Simon Josefsson wrote: > I'm not sure it is a good idea to recommend use of getpass, possibly > gnulib could offer a better interface. It could have a parameter to ask > for confirmation of the password internally. However, I will use > getpass for now since I don't want to introduce a lot of changes in the > particular code I'm working on.
Wget just added code to the dev repo that uses gnu_getpass to support password prompting. This was mainly because it was quick-and-easy, and because gnu_getpass doesn't suffer from many of the serious flaws plaguing alternative implementations. However, it's not quite ideal. One thing that I consider a problem is that one can't distinguish between an empty line and EOF. I'd have liked to treat EOF as an exit condition, but an empty line as an empty password. However, more of a problem is that if one enters EOF, it'd be nice if getpass issued an extra newline so that any further output begins on a new line. Otherwise, a program that exits in response to EOF (such as Wget) will wind up with the user's prompt following the program's password prompt. The program of course could issue the extra newline itself, but (a) doesn't know whether it needs to (since it could have been an empty line, rather than EOF), and (b) doesn't know where the newline should go (/dev/tty? stderr?). So, I think we'd be in favor of a better, general solution, for those who do not have need of a portable version of the obsolete interface. (Also, the Windows implementation might be improved by the removal of a hard buffer limit.) -- Micah J. Cowan Programmer, musician, typesetting enthusiast, gamer, and GNU Wget Project Maintainer. http://micah.cowan.name/
