crates/nonstick: src/libpam/handle.rs annotate

annotate src/libpam/handle.rs @ 171:e27c5c667a5a

Create full new types for return code and flags, separate end to end. This plumbs the ReturnCode and RawFlags types through the places where we call into or are called from PAM. Also adds Sun documentation to the project.

author	Paul Fisher <paul@pfish.zone>
date	Fri, 25 Jul 2025 20:52:14 -0400
parents	77470e45e397
children	9e4ce1631bd3

rev	line source
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	1 use super::conversation::{OwnedConversation, PamConv};
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	2 use crate::_doc::{guide, linklist, man7, stdlinks};
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	3 use crate::constants::{ErrorCode, RawFlags, Result, ReturnCode};
130 80c07e5ab22f Transfer over (almost) completely to using libpam-sys. Paul Fisher <paul@pfish.zone> parents: 118 diff changeset	4 use crate::conv::Exchange;
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	5 use crate::environ::EnvironMapMut;
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	6 use crate::handle::PamShared;
146 1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	7 use crate::items::{Items, ItemsMut};
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	8 use crate::libpam::environ::{LibPamEnviron, LibPamEnvironMut};
146 1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	9 use crate::libpam::items::{LibPamItems, LibPamItemsMut};
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	10 use crate::libpam::{items, memory};
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	11 use crate::logging::{Level, Location, Logger};
166 2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	12 use crate::{AuthnFlags, AuthtokFlags, Conversation, EnvironMap, ModuleClient, Transaction};
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	13 use num_enum::{IntoPrimitive, TryFromPrimitive};
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	14 use std::any::TypeId;
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	15 use std::cell::Cell;
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	16 use std::ffi::{c_char, c_int, c_void, CString, OsStr, OsString};
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	17 use std::os::unix::ffi::OsStrExt;
130 80c07e5ab22f Transfer over (almost) completely to using libpam-sys. Paul Fisher <paul@pfish.zone> parents: 118 diff changeset	18 use std::ptr::NonNull;
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	19 use std::{any, fmt, ptr};
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	20
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	21 /// An owned PAM handle.
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	22 pub struct LibPamTransaction<C: Conversation> {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	23 /// The handle itself. We guarantee this will not be null.
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	24 handle: *mut LibPamHandle,
101 94b51fa4f797 Fix memory soundness issues: Paul Fisher <paul@pfish.zone> parents: 98 diff changeset	25 /// The last return value from the handle.
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	26 last_return: Cell<Result<()>>,
101 94b51fa4f797 Fix memory soundness issues: Paul Fisher <paul@pfish.zone> parents: 98 diff changeset	27 /// If set, the Conversation that this PAM handle owns.
102 94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	28 ///
94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	29 /// We have to hold on to this because the PAM specification doesn't
94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	30 /// actually say what the PAM library should do with a passed-in
94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	31 /// conversation. Linux-PAM copies the contents of the `pam_conv` struct
94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	32 /// that you pass in to `pam_start`, but OpenPAM uses the pointer itself,
94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	33 /// so you have to keep it in one place.
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	34 conversation: Box<OwnedConversation<C>>,
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	35 }
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	36
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	37 impl<C: Conversation> fmt::Debug for LibPamTransaction<C> {
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	38 fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	39 f.debug_struct(any::type_name::<Self>())
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	40 .field("handle", &format!("{:p}", self.handle))
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	41 .field("last_return", &self.last_return.get())
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	42 .field("conversation", &format!("{:p}", self.conversation))
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	43 .finish()
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	44 }
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	45 }
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	46
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	47 #[derive(Debug, PartialEq)]
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	48 pub struct TransactionBuilder {
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	49 service_name: OsString,
ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	50 username: Option<OsString>,
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	51 }
efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	52
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	53 impl TransactionBuilder {
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	54 /// Creates a builder to start a PAM transaction for the given service.
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	55 ///
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	56 /// The service name is what controls the steps and checks PAM goes through
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	57 /// when authenticating a user. This corresponds to the configuration file
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	58 /// usually at <code>/etc/pam.d/<var>service_name</var></code>.
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	59 ///
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	60 /// # References
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	61 #[doc = linklist!(pam_start: adg, _std)]
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	62 ///
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	63 #[doc = stdlinks!(3 pam_start)]
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	64 #[doc = guide!(adg: "adg-interface-by-app-expected.html#adg-pam_start")]
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	65 pub fn new_with_service(service_name: impl AsRef<OsStr>) -> Self {
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	66 Self {
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	67 service_name: service_name.as_ref().into(),
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	68 username: None,
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	69 }
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	70 }
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	71
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	72 /// Updates the service name.
