Re: Is getpass(3) really obsolete?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Oct 29 2021, Alejandro Colomar (man-pages) wrote:

> [Add a few CCs, since I mentioned them.]

[I'm not sure what the full context of this thread is, but just replying
from the POV of git@ being CC'd on this]

> On 10/29/21 13:15, Alejandro Colomar wrote:
>> Hi,
>> As the manual pages says, SUSv2 marked it as LEGACY, and POSIX
>> doesn't have it at all.  The manual page goes further and says "This
>> function is obsolete. Do not use it." in its first lines.
>> But, glibc doesn't seem to have deprecated this function at all. 
>> And it seems to be the most portable way to get a password, even if
>> it's not in POSIX.
>> BSDs have readpassphrase(3), but glibc doesn't, so unless you
>> recommend 
>
> OpenBSD also marks getpass(3) as obsolete and recommends readpassphrase(3):
> <https://man.openbsd.org/getpass>

Simply not being familiar with that case: Is that suggestive of
getpass(3) being bad to use in general, or a case where OpenBSD's
deprecation of it makes sense holistically on that OS, but not
necessarily elsewhere?

Just skimming the linked man pages it looks like OpenBSD might have
deprecated it at least partly due to getpass() accepting a password on
stdin.

Even within OpenBSD I wonder what that case means for software such as
git. I.e. is it better to be portable and accept the same behavior on
OpenBSD as elsewhere, or conform more closely to platform-specific
conventions.

I haven't looked closely out our getpass() integration, maybe that's a
moot point either way.

>> using readpassphrase(3) from libbsd, or plan to add it to glibc, I
>> think getpass(3) should be the recommended function in Linux, and
>> therefore we should remove the hard words against it.
>> As a real example, git(1) uses getpass(3).
>> <https://github.com/git/git/blob/master/compat/terminal.c>
>> What are your thoughts?
>> Thanks,
>> Alex
>> 

Just while we've got some OpenBSD people CC'd (added the devel/git
maintainers). I occasionally test git on OpenBSD myself (on the GCC
farm), and we've got a few broken tests on the platform.

Looking at the ports source there's at least a couple of OpenBSD
portability patches in there that would make sense to
upstream.

So if that's easy for you or you're willing to submit them upstream we'd
be happy to take them. Usually the only reason we haven't fixed things
like that already is because nobody told us, and we're not actively
looking into the local patches local packagers apply.




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux