function handles this in a convenient way. - Function: char * getpass (const char *PROMPT) `getpass' outputs PROMPT, then reads a string in from the terminal without echoing it. It tries to connect to the real terminal, `/dev/tty', if possible, to encourage users not to put plaintext passwords in files; otherwise, it uses `stdin' and `stderr'. `getpass' also disables the INTR, QUIT, and SUSP characters on the terminal using the `ISIG' terminal attribute (Note: Local Modes). The terminal is flushed before and after `getpass', so that characters of a mistyped password are not accidentally visible. In other C libraries, `getpass' may only return the first `PASS_MAX' bytes of a password. The GNU C library has no limit, so `PASS_MAX' is undefined. The prototype for this function is in `unistd.h'. `PASS_MAX' would be defined in `limits.h'. This precise set of operations may not suit all possible situations. In this case, it is recommended that users write their own `getpass' substitute. For instance, a very simple substitute is as follows: #include <termios.h> #include <stdio.h> ssize_t my_getpass (char **lineptr, size_t *n, FILE *stream) { struct termios old, new; int nread; /* Turn echoing off and fail if we can't. */ if (tcgetattr (fileno (stream), &old) != 0) return -1; new = old; new.c_lflag &= ~ECHO; if (tcsetattr (fileno (stream), TCSAFLUSH, &new) != 0) return -1; /* Read the password. */ nread = getline (lineptr, n, stream); /* Restore terminal. */ (void) tcsetattr (fileno (stream), TCSAFLUSH, &old); return nread; } The substitute takes the same parameters as `getline' (Note: Line Input); the user must print any prompt desired. automatically generated by info2www version 1.2.2.9 |