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	73 pub fn service_name(mut self, service_name: impl AsRef<OsStr>) -> Self {
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	74 self.service_name = service_name.as_ref().into();
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	75 self
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	76 }
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	77
102 94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	78 /// Sets the username. Setting this will avoid the need for an extra
94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	79 /// round trip through the conversation and may otherwise improve
94eb11cb1798 Improve documentation for pam_start. Paul Fisher <paul@pfish.zone> parents: 101 diff changeset	80 /// the login experience.
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	81 pub fn username(mut self, username: impl AsRef<OsStr>) -> Self {
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	82 self.username = Some(username.as_ref().into());
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	83 self
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	84 }
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	85
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	86 /// Builds the PAM handle and starts the transaction.
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	87 pub fn build<C: Conversation>(self, conv: C) -> Result<LibPamTransaction<C>> {
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	88 LibPamTransaction::start(self.service_name, self.username, conv)
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	89 }
efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	90 }
efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	91
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	92 impl<C: Conversation> LibPamTransaction<C> {
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	93 fn start(service_name: OsString, username: Option<OsString>, conversation: C) -> Result<Self> {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	94 let mut conv = Box::new(OwnedConversation::new(conversation));
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	95 let service_cstr = CString::new(service_name.as_bytes()).expect("null is forbidden");
ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	96 let username_cstr = memory::option_cstr_os(username.as_deref());
ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	97 let username_cstr = memory::prompt_ptr(username_cstr.as_deref());
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	98
130 80c07e5ab22f Transfer over (almost) completely to using libpam-sys. Paul Fisher <paul@pfish.zone> parents: 118 diff changeset	99 let mut handle: *mut libpam_sys::pam_handle = ptr::null_mut();
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	100 let conv_ptr: *mut OwnedConversation<_> = conv.as_mut() as _;
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	101 // SAFETY: We've set everything up properly to call `pam_start`.
efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	102 // The returned value will be a valid pointer provided the result is OK.
101 94b51fa4f797 Fix memory soundness issues: Paul Fisher <paul@pfish.zone> parents: 98 diff changeset	103 let result = unsafe {
130 80c07e5ab22f Transfer over (almost) completely to using libpam-sys. Paul Fisher <paul@pfish.zone> parents: 118 diff changeset	104 libpam_sys::pam_start(
101 94b51fa4f797 Fix memory soundness issues: Paul Fisher <paul@pfish.zone> parents: 98 diff changeset	105 service_cstr.as_ptr(),
94b51fa4f797 Fix memory soundness issues: Paul Fisher <paul@pfish.zone> parents: 98 diff changeset	106 username_cstr,
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	107 conv_ptr.cast(),
101 94b51fa4f797 Fix memory soundness issues: Paul Fisher <paul@pfish.zone> parents: 98 diff changeset	108 &mut handle,
94b51fa4f797 Fix memory soundness issues: Paul Fisher <paul@pfish.zone> parents: 98 diff changeset	109 )
94b51fa4f797 Fix memory soundness issues: Paul Fisher <paul@pfish.zone> parents: 98 diff changeset	110 };
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	111 ErrorCode::result_from(result)?;
130 80c07e5ab22f Transfer over (almost) completely to using libpam-sys. Paul Fisher <paul@pfish.zone> parents: 118 diff changeset	112 let handle = NonNull::new(handle).ok_or(ErrorCode::BufferError)?;
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	113 Ok(Self {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	114 handle: handle.as_ptr().cast(),
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	115 last_return: Cell::new(Ok(())),
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	116 conversation: conv,
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	117 })
efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	118 }
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	119
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	120 #[cfg_attr(
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	121 pam_impl = "LinuxPam",
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	122 doc = "Ends the PAM transaction \"quietly\" (on Linux-PAM only)."
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	123 )]
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	124 #[cfg_attr(
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	125 not(pam_impl = "LinuxPam"),
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	126 doc = "Exactly equivalent to `drop(self)` (except on Linux-PAM)."
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	127 )]
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	128 ///
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	129 /// On Linux-PAM, this is equivalent to passing the `PAM_DATA_SILENT` flag
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	130 /// to [`pam_end` on Linux-PAM][man7], which signals that data cleanup
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	131 /// should "not treat the call too seriously" \[sic].
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	132 ///
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	133 /// On other platforms, this is no different than letting the transaction
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	134 /// end on its own.
