From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) by sourceware.org (Postfix) with ESMTPS id D6E683858C39 for ; Fri, 29 Oct 2021 11:58:06 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org D6E683858C39 Received: by mail-ed1-x536.google.com with SMTP id h7so38361826ede.8 for ; Fri, 29 Oct 2021 04:58:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:references:user-agent :in-reply-to:message-id:mime-version:content-transfer-encoding; bh=Rwlo8FdhYRtBlqo68p6ZXREef+lIIdNlKykDKKYBIXg=; b=Rq1upvZ3qFY+HsFrfaxUPETsFC8Phq78ufXZ41wNcjxt3C84UNUJcA8qWpTaB5lN9z SEziKCImgeA8MF+6AmVBALxBeY9sSWY8GHSWW/yyTM0fX1jWevqf8Jgg2tlALCrqrIqo 5TISwND+HcA6JvsEUzoVPsln8v909SVBeXJlYAukwirdBVPETrjmErFtdYwPvBFDPLRD NeS7eZ4VEweS68ekVev+IHxe3iTpQijMU0CMQAQp5IcJtiYTQ/fZBLREs9Me/x9LDFw2 PgFcMnhyp0IoB1ovIVWSaEvi4rNJNbWAlBrstM0s9iXRmpxQaccyqXJXMm1NkPj7M9V1 mP0w== X-Gm-Message-State: AOAM531S8LngeHjG3RhT5T3wMBWVLaY0EFNFM6hmp1IdWBxP6FuUO8C6 L3/X6TceEX/a6IUB8a5C5jU= X-Google-Smtp-Source: ABdhPJz3QK99OBKgw0ThChm+DfT+MpTOrqIHhv4FZkJ423dEckeSmj09GDw5vPbeOlDWOmI/7WcTmQ== X-Received: by 2002:aa7:ccc2:: with SMTP id y2mr10634789edt.149.1635508685469; Fri, 29 Oct 2021 04:58:05 -0700 (PDT) Received: from gmgdl (j120189.upc-j.chello.nl. [24.132.120.189]) by smtp.gmail.com with ESMTPSA id hc15sm2752681ejc.73.2021.10.29.04.58.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 29 Oct 2021 04:58:05 -0700 (PDT) Received: from avar by gmgdl with local (Exim 4.95) (envelope-from ) id 1mgQWK-00251f-KM; Fri, 29 Oct 2021 13:58:04 +0200 From: =?utf-8?B?w4Z2YXIgQXJuZmrDtnLDsA==?= Bjarmason To: "Alejandro Colomar (man-pages)" Cc: Libc-alpha , linux-man , git@vger.kernel.org, "tech@openbsd.org" , "Benoit Lecocq" , "Klemens Nanni" Subject: Re: Is getpass(3) really obsolete? Date: Fri, 29 Oct 2021 13:40:36 +0200 References: <73ac38a2-c287-4cc1-4e9c-0f9766ac4c0c@gmail.com> User-agent: Debian GNU/Linux bookworm/sid; Emacs 27.1; mu4e 1.6.6 In-reply-to: <73ac38a2-c287-4cc1-4e9c-0f9766ac4c0c@gmail.com> Message-ID: <211029.86r1c43uwj.gmgdl@evledraar.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Oct 2021 11:58:09 -0000 On Fri, Oct 29 2021, Alejandro Colomar (man-pages) wrote: > [Add a few CCs, since I mentioned them.] [I'm not sure what the full context of this thread is, but just replying from the POV of git@ being CC'd on this] > On 10/29/21 13:15, Alejandro Colomar wrote: >> Hi, >> As the manual pages says, SUSv2 marked it as LEGACY, and POSIX >> doesn't have it at all.=C2=A0 The manual page goes further and says "This >> function is obsolete. Do not use it." in its first lines. >> But, glibc doesn't seem to have deprecated this function at all.=C2=A0 >> And it seems to be the most portable way to get a password, even if >> it's not in POSIX. >> BSDs have readpassphrase(3), but glibc doesn't, so unless you >> recommend=20 > > OpenBSD also marks getpass(3) as obsolete and recommends readpassphrase(3= ): > Simply not being familiar with that case: Is that suggestive of getpass(3) being bad to use in general, or a case where OpenBSD's deprecation of it makes sense holistically on that OS, but not necessarily elsewhere? Just skimming the linked man pages it looks like OpenBSD might have deprecated it at least partly due to getpass() accepting a password on stdin. Even within OpenBSD I wonder what that case means for software such as git. I.e. is it better to be portable and accept the same behavior on OpenBSD as elsewhere, or conform more closely to platform-specific conventions. I haven't looked closely out our getpass() integration, maybe that's a moot point either way. >> using readpassphrase(3) from libbsd, or plan to add it to glibc, I >> think getpass(3) should be the recommended function in Linux, and >> therefore we should remove the hard words against it. >> As a real example, git(1) uses getpass(3). >> >> What are your thoughts? >> Thanks, >> Alex >>=20 Just while we've got some OpenBSD people CC'd (added the devel/git maintainers). I occasionally test git on OpenBSD myself (on the GCC farm), and we've got a few broken tests on the platform. Looking at the ports source there's at least a couple of OpenBSD portability patches in there that would make sense to upstream. So if that's easy for you or you're willing to submit them upstream we'd be happy to take them. Usually the only reason we haven't fixed things like that already is because nobody told us, and we're not actively looking into the local patches local packagers apply.