Remaining getpass(3) use
alejandro-colomar opened this issue · 0 comments
alejandro-colomar commented
Line 35 in 9514a84
While doing string stuff, I found that I missed a getpass(3) use in this file. Investigating it, it seems it's not trivial to rewrite this case in terms of agetpass(3), because the caller may want to have the password in cleartext after the call. However, it seems we don't really do that. There's nobody setting that variable in the entire repository; it keeps it's initial value all the time. Should we remove that variable, and all the dead code that it belongs to?
$ grep -rn wipe_clear_pass src/ lib*
lib/pwauth.c:34:bool wipe_clear_pass = true;
lib/pwauth.c:198: * if the external variable wipe_clear_pass is zero, we will
lib/pwauth.c:204: if (wipe_clear_pass && (NULL != clear) && ('\0' != *clear)) {