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	135 ///
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	136 #[doc = man7!(3 pam_end)]
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	137 pub fn end_silent(self) {
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	138 #[cfg(pam_impl = "LinuxPam")]
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	139 {
169 77470e45e397 Set up stuff to work the way Sun expects it to. Paul Fisher <paul@pfish.zone> parents: 166 diff changeset	140 let mut me = std::mem::ManuallyDrop::new(self);
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	141 me.end_internal(libpam_sys::PAM_DATA_SILENT);
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	142 }
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	143 // If it's not LinuxPam, we just drop normally.
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	144 }
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	145
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	146 /// Internal "end" function, which binary-ORs the status with `or_with`.
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	147 fn end_internal(&mut self, or_with: i32) {
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	148 let last: i32 = ReturnCode::from(self.last_return.get()).into();
e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	149 let result = last \| or_with;
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	150 unsafe { libpam_sys::pam_end(self.handle.cast(), result) };
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	151 }
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	152 }
efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	153
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	154 macro_rules! wrap {
166 2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	155 (fn $name:ident($ftype:ident) { $pam_func:ident }) => {
2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	156 fn $name(&mut self, flags: $ftype) -> Result<()> {
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	157 let flags: RawFlags = flags.into();
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	158 ErrorCode::result_from(unsafe {
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	159 libpam_sys::$pam_func((self as *mut Self).cast(), flags.into())
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	160 })
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	161 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	162 };
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	163 }
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	164
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	165 impl Transaction for LibPamHandle {
166 2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	166 wrap!(fn authenticate(AuthnFlags) { pam_authenticate });
2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	167 wrap!(fn account_management(AuthnFlags) { pam_acct_mgmt });
2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	168 wrap!(fn change_authtok(AuthtokFlags) { pam_chauthtok });
97 efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	169 }
efe2f5f8b5b2 Implement "stateless" application-side PAM calls. Paul Fisher <paul@pfish.zone> parents: 96 diff changeset	170
147 4d7333337569 Implement Transaction for LibPamTransaction. Paul Fisher <paul@pfish.zone> parents: 146 diff changeset	171 // TODO: pam_setcred - app
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	172 // pam_open_session - app
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	173 // pam_close_session - app
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	174
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	175 impl<C: Conversation> Drop for LibPamTransaction<C> {
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	176 /// Closes the PAM session on an owned PAM handle.
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	177 ///
103 dfcd96a74ac4 write a truly prodigious amount of documentation Paul Fisher <paul@pfish.zone> parents: 102 diff changeset	178 /// This internally calls `pam_end` with the appropriate error code.
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	179 ///
103 dfcd96a74ac4 write a truly prodigious amount of documentation Paul Fisher <paul@pfish.zone> parents: 102 diff changeset	180 /// # References
116 a12706e42c9d Logging, macros, and building: Paul Fisher <paul@pfish.zone> parents: 105 diff changeset	181 #[doc = linklist!(pam_end: adg, _std)]
103 dfcd96a74ac4 write a truly prodigious amount of documentation Paul Fisher <paul@pfish.zone> parents: 102 diff changeset	182 ///
116 a12706e42c9d Logging, macros, and building: Paul Fisher <paul@pfish.zone> parents: 105 diff changeset	183 #[doc = guide!(adg: "adg-interface-by-app-expected.html#adg-pam_end")]
a12706e42c9d Logging, macros, and building: Paul Fisher <paul@pfish.zone> parents: 105 diff changeset	184 #[doc = stdlinks!(3 pam_end)]
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	185 fn drop(&mut self) {
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	186 self.end_internal(0)
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	187 }
ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	188 }
ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	189
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	190 macro_rules! delegate {
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	191 // First have the kind that save the result after delegation.
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	192 (fn $meth:ident(&self $(, $param:ident: $typ:ty)*) -> Result<$ret:ty>) => {
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	193 fn $meth(&self $(, $param: $typ)*) -> Result<$ret> {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	194 let result = unsafe { &self.handle }.$meth($($param),);
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	195 self.last_return.set(split(&result));
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	196 result
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	197 }
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	198 };
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	199 (fn $meth:ident(&mut self $(, $param:ident: $typ:ty)*) -> Result<$ret:ty>) => {
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	200 fn $meth(&mut self $(, $param: $typ)*) -> Result<$ret> {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	201 let result = unsafe { &mut self.handle }.$meth($($param),);
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	202 self.last_return.set(split(&result));
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	203 result
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	204 }
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	205 };
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	206 // Then have the kind that are just raw delegates
b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	207 (fn $meth:ident(&self $(, $param:ident: $typ:ty)*) -> $ret:ty) => {
b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	208 fn $meth(&self $(, $param: $typ)*) -> $ret {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	209 unsafe { &self.handle }.$meth($($param),)
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	210 }
b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	211 };
b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	212 (fn $meth:ident(&mut self $(, $param:ident: $typ:ty)*) -> $ret:ty) => {
b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	213 fn $meth(&mut self $(, $param: $typ)*) -> $ret {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	214 unsafe { &mut self.handle }.$meth($($param),)
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	215 }
b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	216 };
b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	217 // Then have item getters / setters
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	218 (get = $get:ident$(, set = $set:ident)?) => {
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	219 delegate!(fn $get(&self) -> Result<Option<OsString>>);
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	220 $(delegate!(set = $set);)?
