gh-138577: Fix keyboard shortcuts in getpass with echo_char

[CuriousLearner]

Fixes #138577

When using getpass.getpass(echo_char='*'), keyboard shortcuts like Ctrl+U (kill line), Ctrl+W (erase word), and Ctrl+V (literal next) now work correctly by reading the terminal's control character settings and processing them in non-canonical mode.

Tested with:

import getpass

# Test Ctrl+U (clear line)
# Type "wrong", press Ctrl+U, type "correct"
password = getpass.getpass(echo_char="*")
print(f"Result: {password!r}")
# Expected: 'correct'

# Test Ctrl+W (erase word)
# Type "hello world", press Ctrl+W, type "python"
password = getpass.getpass(echo_char="*")
print(f"Result: {password!r}")
# Expected: 'hello python'

# Test Ctrl+V (literal next)
# Type "test", press Ctrl+V, press Ctrl+U, type "more"
password = getpass.getpass(echo_char="*")
print(f"Result: {password!r}")
# Expected: 'test\x15more' (contains literal Ctrl+U)

• Issue: getpass's echo_char should not affect keyboard shortcuts #138577

---

📚 Documentation preview 📚: https://cpython-previews--141597.org.readthedocs.build/

[picnixz]

Thanks for doing this but this looks like a very complicate patch which is what I feared :( Also, I personally would use Ctrl+a/Ctrl+e for jumping at the start/end of what I write and ctrl+k (I think people are more familiar with ctrl+a/ctrl+k rather than ctrl+u for erasing an entire line in general...).

So I'm not really confident in actually changing this. I think deleting the last character that was typed (with DEL) is usually what people expect.

In addition, to make the feature more extendable in the future, I would prefer a tokenizer-based + dispatcher based approach instead (like we currently do for the REPL) because with many ifs like that it becomes hard to follow what's being done. But this would require an refactoring of this module which I don't really know if it's worth.

[picnixz]

Those are too long loines and they are unreadable. All of that can be a single function that is given the action to perform and the current capabilities.

[picnixz]

Ideally, we should have them defined in a global private dict instead to ease maintenance.

[picnixz]

This code must be refactored with a combination of a global dict with the defaults and a function.

[bedevere-app]

A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated.

Once you have made the requested changes, please leave a comment on this pull request containing the phrase I have made the requested changes; please review again. I will then notify any core developers who have left a review that you're ready for them to take another look at this pull request.

[CuriousLearner]

Also, I personally would use Ctrl+a/Ctrl+e for jumping at the start/end of what I write and ctrl+k (I think people are more familiar with ctrl+a/ctrl+k rather than ctrl+u for erasing an entire line in general...).

Agree on this, since the original ticket asked for Ctrl+U, I would handle all these Ctrl characters.

In addition, to make the feature more extendable in the future, I would prefer a tokenizer-based + dispatcher based approach instead (like we currently do for the REPL) because with many ifs like that it becomes hard to follow what's being done

I'm refactoring the patch to be more extensible in the future, especially as more control characters are added.

[CuriousLearner]

It actually grew a lot bigger than I initially expected, but based on your review, I can iterate over this @picnixz

[picnixz]

It looks great. The patch itself is small but the tests are long so I think it is fine. Nonetheless I think it would be better to have it in 3.15 rather than in 3.14.1. WDYT? (i need to review it but not today)

Changes were made.

[picnixz]

Quick review.

[picnixz]

To reduce the number of continue, just use if-elif constructions here.

[picnixz]

Here's a suggestion: don't build a dispatch table via a function but make the editor handles it internally:

editor.handle(char)

[picnixz]

Suggested change

	"""Redraw the entire password line with asterisks."""
	"""Redraw the entire password line with *echo_char*."""

[picnixz]

Suggested change

	try:
	old = termios.tcgetattr(fd)
	cc = old[6] # Index 6 is the control characters array
	return {
	'ERASE': cc[termios.VERASE] if termios.VERASE < len(cc) else _POSIX_CTRL_CHARS['ERASE'],
	'KILL': cc[termios.VKILL] if termios.VKILL < len(cc) else _POSIX_CTRL_CHARS['KILL'],
	'WERASE': cc[termios.VWERASE] if termios.VWERASE < len(cc) else _POSIX_CTRL_CHARS['WERASE'],
	'LNEXT': cc[termios.VLNEXT] if termios.VLNEXT < len(cc) else _POSIX_CTRL_CHARS['LNEXT'],
	'EOF': cc[termios.VEOF] if termios.VEOF < len(cc) else _POSIX_CTRL_CHARS['EOF'],
	'INTR': cc[termios.VINTR] if termios.VINTR < len(cc) else _POSIX_CTRL_CHARS['INTR'],
	# Ctrl+A/E/K are not in termios, use POSIX defaults
	'SOH': _POSIX_CTRL_CHARS['SOH'],
	'ENQ': _POSIX_CTRL_CHARS['ENQ'],
	'VT': _POSIX_CTRL_CHARS['VT'],
	}
	except (termios.error, OSError):
	return _POSIX_CTRL_CHARS.copy()
	res = _POSIX_CTRL_CHARS.copy()
	try:
	old = termios.tcgetattr(fd)
	cc = old[6] # Index 6 is the control characters array
	except (termios.error, OSError):
	return res
	# Ctrl+A/E/K are not in termios, use POSIX defaults
	for name in ["ERASE", "KILL", "WERASE", "LNEXT", "EOF", "INTR"]
	cap = getattr(termios, f"V{name}")
	if cap < len(cc):
	res[name] = cc[flag]
	return res

[CuriousLearner]

Thanks for the suggestion, there was some minor issue here, which I've fixed in my refactoring

[picnixz]

Why are we adding 20 extra characters?

[CuriousLearner]

The +20 was an arbitrary buffer and has been removed. The current implementation now uses just len(self.passwd) to clear only the necessary characters:

self.stream.write('\r' + ' ' * len(self.passwd) + '\r')

[picnixz]

Can't we have the POSIX defaults already decoded?

[CuriousLearner]

Refactored this in b8609bd

[picnixz]

I'm assuming cc[termios.VINTR] gives bytes right? in this case we can already decode it.

[CuriousLearner]

Yes, cc[termios.VINTR] returns bytes. This is now decoded inline in the refactored implementation:

  for name in ('ERASE', 'KILL', 'WERASE', 'LNEXT', 'EOF', 'INTR'):
      cap = getattr(termios, f'V{name}')
      if cap < len(cc):
          res[name] = cc[cap].decode('latin-1')

The _POSIX_CTRL_CHARS defaults are also now stored as already-decoded strings.

[CuriousLearner]

Hi @picnixz 👋🏼

Sorry, it took some time to address the review here. I've refactored the patch & I think Python 3.15 would be a better choice for this, though I don't see any issues if it gets into Python 3.14.1 (unless I'm missing something).