Re: Is getpass(3) really obsolete?
From: Jeff King <hidden>
Date: 2021-10-29 20:27:04
Also in:
git
On Fri, Oct 29, 2021 at 01:28:56PM +0200, Alejandro Colomar (man-pages) wrote:
quoted
As a real example, git(1) uses getpass(3). <https://github.com/git/git/blob/master/compat/terminal.c>
Sort of. It is the compile-time fallback of last resort. Most builds
would use either termios with /dev/tty or a Windows-native equivalent.
You can see all the reasons we stopped using getpass() in the commit
below.
-- >8 --
commit 21aeafceda2382d26bfa73a98ba45a937d65d77a
Author: Jeff King [off-list ref]
Date: Sat Dec 10 05:41:01 2011 -0500
add generic terminal prompt function
When we need to prompt the user for input interactively, we
want to access their terminal directly. We can't rely on
stdio because it may be connected to pipes or files, rather
than the terminal. Instead, we use "getpass()", because it
abstracts the idea of prompting and reading from the
terminal. However, it has some problems:
1. It never echoes the typed characters, which makes it OK
for passwords but annoying for other input (like usernames).
2. Some implementations of getpass() have an extremely
small input buffer (e.g., Solaris 8 is reported to
support only 8 characters).
3. Some implementations of getpass() will fall back to
reading from stdin (e.g., glibc). We explicitly don't
want this, because our stdin may be connected to a pipe
speaking a particular protocol, and reading will
disrupt the protocol flow (e.g., the remote-curl
helper).
4. Some implementations of getpass() turn off signals, so
that hitting "^C" on the terminal does not break out of
the password prompt. This can be a mild annoyance.
Instead, let's provide an abstract "git_terminal_prompt"
function that addresses these concerns. This patch includes
an implementation based on /dev/tty, enabled by setting
HAVE_DEV_TTY. The fallback is to use getpass() as before.
Signed-off-by: Jeff King [off-list ref]
Signed-off-by: Junio C Hamano [off-list ref]