getpasswd(S) 6 January 1993 getpasswd(S) Name getpasswd, fgetpasswd, bigcrypt, bigcryptmax - read or clear a password Syntax cc . . . -lprot -lcrypti -lx #include <sys/types.h> #include <sys/security.h> #include <sys/audit.h> #include <prot.h> char *getpasswd (prompt, max_size) char *prompt; int max_size; char *fgetpasswd (prompt, max_size, file_in, file_out) char *prompt; int max_size; FILE *file_in; FILE *file_out; char *bigcrypt (cleartext, salt) char *cleartext; char *salt; char *bigcryptmax (cleartext, salt) char *cleartext; char *salt; Description The getpasswd routine, when given a non-NULL and null-terminated prompt, reads up to a newline or an EOF from the file /dev/tty, after prompting on the standard error output with prompt and disabling echoing. fgetpasswd gets or clears a password from a device file. Set maxsize to AUTHMAXPASSWDLENGTH, defined in <prot.h>. If filein is null, infor- mation is taken from /dev/tty; if fileout is null, information is writ- ten to stderr. The value in prompt is written to fileout. A \n charac- ter is inserted at the end of the string written to fileout. A pointer is returned to the cleartext static area. The bigcrypt routine is used in the same way as crypt(S) to encrypt pass- words of any length, including passwords longer than eight characters. bigcrypt utilizes the setting of the upwseg in /etc/auth/system/default, truncating the cleartext password to the number of characters derived from upwseg. getprpwent(S) correspondingly truncates the encrypted password string (upwd) in the protected password entry, so that a com- parison of the value returned by bigcrypt succeed if the password would have matched on the first (upwseg * 8) cleartext characters. For the purposes of checking passwords, this is transparent to the appli- cation. To provide backward compatibility to applications and allow upwseg to be reduced and then increased again without losing informa- tion, it is important that the stored encrypted password (set using putprpwnam(S) when the password is changed) not be truncated. So that the sequence of getprpwent, putprpwnam does not truncate the stored password when upwseg is smaller than the password in the entry, the operating system stores the original stored value of upwd. putprpwnam restores upwd to this saved value if the new value matches the truncated saved value. bigcryptmax is the same as bigcrypt except that in bigcryptmax upwseg is ignored. This routine is used only when a new longer password is set in the protected password entry. Use bigcrypt for checking existing pass- words. Return value Upon successful completion, the getpasswd routine returns a pointer to a null-terminated string of at most maxsize characters. If /dev/tty cannot be opened, a NULL pointer is returned. An interrupt terminates input and sends an interrupt signal to the calling program before returning. The bigcrypt routine returns an encrypted password. Note The library libcrypti.a is not currently distributed with Development System. Please contact your supplier for information on obtaining this library. The return value for getpasswd and fgetpasswd points to static data whose content is overwritten by each call to getpasswd or fgetpasswd. There- fore, the information should be copied if it needs to be saved or used later. As soon as that password is no longer needed, getpasswd or fget- passwd should again be invoked with a NULL prompt string. This clears the password in the static area so that there is no chance of ``dirty memory'' revealing passwords later on. Files /dev/tty See also crypt(S), getpass(S), getprpwent(S), putprpwnam(S) Standards conformance getpasswd, fgetpasswd, bigcrypt, and bigcryptmax are not part of any currently supported standard; they are an extension of AT&T System V pro- vided by the Santa Cruz Operation.