From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <deraadt@openbsd.org>
Received: from cvs.openbsd.org (cvs.openbsd.org [199.185.137.3])
 by sourceware.org (Postfix) with ESMTP id 932BA3857807
 for <libc-alpha@sourceware.org>; Fri, 29 Oct 2021 13:55:38 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 932BA3857807
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=openbsd.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=openbsd.org
Received: from cvs.openbsd.org (localhost [127.0.0.1])
 by cvs.openbsd.org (OpenSMTPD) with ESMTP id e2eaf310;
 Fri, 29 Oct 2021 07:55:36 -0600 (MDT)
From: "Theo de Raadt" <deraadt@openbsd.org>
To: rsbecker@nexbridge.com
cc: "'Alejandro Colomar \(man-pages\)'" <alx.manpages@gmail.com>,
 "'Libc-alpha'" <libc-alpha@sourceware.org>,
 "'linux-man'" <linux-man@vger.kernel.org>, git@vger.kernel.org,
 tech@openbsd.org
Subject: Re: Is getpass(3) really obsolete?
In-reply-to: <00d501d7ccbe$0169c340$043d49c0$@nexbridge.com>
References: <a0371f24-d8d3-07d9-83a3-00a4bf22c0f5@gmail.com>
 <73ac38a2-c287-4cc1-4e9c-0f9766ac4c0c@gmail.com>
 <00d501d7ccbe$0169c340$043d49c0$@nexbridge.com>
Comments: In-reply-to <rsbecker@nexbridge.com>
 message dated "Fri, 29 Oct 2021 08:10:41 -0400."
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <36593.1635515736.1@cvs.openbsd.org>
Date: Fri, 29 Oct 2021 07:55:36 -0600
Message-ID: <63238.1635515736@cvs.openbsd.org>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS,
 SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Oct 2021 13:55:41 -0000

<rsbecker@nexbridge.com> wrote:

> On October 29, 2021 7:29 AM, Alejandro Colomar wrote:
> > On 10/29/21 13:15, Alejandro Colomar wrote:
> > > Hi,
> > >
> > > As the manual pages says, SUSv2 marked it as LEGACY, and POSIX doesn't
> > > have it at all.  The manual page goes further and says "This function
> > > is obsolete. Do not use it." in its first lines.
> > >
> > > But, glibc doesn't seem to have deprecated this function at all.  And
> > > it seems to be the most portable way to get a password, even if it's
> > > not in POSIX.
> > >
> > > BSDs have readpassphrase(3), but glibc doesn't, so unless you
> > > recommend
> > 
> > OpenBSD also marks getpass(3) as obsolete and recommends
> > readpassphrase(3):
> > <https://man.openbsd.org/getpass>
> > 
> > > using readpassphrase(3) from libbsd, or plan to add it to glibc, I
> > > think
> > > getpass(3) should be the recommended function in Linux, and therefore
> > > we should remove the hard words against it.
> > >
> > > As a real example, git(1) uses getpass(3).
> > > <https://github.com/git/git/blob/master/compat/terminal.c>
> > >
> > > What are your thoughts?
> 
> getpass() is obsolete in POSIX.2. However, some platforms still are on POSIX.1, so replacing it instead of providing a configure detection/switch for it might cause issues.


The community finally had the balls to get rid of gets(3).

getpass(3) shares the same flaw, that the buffer size isn't passed.
This has been an issue in the past, and incorrectly led to readpassphrase(3)

readpassphrase(3) has a few too many features/extensions for my taste, but
at least it is harder to abuse.