Mercurial > crates > nonstick

annotate pam/src/module.rs @ 44:50371046c61a default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add support for pam_get_authtok and minor cleanups. This change adds the pam_get_authtok function for PAM modules, as well as performing a few cleanups: - Pattern match in a few more places. - Pull out string-copying into a function. - Format and run clippy. - Replace outdated PAM doc links with man7.org pages.
author Paul Fisher <paul@pfish.zone>
date Sat, 08 Mar 2025 19:29:46 -0500
parents ec70822cbdef
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
1 //! Functions for use in pam modules.
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
2
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
3 use libc::c_char;
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
4 use std::ffi::{CStr, CString};
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
5
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
6 use constants::{PamFlag, PamResultCode};
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
7 use items::ItemType;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
8
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
9 /// Opaque type, used as a pointer when making pam API calls.
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
10 ///
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
11 /// A module is invoked via an external function such as `pam_sm_authenticate`.
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
12 /// Such a call provides a pam handle pointer. The same pointer should be given
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
13 /// as an argument when making API calls.
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
14 #[repr(C)]
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
15 pub struct PamHandle {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
16 _data: [u8; 0],
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
17 }
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
18
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
19 #[link(name = "pam")]
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
20 extern "C" {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
21 fn pam_get_data(
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
22 pamh: *const PamHandle,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
23 module_data_name: *const c_char,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
24 data: &mut *const libc::c_void,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
25 ) -> PamResultCode;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
26
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
27 fn pam_set_data(
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
28 pamh: *const PamHandle,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
29 module_data_name: *const c_char,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
30 data: *mut libc::c_void,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
31 cleanup: extern "C" fn(
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
32 pamh: *const PamHandle,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
33 data: *mut libc::c_void,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
34 error_status: PamResultCode,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
35 ),
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
36 ) -> PamResultCode;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
37
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
38 fn pam_get_item(
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
39 pamh: *const PamHandle,
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
40 item_type: ItemType,
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
41 item: &mut *const libc::c_void,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
42 ) -> PamResultCode;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
43
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
44 fn pam_set_item(
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
45 pamh: *mut PamHandle,
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
46 item_type: ItemType,
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
47 item: *const libc::c_void,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
48 ) -> PamResultCode;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
49
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
50 fn pam_get_user(
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
51 pamh: *const PamHandle,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
52 user: &*mut c_char,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
53 prompt: *const c_char,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
54 ) -> PamResultCode;
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
55
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
56 fn pam_get_authtok(
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
57 pamh: *const PamHandle,
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
58 item_type: ItemType,
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
59 data: &*mut c_char,
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
60 prompt: *const c_char,
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
61 ) -> PamResultCode;
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
62
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
63 }
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
64
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
65 pub extern "C" fn cleanup<T>(_: *const PamHandle, c_data: *mut libc::c_void, _: PamResultCode) {
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
66 unsafe {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
67 let _data: Box<T> = Box::from_raw(c_data.cast::<T>());
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
68 }
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
69 }
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
70
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
71 pub type PamResult<T> = Result<T, PamResultCode>;
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
72
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
73 impl PamHandle {
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
74 /// Gets some value, identified by `key`, that has been set by the module
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
75 /// previously.
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
76 ///
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
77 /// See the [`pam_get_data` manual page](
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
78 /// https://www.man7.org/linux/man-pages/man3/pam_get_data.3.html).
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
79 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
80 /// # Errors
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
81 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
82 /// Returns an error if the underlying PAM function call fails.
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
83 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
84 /// # Safety
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
85 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
86 /// The data stored under the provided key must be of type `T` otherwise the
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
87 /// behaviour of this function is undefined.
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
88 pub unsafe fn get_data<T>(&self, key: &str) -> PamResult<&T> {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
89 let c_key = CString::new(key).unwrap();
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
90 let mut ptr: *const libc::c_void = std::ptr::null();
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
91 let res = pam_get_data(self, c_key.as_ptr(), &mut ptr);
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
92 if PamResultCode::PAM_SUCCESS == res && !ptr.is_null() {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
93 let typed_ptr = ptr.cast::<T>();
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
94 let data: &T = &*typed_ptr;
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
95 Ok(data)
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
96 } else {
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
97 Err(res)
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
98 }
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
99 }
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
100
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
101 /// Stores a value that can be retrieved later with `get_data`. The value lives
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
102 /// as long as the current pam cycle.
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
103 ///
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
104 /// See the [`pam_set_data` manual page](
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
105 /// https://www.man7.org/linux/man-pages/man3/pam_set_data.3.html).
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
106 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
107 /// # Errors
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
108 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
109 /// Returns an error if the underlying PAM function call fails.
