1.\" $OpenBSD: /usr/local/www/cvsroot/OpenBSD/src/lib/libc/gen/readpassphrase.3,v 1.7 2001/12/15 15:37:51 millert Exp $ 2.\" 3.\" Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com> 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. The name of the author may not be used to endorse or promote products 15.\" derived from this software without specific prior written permission. 16.\" 17.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 18.\" INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY 19.\" AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 20.\" THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 21.\" EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 22.\" PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 23.\" OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 24.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 25.\" OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 26.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27.\" 28.\" $FreeBSD$ 29.\" 30.Dd December 7, 2001 31.Dt READPASSPHRASE 3 32.Os 33.Sh NAME 34.Nm readpassphrase 35.Nd get a passphrase from the user 36.Sh SYNOPSIS 37.Fd #include <readpassphrase.h> 38.Ft char * 39.Fn readpassphrase "const char *prompt" "char *buf" "size_t bufsiz" "int flags" 40.Sh DESCRIPTION 41The 42.Fn readpassphrase 43function displays a prompt to, and reads in a passphrase from, 44.Pa /dev/tty . 45If this file is inaccessible 46and the 47.Dv RPP_REQUIRE_TTY 48flag is not set, 49.Fn readpassphrase 50displays the prompt on the standard error output and reads from the standard 51input. 52In this case it is generally not possible to turn off echo. 53.Pp 54Up to 55.Fa bufsiz 56- 1 characters (one is for the NUL) are read into the provided buffer 57.Fa buf . 58Any additional 59characters and the terminating newline (or return) character are discarded. 60.Pp 61.Fn readpassphrase 62takes the following optional 63.Fa flags : 64.Pp 65.Bd -literal -offset indent -compact 66RPP_ECHO_OFF turn off echo (default behavior) 67RPP_ECHO_ON leave echo on 68RPP_REQUIRE_TTY fail if there is no tty 69RPP_FORCELOWER force input to lower case 70RPP_FORCEUPPER force input to upper case 71RPP_SEVENBIT strip the high bit from input 72.Ed 73.Pp 74The calling process should zero the passphrase as soon as possible to 75avoid leaving the cleartext passphrase visible in the process's address 76space. 77.Sh RETURN VALUES 78Upon successful completion, 79.Fn readpassphrase 80returns a pointer to the null-terminated passphrase. 81If an error is encountered, the terminal state is restored and 82a null pointer is returned. 83.Sh ERRORS 84.Bl -tag -width Er 85.It Bq Er EINTR 86The 87.Fn readpassphrase 88function was interrupted by a signal. 89.It Bq Er EINVAL 90The 91.Ar bufsiz 92argument was zero. 93.It Bq Er EIO 94The process is a member of a background process attempting to read 95from its controlling terminal, the process is ignoring or blocking 96the SIGTTIN signal or the process group is orphaned. 97.It Bq Er EMFILE 98The process has already reached its limit for open file descriptors. 99.It Bq Er ENFILE 100The system file table is full. 101.It Bq Er ENOTTY 102There is no controlling terminal and the 103.Dv RPP_REQUIRE_TTY 104flag was specified. 105.El 106.Sh EXAMPLES 107The following code fragment will read a passphrase from 108.Pa /dev/tty 109into the buffer 110.Fa passbuf. 111.Bd -literal -offset indent 112char passbuf[1024]; 113 114\&... 115 116if (readpassphrase("Response: ", passbuf, sizeof(passbuf), 117 RPP_REQUIRE_TTY) == NULL) 118 errx(1, "unable to read passphrase"); 119 120if (compare(transform(passbuf), epass) != 0) 121 errx(1, "bad passphrase"); 122 123\&... 124 125memset(passbuf, 0, sizeof(passbuf)); 126.Ed 127.Sh SIGNALS 128.Fn readpassphrase 129will catch the following signals: 130.Pp 131.Bd -literal -offset indent -compact 132SIGINT 133SIGHUP 134SIGQUIT 135SIGTERM 136SIGTSTP 137SIGTTIN 138SIGTTOU 139.Ed 140.Pp 141When one of the above signals is intercepted, terminal echo will 142be restored if it had previously been turned off. 143If a signal handler was installed for the signal when 144.Fn readpassphrase 145was called that handler is then executed. 146If no handler was previously installed for the signal then the 147default action is taken as per 148.Xr sigaction 2 . 149.Pp 150The 151.Dv SIGTSTP , 152.Dv SIGTTIN , 153.Dv SIGTTOU , 154signals (stop signal generated from keyboard or due to terminal I/O 155from a background proccess) are treated specially. 156When the process is resumed after it has been stopped, 157.Fn readpassphrase 158will reprint the prompt and the user may then enter a passphrase. 159.Sh FILES 160.Bl -tag -width /dev/tty -compact 161.It Pa /dev/tty 162.El 163.Sh SEE ALSO 164.Xr sigaction 2 , 165.Xr getpass 3 166.Sh STANDARDS 167The 168.Fn readpassphrase 169function is an 170.Ox 171extension and should not be used if portability is desired. 172.Sh HISTORY 173The 174.Fn readpassphrase 175function first appeared in 176.Ox 2.9 . 177