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	221 };
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	222 (set = $set:ident) => {
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	223 delegate!(fn $set(&mut self, value: Option<&OsStr>) -> Result<()>);
80 5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	224 };
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	225 }
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	226
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	227 fn split<T>(result: &Result<T>) -> Result<()> {
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	228 result.as_ref().map(drop).map_err(\|&e\| e)
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	229 }
5aa1a010f1e8 Start using PAM headers; improve owned/borrowed distinction. Paul Fisher <paul@pfish.zone> parents: 78 diff changeset	230
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	231 impl<C: Conversation> Logger for LibPamTransaction<C> {
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	232 delegate!(fn log(&self, level: Level, location: Location<'_>, entry: fmt::Arguments) -> ());
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	233 }
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	234
147 4d7333337569 Implement Transaction for LibPamTransaction. Paul Fisher <paul@pfish.zone> parents: 146 diff changeset	235 impl<C: Conversation> Transaction for LibPamTransaction<C> {
166 2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	236 delegate!(fn authenticate(&mut self, flags: AuthnFlags) -> Result<()>);
2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	237 delegate!(fn account_management(&mut self, flags: AuthnFlags) -> Result<()>);
2f5913131295 Separate flag/action flags into flags and action. Paul Fisher <paul@pfish.zone> parents: 163 diff changeset	238 delegate!(fn change_authtok(&mut self, flags: AuthtokFlags) -> Result<()>);
147 4d7333337569 Implement Transaction for LibPamTransaction. Paul Fisher <paul@pfish.zone> parents: 146 diff changeset	239 }
4d7333337569 Implement Transaction for LibPamTransaction. Paul Fisher <paul@pfish.zone> parents: 146 diff changeset	240
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	241 impl<C: Conversation> PamShared for LibPamTransaction<C> {
98 b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	242 delegate!(fn environ(&self) -> impl EnvironMap);
b87100c5eed4 Start on environment variables, and make pointers nicer. Paul Fisher <paul@pfish.zone> parents: 97 diff changeset	243 delegate!(fn environ_mut(&mut self) -> impl EnvironMapMut);
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	244 delegate!(fn username(&mut self, prompt: Option<&OsStr>) -> Result<OsString>);
146 1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	245 delegate!(fn items(&self) -> impl Items);
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	246 delegate!(fn items_mut(&mut self) -> impl ItemsMut);
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	247 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	248
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	249 /// An owned variation of a basic PAM handle.
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	250 ///
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	251 /// This is the most basic version of a wrapped PAM handle. It's mostly used
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	252 /// as the inside of the [`LibPamTransaction`], but can also be used to "adopt"
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	253 /// a PAM handle created by another library.
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	254 ///
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	255 /// If [`Self::end`] is not called, this will always call `pam_end` reporting
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	256 /// successful completion.
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	257 #[repr(transparent)]
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	258 pub struct LibPamHandle(libpam_sys::pam_handle);
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	259
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	260 impl LibPamHandle {
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	261 /// Ends the transaction, reporting `error_code` to cleanup callbacks.
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	262 ///
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	263 /// # References
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	264 #[doc = linklist!(pam_end: adg, _std)]
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	265 ///
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	266 #[doc = guide!(adg: "adg-interface-by-app-expected.html#adg-pam_end")]
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	267 #[doc = stdlinks!(3 pam_end)]
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	268 pub fn end(&mut self, result: Result<()>) {
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	269 let code: ReturnCode = result.into();
e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	270 unsafe { libpam_sys::pam_end(self.inner_mut(), code.into()) };
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	271 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	272
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	273 #[cfg_attr(
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	274 not(pam_impl = "LinuxPam"),
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	275 doc = "Exactly equivalent to [`Self::end`], except on Linux-PAM."
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	276 )]
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	277 #[cfg_attr(
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	278 pam_impl = "LinuxPam",
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	279 doc = "Ends the transaction \"quietly\", reporting `error_code` to cleanup callbacks."
