From 908f5a9f9fe6d587e7b97e449a835ee51a85e8d8 Mon Sep 17 00:00:00 2001
From: Martin Pool <mbp@samba.org>
Date: Tue, 17 Jun 2003 04:46:32 +0000
Subject: [PATCH] Add a comment about using getpassphrase() or readpassphrase()
 rather than getpass().  No code change.

---
 authenticate.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/authenticate.c b/authenticate.c
index 7d44da6e..7da25d41 100644
--- a/authenticate.c
+++ b/authenticate.c
@@ -273,8 +273,14 @@ void auth_client(int fd, char *user, char *challenge)
 
 	if (!(pass=getpassf(password_file)) && !(pass=getenv("RSYNC_PASSWORD"))) {
 		/* XXX: cyeoh says that getpass is deprecated, because
-		   it may return a truncated password on some systems,
-		   and it is not in the LSB. */
+		 * it may return a truncated password on some systems,
+		 * and it is not in the LSB.
+                 *
+                 * Andrew Klein says that getpassphrase() is present
+                 * on Solaris and reads up to 256 characters.
+                 *
+                 * OpenBSD has a readpassphrase() that might be more suitable.
+                 */
 		pass = getpass("Password: ");
 	}
 
-- 
2.34.1