Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ getpasswd(S) — OpenDesktop Software Development System 3.0.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

crypt(S)

getpass(S)

getprpwent(S)

putprpwnam(S)


 getpasswd(S)                   6 January 1993                   getpasswd(S)


 Name

    getpasswd, fgetpasswd, bigcrypt, bigcryptmax - read or clear a password

 Syntax


    cc  . . .  -lprot -lcrypti -lx


    #include  <sys/types.h>
    #include  <sys/security.h>
    #include  <sys/audit.h>
    #include  <prot.h>

    char *getpasswd (prompt, max_size)
    char *prompt;
    int max_size;

    char *fgetpasswd (prompt, max_size, file_in, file_out)
    char *prompt;
    int max_size;
    FILE *file_in;
    FILE *file_out;

    char *bigcrypt (cleartext, salt)
    char *cleartext;
    char *salt;

    char *bigcryptmax (cleartext, salt)
    char *cleartext;
    char *salt;


 Description

    The getpasswd routine, when given a non-NULL and null-terminated prompt,
    reads up to a newline or an EOF from the file /dev/tty, after prompting
    on the standard error output with prompt and disabling echoing.

    fgetpasswd gets or clears a password from a device file.  Set maxsize to
    AUTHMAXPASSWDLENGTH, defined in <prot.h>.  If filein is null, infor-
    mation is taken from /dev/tty; if fileout is null, information is writ-
    ten to stderr.  The value in prompt is written to fileout.  A \n charac-
    ter is inserted at the end of the string written to fileout.  A pointer
    is returned to the cleartext static area.

    The bigcrypt routine is used in the same way as crypt(S) to encrypt pass-
    words of any length, including passwords longer than eight characters.
    bigcrypt utilizes the setting of the upwseg in /etc/auth/system/default,
    truncating the cleartext password to the number of characters derived
    from upwseg.  getprpwent(S) correspondingly truncates the encrypted
    password string (upwd) in the protected password entry, so that a com-
    parison of the value returned by bigcrypt succeed if the password would
    have matched on the first (upwseg * 8) cleartext characters.

    For the purposes of checking passwords, this is transparent to the appli-
    cation.  To provide backward compatibility to applications and allow
    upwseg to be reduced and then increased again without losing informa-
    tion, it is important that the stored encrypted password (set using
    putprpwnam(S) when the password is changed) not be truncated.

    So that the sequence of getprpwent, putprpwnam does not truncate  the
    stored password when upwseg is smaller than the password in the entry,
    the operating system stores  the original stored value of upwd.
    putprpwnam restores upwd to this saved value if the new value matches
    the truncated saved value.

    bigcryptmax is the same as bigcrypt except that in bigcryptmax upwseg is
    ignored.  This routine is used only when a new longer password is set in
    the protected password entry.  Use bigcrypt for checking existing pass-
    words.

 Return value

    Upon successful completion, the getpasswd routine returns a pointer to a
    null-terminated string of at most maxsize characters. If /dev/tty cannot
    be opened, a NULL pointer is returned.  An interrupt terminates input and
    sends an interrupt signal to the calling program before returning.

    The bigcrypt routine returns an encrypted password.

 Note

    The library libcrypti.a is not currently distributed with Development
    System.  Please contact your supplier for information on obtaining this
    library.

    The return value for getpasswd and fgetpasswd points to static data whose
    content is overwritten by each call to getpasswd or fgetpasswd. There-
    fore, the information should be copied if it needs to be saved or used
    later.  As soon as that password is no longer needed, getpasswd or fget-
    passwd should again be invoked with a NULL prompt string.  This clears
    the password in the static area so that there is no chance of ``dirty
    memory'' revealing passwords later on.

 Files

    /dev/tty

 See also

    crypt(S), getpass(S), getprpwent(S), putprpwnam(S)

 Standards conformance

    getpasswd, fgetpasswd, bigcrypt, and bigcryptmax are not part of any
    currently supported standard; they are an extension of AT&T System V pro-
    vided by the Santa Cruz Operation.


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026