1.\" $OpenBSD: readpassphrase.3,v 1.9 2002/06/28 01:43:58 millert Exp $ 2.\" 3.\" Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com> 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. The name of the author may not be used to endorse or promote products 15.\" derived from this software without specific prior written permission. 16.\" 17.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, 18.\" INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY 19.\" AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 20.\" THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 21.\" EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 22.\" PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 23.\" OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 24.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 25.\" OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 26.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27.\" 28.Dd December 7, 2001 29.Dt READPASSPHRASE 3 30.Os 31.Sh NAME 32.Nm readpassphrase 33.Nd get a passphrase from the user 34.Sh SYNOPSIS 35.Fd #include <readpassphrase.h> 36.Ft char * 37.Fn readpassphrase "const char *prompt" "char *buf" "size_t bufsiz" "int flags" 38.Sh DESCRIPTION 39The 40.Fn readpassphrase 41function displays a prompt to, and reads in a passphrase from, 42.Pa /dev/tty . 43If this file is inaccessible 44and the 45.Dv RPP_REQUIRE_TTY 46flag is not set, 47.Fn readpassphrase 48displays the prompt on the standard error output and reads from the standard 49input. 50In this case it is generally not possible to turn off echo. 51.Pp 52Up to 53.Fa bufsiz 54- 1 characters (one is for the NUL) are read into the provided buffer 55.Fa buf . 56Any additional 57characters and the terminating newline (or return) character are discarded. 58.Pp 59.Fn readpassphrase 60takes the following optional 61.Fa flags : 62.Pp 63.Bd -literal -offset indent -compact 64RPP_ECHO_OFF turn off echo (default behavior) 65RPP_ECHO_ON leave echo on 66RPP_REQUIRE_TTY fail if there is no tty 67RPP_FORCELOWER force input to lower case 68RPP_FORCEUPPER force input to upper case 69RPP_SEVENBIT strip the high bit from input 70RPP_STDIN force read of passphrase from stdin 71.Ed 72.Pp 73The calling process should zero the passphrase as soon as possible to 74avoid leaving the cleartext passphrase visible in the process's address 75space. 76.Sh RETURN VALUES 77Upon successful completion, 78.Fn readpassphrase 79returns a pointer to the null-terminated passphrase. 80If an error is encountered, the terminal state is restored and 81a null pointer is returned. 82.Sh ERRORS 83.Bl -tag -width Er 84.It Bq Er EINTR 85The 86.Fn readpassphrase 87function was interrupted by a signal. 88.It Bq Er EINVAL 89The 90.Ar bufsiz 91argument was zero. 92.It Bq Er EIO 93The process is a member of a background process attempting to read 94from its controlling terminal, the process is ignoring or blocking 95the SIGTTIN signal or the process group is orphaned. 96.It Bq Er EMFILE 97The process has already reached its limit for open file descriptors. 98.It Bq Er ENFILE 99The system file table is full. 100.It Bq Er ENOTTY 101There is no controlling terminal and the 102.Dv RPP_REQUIRE_TTY 103flag was specified. 104.El 105.Sh EXAMPLES 106The following code fragment will read a passphrase from 107.Pa /dev/tty 108into the buffer 109.Fa passbuf. 110.Bd -literal -offset indent 111char passbuf[1024]; 112 113\&... 114 115if (readpassphrase("Response: ", passbuf, sizeof(passbuf), 116 RPP_REQUIRE_TTY) == NULL) 117 errx(1, "unable to read passphrase"); 118 119if (compare(transform(passbuf), epass) != 0) 120 errx(1, "bad passphrase"); 121 122\&... 123 124memset(passbuf, 0, sizeof(passbuf)); 125.Ed 126.Sh SIGNALS 127.Fn readpassphrase 128will catch the following signals: 129.Pp 130.Bd -literal -offset indent -compact 131SIGALRM 132SIGHUP 133SIGINT 134SIGPIPE 135SIGQUIT 136SIGTERM 137SIGTSTP 138SIGTTIN 139SIGTTOU 140.Ed 141.Pp 142When one of the above signals is intercepted, terminal echo will 143be restored if it had previously been turned off. 144If a signal handler was installed for the signal when 145.Fn readpassphrase 146was called that handler is then executed. 147If no handler was previously installed for the signal then the 148default action is taken as per 149.Xr sigaction 2 . 150.Pp 151The 152.Dv SIGTSTP , 153.Dv SIGTTIN , 154.Dv SIGTTOU , 155signals (stop signal generated from keyboard or due to terminal I/O 156from a background proccess) are treated specially. 157When the process is resumed after it has been stopped, 158.Fn readpassphrase 159will reprint the prompt and the user may then enter a passphrase. 160.Sh FILES 161.Bl -tag -width /dev/tty -compact 162.It Pa /dev/tty 163.El 164.Sh SEE ALSO 165.Xr sigaction 2 , 166.Xr getpass 3 167.Sh STANDARDS 168The 169.Fn readpassphrase 170function is an 171.Ox 172extension and should not be used if portability is desired. 173.Sh HISTORY 174The 175.Fn readpassphrase 176function first appeared in 177.Ox 2.9 . 178