Alejandro Colomar <alx.manpages@xxxxxxxxx> writes: > I happen to be working on replacing getpass(3) in shadow-utils. As > there is no replacement in glibc, I'm making the code depend on libbsd > on GNU systems. > ... > Would you mind implementing readpassphrase(3) in glibc so that it's > easier to use something safe and portable without resorting to > compatibility libraries? Also, I'd like some review of this function, > if you think the API could be improved. Maybe agetpass() would be a > simple almost-drop-in replacement for getpass(3), so if you like it > for glibc, let's discuss it. > > I chose a predefined buffer size to not have to pass a buffer size all > the time, which could be error-prone. I also allocated the buffer > internally, to make it easier to replace getpass(3). It may be > desirable to use existing buffers, and pass them through a pointer, > but for shadow-utils, it was simpler to keep the getpass(3) API. > > I don't know what was the practice with PASS_MAX regarding the NUL > byte, but to avoid creating a buffer of a power of two plus one, I > decided that the NUL byte would be within PASS_MAX. Another solution > would be to declare PASS_MAX to be something like BUFSIZ-1, and then > use PASS_MAX+1, but I opted for simplicity. I understand that in an old thread last fall we were CC'ed only because we are one of the users of getpass(3), but could you take us out of the CC list, please? We'd migrate, if getpass() starts being unusable for us, away from it and choose an alternative, but until then git@xxxxxxxxxxxxxxx is a good place to discuss this. Thanks.