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
110 pub fn set_data<T>(&self, key: &str, data: Box<T>) -> PamResult<()> {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
111 let c_key = CString::new(key).unwrap();
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
112 let res = unsafe {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
113 pam_set_data(
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
114 self,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
115 c_key.as_ptr(),
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
116 Box::into_raw(data).cast::<libc::c_void>(),
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
117 cleanup::<T>,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
118 )
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
119 };
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
120 to_result(res)
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
121 }
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
122
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
123 /// Retrieves a value that has been set, possibly by the pam client. This is
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
124 /// particularly useful for getting a `PamConv` reference.
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
125 ///
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
126 /// See the [`pam_get_item` manual page](
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
127 /// https://www.man7.org/linux/man-pages/man3/pam_get_item.3.html).
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
128 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
129 /// # Errors
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
130 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
131 /// Returns an error if the underlying PAM function call fails.
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
132 pub fn get_item<T: crate::items::Item>(&self) -> PamResult<Option<T>> {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
133 let mut ptr: *const libc::c_void = std::ptr::null();
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
134 let (res, item) = unsafe {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
135 let r = pam_get_item(self, T::type_id(), &mut ptr);
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
136 let typed_ptr = ptr.cast::<T::Raw>();
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
137 let t = if typed_ptr.is_null() {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
138 None
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
139 } else {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
140 Some(T::from_raw(typed_ptr))
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
141 };
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
142 (r, t)
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
143 };
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
144 match res {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
145 PamResultCode::PAM_SUCCESS => Ok(item),
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
146 other => Err(other),
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
147 }
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
148 }
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
149
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
150 /// Sets a value in the pam context. The value can be retrieved using
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
151 /// `get_item`.
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
152 ///
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
153 /// Note that all items are strings, except `PAM_CONV` and `PAM_FAIL_DELAY`.
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
154 ///
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
155 /// See the [`pam_set_item` manual page](
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
156 /// https://www.man7.org/linux/man-pages/man3/pam_set_item.3.html).
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
157 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
158 /// # Errors
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
159 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
160 /// Returns an error if the underlying PAM function call fails.
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
161 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
162 /// # Panics
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
163 ///
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
164 /// Panics if the provided item key contains a nul byte.
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
165 pub fn set_item_str<T: crate::items::Item>(&mut self, item: T) -> PamResult<()> {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
166 let res =
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
167 unsafe { pam_set_item(self, T::type_id(), item.into_raw().cast::<libc::c_void>()) };
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
168 to_result(res)
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
169 }
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
170
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
171 /// Retrieves the name of the user who is authenticating or logging in.
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
172 ///
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
173 /// This is really a specialization of `get_item`.
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
174 ///
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
175 /// See the [`pam_get_user` manual page](
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
176 /// https://www.man7.org/linux/man-pages/man3/pam_get_user.3.html).
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
177 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
178 /// # Errors
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
179 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
180 /// Returns an error if the underlying PAM function call fails.
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
181 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
182 /// # Panics
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
183 ///
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
184 /// Panics if the provided prompt string contains a nul byte.
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
185 pub fn get_user(&self, prompt: Option<&str>) -> PamResult<String> {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
186 let prompt_string;
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
187 let c_prompt = match prompt {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
188 Some(p) => {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
189 prompt_string = CString::new(p).unwrap();
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
190 prompt_string.as_ptr()
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
191 }
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
192 None => std::ptr::null(),
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
193 };
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
194 let output: *mut c_char = std::ptr::null_mut();
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
195 let res = unsafe { pam_get_user(self, &output, c_prompt) };
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
196 match res {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
197 PamResultCode::PAM_SUCCESS => copy_pam_string(output),
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
198 otherwise => Err(otherwise),
19
d654aa0655e5 Making PamHandle a struct with methods
Anthony Nowell <anthony@algorithmia.com>
parents: 15
diff changeset
199 }
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
200 }
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
201
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
202 /// Retrieves the authentication token from the user.
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
203 ///
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
204 /// This is really a specialization of `get_item`.
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
205 ///
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
206 /// See the [`pam_get_authtok` manual page](
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
207 /// https://www.man7.org/linux/man-pages/man3/pam_get_authtok.3.html).
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
208 ///
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
209 /// # Errors
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
210 ///
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
211 /// Returns an error if the underlying PAM function call fails.
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
212 ///
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
213 /// # Panics
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
214 ///
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
215 /// Panics if the provided prompt string contains a nul byte.
