getpass - get a password
getpass - 获取一个密码
所需头文件:
#include <unistd.h>
char *getpass( const char *prompt);
This function is obsolete. Do not use it.
这个函数已经被废弃,请勿使用
The getpass() function opens /dev/tty (the controlling terminal of the process), outputs the string prompt, turns off echoing, reads one line (the "password"), restores the terminal state and closes /dev/tty again.
getpass函数打开/dev/tty(程序的控制终端),输出到字符串提示,关闭echo,读出一行(也就是密码),保存终端状态,关闭/dev/tty
The function getpass() returns a pointer to a static buffer containing (the first PASS_MAX bytes of) the password without the trailing newline, terminated by a null byte ('\0'). This buffer may be overwritten by a following call. On error, the terminal state is restored, errno is set appropriately, and NULL is returned.
getpass函数返回一个指向包含密码,但不包含换行符,字符串结束符的静态缓冲区的指针,这个buffer可能会被后续的调用覆盖掉,出错的时候终端状态被保存,errno被设置成适当的值,返回NULL
The function may fail if ENXIO The process does not have a controlling terminal.
如果进程没有控制终端,函数将会返回ENXIO错误
FILES /dev/tty
For libc4 and libc5, the prompt is not written to /dev/tty but to stderr. Moreover, if /dev/tty cannot be opened, the password is read from stdin. The static buffer has length 128 so that only the first 127 bytes of the password are returned. While reading the password, signal generation (SIGINT, SIGQUIT, SIGSTOP, SIGTSTP) is disabled and the corresponding characters (usually control-C, control-\, control-Z and control-Y) are transmitted as part of the password. Since libc 5.4.19 also line editing is disabled, so that also backspace and the like will be seen as part of the password.
libc4和libc5,提示会写到stderr而不是/dev/tty,此外如果/dev/tty不能被打开,密码从stdin中读入,静态缓冲区最大只有128个字节,所以只能返回前127个字节,在读密码的时候,信号(SIGINT, SIGQUIT, SIGSTOP, SIGTSTP)被屏蔽,相关的字符(经常是control-C, control-\, control-Z and control-Y)被当成是密码的一部分,自从libc5.4.19之后行编辑也被禁止了,因此backspace之类的按键同样会作为密码的一部分。
For glibc2, if /dev/tty cannot be opened, the prompt is written to stderr and the password is read from stdin. There is no limit on the length of the password. Line editing is not disabled.
glibc2之后,如果/dev/tty不能被打开,提示将会写到stderr,密码从stdin中读取,没有密码长度的限制,行编辑没有被禁止
According to the SUSv2, the value of PASS_MAX must be defined in <limits.h> in case it is smaller than 8, and can in any case be obtained using sysconf(_SC_PASS_MAX). However, POSIX.2 withdraws the constants PASS_MAX and _SC_PASS_MAX, and the function getpass(). Libc4 and libc5 have never supported PASS_MAX or _SC_PASS_MAX. Glibc2 accepts _SC_PASS_MAX and returns BUFSIZ (e.g., 8192).
基于SUSv2,PASS_MAX的值必须在 <limits.h> 中定义,以防小于8位,可以使用sysconf(_SC_PASS_MAX)来获取,然而,POSIX.2退掉了PASS_MAX和_SC_PASS_MAX常量和getpass函数,libc4和libc5永远不再支持PASS_MAX和_SC_PASS_MAX,glibc2接受_SC_PASS_MAX,返回BUFSIZ
The calling process should zero the password as soon as possible to avoid leaving the cleartext password visible in the process's address space.
getpass - 获取一个密码
所需头文件:
#include <unistd.h>
char *getpass( const char *prompt);
This function is obsolete. Do not use it.
这个函数已经被废弃,请勿使用
The getpass() function opens /dev/tty (the controlling terminal of the process), outputs the string prompt, turns off echoing, reads one line (the "password"), restores the terminal state and closes /dev/tty again.
getpass函数打开/dev/tty(程序的控制终端),输出到字符串提示,关闭echo,读出一行(也就是密码),保存终端状态,关闭/dev/tty
The function getpass() returns a pointer to a static buffer containing (the first PASS_MAX bytes of) the password without the trailing newline, terminated by a null byte ('\0'). This buffer may be overwritten by a following call. On error, the terminal state is restored, errno is set appropriately, and NULL is returned.
getpass函数返回一个指向包含密码,但不包含换行符,字符串结束符的静态缓冲区的指针,这个buffer可能会被后续的调用覆盖掉,出错的时候终端状态被保存,errno被设置成适当的值,返回NULL
The function may fail if ENXIO The process does not have a controlling terminal.
如果进程没有控制终端,函数将会返回ENXIO错误
FILES /dev/tty
For libc4 and libc5, the prompt is not written to /dev/tty but to stderr. Moreover, if /dev/tty cannot be opened, the password is read from stdin. The static buffer has length 128 so that only the first 127 bytes of the password are returned. While reading the password, signal generation (SIGINT, SIGQUIT, SIGSTOP, SIGTSTP) is disabled and the corresponding characters (usually control-C, control-\, control-Z and control-Y) are transmitted as part of the password. Since libc 5.4.19 also line editing is disabled, so that also backspace and the like will be seen as part of the password.
libc4和libc5,提示会写到stderr而不是/dev/tty,此外如果/dev/tty不能被打开,密码从stdin中读入,静态缓冲区最大只有128个字节,所以只能返回前127个字节,在读密码的时候,信号(SIGINT, SIGQUIT, SIGSTOP, SIGTSTP)被屏蔽,相关的字符(经常是control-C, control-\, control-Z and control-Y)被当成是密码的一部分,自从libc5.4.19之后行编辑也被禁止了,因此backspace之类的按键同样会作为密码的一部分。
For glibc2, if /dev/tty cannot be opened, the prompt is written to stderr and the password is read from stdin. There is no limit on the length of the password. Line editing is not disabled.
glibc2之后,如果/dev/tty不能被打开,提示将会写到stderr,密码从stdin中读取,没有密码长度的限制,行编辑没有被禁止
According to the SUSv2, the value of PASS_MAX must be defined in <limits.h> in case it is smaller than 8, and can in any case be obtained using sysconf(_SC_PASS_MAX). However, POSIX.2 withdraws the constants PASS_MAX and _SC_PASS_MAX, and the function getpass(). Libc4 and libc5 have never supported PASS_MAX or _SC_PASS_MAX. Glibc2 accepts _SC_PASS_MAX and returns BUFSIZ (e.g., 8192).
基于SUSv2,PASS_MAX的值必须在 <limits.h> 中定义,以防小于8位,可以使用sysconf(_SC_PASS_MAX)来获取,然而,POSIX.2退掉了PASS_MAX和_SC_PASS_MAX常量和getpass函数,libc4和libc5永远不再支持PASS_MAX和_SC_PASS_MAX,glibc2接受_SC_PASS_MAX,返回BUFSIZ
The calling process should zero the password as soon as possible to avoid leaving the cleartext password visible in the process's address space.
调用进程需要把password尽快清零处理,防止留下可视的密码给进程地址空间
testcase如下:
#include <unistd.h>
#include <stdio.h>
int main()
{
const char *tip = "Please input password: ";
char *pw = getpass(tip);
printf("password = %s\n", pw);
pw = NULL;
return 0;
}运行结果:
cheny.le@cheny-ThinkPad-T420:~/cheny/testCode$ ./a.out
Please input password:
password = abc
我输入的是abc,为了安全起见,返回的指针请尽快清掉,不然可能会泄密哈,不过这个函数由于安全问题已经被废弃了。
2315
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
