Node:getpass, Next:crypt, Previous:Legal Problems, Up:Cryptographic Functions
When reading in a password, it is desirable to avoid displaying it on the screen, to help keep it secret. The following function handles this in a convenient way.
char * getpass (const char *prompt) | Function |
getpass outputs prompt, then reads a string in from the
terminal without echoing it. It tries to connect to the real terminal,
/dev/tty , if possible, to encourage users not to put plaintext
passwords in files; otherwise, it uses stdin and stderr .
getpass also disables the INTR, QUIT, and SUSP characters on the
terminal using the ISIG terminal attribute (see Local Modes).
The terminal is flushed before and after getpass , so that
characters of a mistyped password are not accidentally visible.
In other C libraries, getpass may only return the first
PASS_MAX bytes of a password. The GNU C library has no limit, so
PASS_MAX is undefined.
The prototype for this function is in unistd.h . PASS_MAX
would be defined in limits.h .
|
getpass
substitute. For instance, a very simple substitute is as follows:
#include <termios.h> #include <stdio.h> ssize_t my_getpass (char **lineptr, size_t *n, FILE *stream) { struct termios old, new; int nread; /* Turn echoing off and fail if we can't. */ if (tcgetattr (fileno (stream), &old) != 0) return -1; new = old; new.c_lflag &= ~ECHO; if (tcsetattr (fileno (stream), TCSAFLUSH, &new) != 0) return -1; /* Read the password. */ nread = getline (lineptr, n, stream); /* Restore terminal. */ (void) tcsetattr (fileno (stream), TCSAFLUSH, &old); return nread; }The substitute takes the same parameters as
getline
(see Line Input); the user must print any prompt desired.