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
216 pub fn get_authtok(&self, prompt: Option<&str>) -> PamResult<String> {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
217 let prompt_string;
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
218 let c_prompt = match prompt {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
219 Some(p) => {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
220 prompt_string = CString::new(p).unwrap();
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
221 prompt_string.as_ptr()
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
222 }
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
223 None => std::ptr::null(),
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
224 };
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
225 let output: *mut c_char = std::ptr::null_mut();
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
226 let res = unsafe { pam_get_authtok(self, ItemType::AuthTok, &output, c_prompt) };
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
227 match res {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
228 PamResultCode::PAM_SUCCESS => copy_pam_string(output),
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
229 otherwise => Err(otherwise),
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
230 }
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
231 }
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
232 }
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
233
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
234 /// Creates an owned copy of a string that is returned from a
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
235 /// <code>pam_get_<var>whatever</var></code> function.
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
236 fn copy_pam_string(result_ptr: *const c_char) -> PamResult<String> {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
237 // We really shouldn't get a null pointer back here, but if we do, return nothing.
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
238 if result_ptr.is_null() {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
239 return Ok(String::from(""));
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
240 }
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
241 let bytes = unsafe { CStr::from_ptr(result_ptr).to_bytes() };
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
242 String::from_utf8(bytes.to_vec()).map_err(|_| PamResultCode::PAM_CONV_ERR)
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
243 }
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
244
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
245 /// Convenience to transform a `PamResultCode` into a unit `PamResult`.
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
246 fn to_result(result: PamResultCode) -> PamResult<()> {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
247 match result {
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
248 PamResultCode::PAM_SUCCESS => Ok(()),
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
249 otherwise => Err(otherwise),
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
250 }
22
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
251 }
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
252
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
253 /// Provides functions that are invoked by the entrypoints generated by the
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
254 /// [`pam_hooks!` macro](../macro.pam_hooks.html).
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
255 ///
44
50371046c61a Add support for pam_get_authtok and minor cleanups.
Paul Fisher <paul@pfish.zone>
parents: 34
diff changeset
256 /// All hooks are ignored by PAM dispatch by default given the default return value of `PAM_IGNORE`.
22
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
257 /// Override any functions that you want to handle with your module. See `man pam(3)`.
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
258 #[allow(unused_variables)]
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
259 pub trait PamHooks {
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
260 /// This function performs the task of establishing whether the user is permitted to gain access at
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
261 /// this time. It should be understood that the user has previously been validated by an
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
262 /// authentication module. This function checks for other things. Such things might be: the time of
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
263 /// day or the date, the terminal line, remote hostname, etc. This function may also determine
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
264 /// things like the expiration on passwords, and respond that the user change it before continuing.
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
265 fn acct_mgmt(pamh: &mut PamHandle, args: Vec<&CStr>, flags: PamFlag) -> PamResultCode {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
266 PamResultCode::PAM_IGNORE
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
267 }
22
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
268
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
269 /// This function performs the task of authenticating the user.
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
270 fn sm_authenticate(pamh: &mut PamHandle, args: Vec<&CStr>, flags: PamFlag) -> PamResultCode {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
271 PamResultCode::PAM_IGNORE
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
272 }
22
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
273
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
274 /// This function is used to (re-)set the authentication token of the user.
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
275 ///
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
276 /// The PAM library calls this function twice in succession. The first time with
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
277 /// `PAM_PRELIM_CHECK` and then, if the module does not return `PAM_TRY_AGAIN`, subsequently with
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
278 /// `PAM_UPDATE_AUTHTOK`. It is only on the second call that the authorization token is
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
279 /// (possibly) changed.
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
280 fn sm_chauthtok(pamh: &mut PamHandle, args: Vec<&CStr>, flags: PamFlag) -> PamResultCode {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
281 PamResultCode::PAM_IGNORE
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
282 }
22
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
283
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
284 /// This function is called to terminate a session.
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
285 fn sm_close_session(pamh: &mut PamHandle, args: Vec<&CStr>, flags: PamFlag) -> PamResultCode {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
286 PamResultCode::PAM_IGNORE
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
287 }
22
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
288
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
289 /// This function is called to commence a session.
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
290 fn sm_open_session(pamh: &mut PamHandle, args: Vec<&CStr>, flags: PamFlag) -> PamResultCode {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
291 PamResultCode::PAM_IGNORE
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
292 }
22
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
293
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
294 /// This function performs the task of altering the credentials of the user with respect to the
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
295 /// corresponding authorization scheme. Generally, an authentication module may have access to more
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
296 /// information about a user than their authentication token. This function is used to make such
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
297 /// information available to the application. It should only be called after the user has been
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
298 /// authenticated but before a session has been established.
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
299 fn sm_setcred(pamh: &mut PamHandle, args: Vec<&CStr>, flags: PamFlag) -> PamResultCode {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
300 PamResultCode::PAM_IGNORE
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
301 }
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
302 }