Better alternative for getpass function

Question

Today I was codding something and at some point I needed the getpass function, and everything was OK, well at least until I used --std=c11 and i got:

error: implicit declaration of function ‘getpass’ [-Werror=implicit-function-declaration]|

On internet i found that this function is considered obsolete.:

The getpass() function is not threadsafe because it manipulates global signal state.

The getpass() function is scheduled to be withdrawn from a future version of the X/Open CAE Specification.

So I cannot use it, at least not if I compile with --std=c11.

The program which I tried looks like this:

#include
#include
#include
#include

    int main(void){
        char checkPasswd[BUFSIZ] = "iajsdiajsda32121312asda:ubuntu";
        char *checkName = "michi";

        char name[25];
        char *passwd;
        char *delimiter;

        printf("Login Name:	");
        scanf("%24s" ,name);

        delimiter = strchr(checkPasswd, ':');
        delimiter[0] = '\0';
        delimiter++;

        passwd = getpass("Give a passwd:	");

        if(strcmp(name,checkName) == 0){
             if(strcmp(passwd,delimiter) == 0){
                printf("Logged In

");
             }else{
                printf("			Wrong Password
");
                exit(1);
             }
        }else{
            printf("			Wrong Name
");
            exit(1);
        }

        printf("			Welcome %s

", name);
        return 0;
    }

I read something here ==>> Getting a password in C without using getpass (3)? and there is also some Answers but I was wondering if there is am easy way before i try what i found there, something similar to:

passwd = getpass("Give a passwd:	");

Or I have to create it my self ?

This program doesn't do what I need:

#include 
#include 
#include 

int main(void){
    struct termios oflags, nflags;
    char password[64];

    tcgetattr(fileno(stdin), &oflags);
    nflags = oflags;
    nflags.c_lflag &= ~ECHO;
    nflags.c_lflag |= ECHONL;

    if (tcsetattr(fileno(stdin), TCSANOW, &nflags) != 0) {
        perror("tcsetattr");
        return EXIT_FAILURE;
    }

    printf("password: ");
    fgets(password, sizeof(password), stdin);
    password[strlen(password) - 1] = 0;
    printf("you typed '%s'
", password);

    if (tcsetattr(fileno(stdin), TCSANOW, &oflags) != 0) {
        perror("tcsetattr");
        return EXIT_FAILURE;
    }

    return 0;
}

So the question is, do I have to write it my self or there is an Alternative function ?

user3121023 · Accepted Answer

If your terminal supports these escape codes, this will conceal what you type for a password.

#include 

void UserPW ( char *pw, size_t pwsize) {
    int i = 0;
    int ch = 0;

    printf ( "\033[8m");//conceal typing
    while ( 1) {
        ch = getchar();
        if ( ch == '
' || ch == '
' || ch == EOF) {//get characters until CR or NL
            break;
        }
        if ( i < pwsize - 1) {//do not save pw longer than space in pw
            pw[i] = ch;       //longer pw can be entered but excess is ignored
            pw[i + 1] = '\0';
        }
        i++;
    }
    printf ( "\033[0A");//move cursor up one line
    printf ( "\033[21C");//move cursor 21 places
    while ( i) {
        printf ( "*");//overwrite password on screen. this is still concealed
        i--;
    }
    printf ( "\033[28m");//reveal typing
}

int main ( ) {
    char password[20];

    printf ( "Enter your password: ");
    fflush ( stdout);//prompt does not have '
' so make sure it prints
    UserPW ( password, sizeof ( password));//password array and size
    printf ( "
entered [%s]
", password);//instead of printing you would verify the entered password
    return 0;
}

Better alternative for getpass function

Answers (2)

Related Questions