Micah Cowan <[EMAIL PROTECTED]> writes:
> Simon Josefsson wrote:
>> I'm not sure it is a good idea to recommend use of getpass, possibly
>> gnulib could offer a better interface. It could have a parameter to ask
>> for confirmation of the password internally. However, I will use
>> getpass for now since I don't want to introduce a lot of changes in the
>> particular code I'm working on.
>
> Wget just added code to the dev repo that uses gnu_getpass to support
> password prompting. This was mainly because it was quick-and-easy, and
> because gnu_getpass doesn't suffer from many of the serious flaws
> plaguing alternative implementations.
That's the reason I used it as well.
> However, it's not quite ideal. One thing that I consider a problem is
> that one can't distinguish between an empty line and EOF. I'd have liked
> to treat EOF as an exit condition, but an empty line as an empty password.
>
> However, more of a problem is that if one enters EOF, it'd be nice if
> getpass issued an extra newline so that any further output begins on a
> new line. Otherwise, a program that exits in response to EOF (such as
> Wget) will wind up with the user's prompt following the program's
> password prompt. The program of course could issue the extra newline
> itself, but
> (a) doesn't know whether it needs to (since it could have been an
> empty line, rather than EOF), and
> (b) doesn't know where the newline should go (/dev/tty? stderr?).
>
> So, I think we'd be in favor of a better, general solution, for those
> who do not have need of a portable version of the obsolete interface.
>
> (Also, the Windows implementation might be improved by the removal of a
> hard buffer limit.)
Another problem that I discovered is that gnulib's getpass.c inhibits
signals, so the user cannot press ^C/^Z. This is even more of a problem
when the user needs to type the same password twice: the process may be
stuck in a loop that can't be canceled waiting for the user to type two
identical strings.
What would a better replacement function look like?
enum getpassword_flags {
DISABLE_SIGNALS
};
char *
getpassword (const char *prompt,
enum getpassword_flags flags);
char *
getpassword_confirmed (const char *prompt,
const char *confirmprompt,
const char *confirmfailmessage,
enum getpassword_flags flags);
Ideally, the function could have features to talk with external password
prompting programs like gpg-agent: then you can get an out-of-band gtk
prompt even to tty programs. GnuPG supports this, and I think the
passsword prompting mechanism is generic and can support other
applications too.
/Simon