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	280 )]
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	281 ///
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	282 /// On Linux-PAM only, this sets the
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	283 /// [`PAM_DATA_SILENT`](libpam_sys::PAM_DATA_SILENT) flag on the flags
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	284 /// passed to the cleanup callbacks. This conventionally means that this
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	285 /// `pam_end` call is occurring on a forked process, and that a session
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	286 /// may still be open on the parent process, and modules "should not treat
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	287 /// the call too seriously".
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	288 ///
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	289 /// # References
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	290 #[doc = linklist!(pam_end: adg, _std)]
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	291 ///
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	292 #[doc = guide!(adg: "adg-interface-by-app-expected.html#adg-pam_end")]
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	293 #[doc = stdlinks!(3 pam_end)]
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	294 pub fn end_silent(&mut self, result: Result<()>) {
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	295 let result: i32 = ReturnCode::from(result).into();
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	296 #[cfg(pam_impl = "LinuxPam")]
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	297 let result = result \| libpam_sys::PAM_DATA_SILENT;
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	298 unsafe {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	299 libpam_sys::pam_end(self.inner_mut(), result);
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	300 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	301 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	302
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	303 /// Gets a reference to the inner PAM handle.
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	304 pub fn inner(&self) -> &libpam_sys::pam_handle {
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	305 &self.0
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	306 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	307 /// Gets a mutable reference to the inner PAM handle.
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	308 pub fn inner_mut(&mut self) -> &mut libpam_sys::pam_handle {
a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	309 &mut self.0
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	310 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	311 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	312
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	313 impl Logger for LibPamHandle {
157 0099f2f79f86 Switch logging interface to accept fmt::Arguments. Paul Fisher <paul@pfish.zone> parents: 156 diff changeset	314 fn log(&self, level: Level, loc: Location<'_>, entry: fmt::Arguments) {
0099f2f79f86 Switch logging interface to accept fmt::Arguments. Paul Fisher <paul@pfish.zone> parents: 156 diff changeset	315 let entry = match CString::new(entry.to_string()).ok() {
0099f2f79f86 Switch logging interface to accept fmt::Arguments. Paul Fisher <paul@pfish.zone> parents: 156 diff changeset	316 Some(e) => e,
0099f2f79f86 Switch logging interface to accept fmt::Arguments. Paul Fisher <paul@pfish.zone> parents: 156 diff changeset	317 None => return,
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	318 };
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	319 #[cfg(any(pam_impl = "LinuxPam", pam_impl = "Sun"))]
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	320 {
155 ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	321 let level = match level {
ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	322 Level::Error => libc::LOG_ERR,
157 0099f2f79f86 Switch logging interface to accept fmt::Arguments. Paul Fisher <paul@pfish.zone> parents: 156 diff changeset	323 Level::Warn => libc::LOG_WARNING,
155 ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	324 Level::Info => libc::LOG_INFO,
ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	325 Level::Debug => libc::LOG_DEBUG,
ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	326 };
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	327 _ = loc;
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	328 // SAFETY: We're calling this function with a known value.
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	329 #[cfg(pam_impl = "LinuxPam")]
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	330 unsafe {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	331 libpam_sys::pam_syslog(self.inner(), level, b"%s\0".as_ptr().cast(), entry.as_ptr())
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	332 }
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	333 #[cfg(pam_impl = "Sun")]
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	334 unsafe {
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	335 libpam_sys::__pam_log(level, b"%s\0".as_ptr().cast(), entry.as_ptr())
634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	336 }
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	337 }
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	338 #[cfg(pam_impl = "OpenPam")]
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	339 {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	340 let func = CString::new(loc.function).unwrap_or(CString::default());
155 ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	341 let level = match level {
ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	342 Level::Error => libpam_sys::PAM_LOG_ERROR,
157 0099f2f79f86 Switch logging interface to accept fmt::Arguments. Paul Fisher <paul@pfish.zone> parents: 156 diff changeset	343 Level::Warn => libpam_sys::PAM_LOG_NOTICE,
155 ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	344 Level::Info => libpam_sys::PAM_LOG_VERBOSE,
ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	345 Level::Debug => libpam_sys::PAM_LOG_DEBUG,
ab8020566cd9 Only use real PAM constants for logging within `nonstick/libpam`. Paul Fisher <paul@pfish.zone> parents: 153 diff changeset	346 };
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	347 // SAFETY: We're calling this function with a known value.
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	348 unsafe {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	349 libpam_sys::_openpam_log(
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	350 level as c_int,
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	351 func.as_ptr(),
157 0099f2f79f86 Switch logging interface to accept fmt::Arguments. Paul Fisher <paul@pfish.zone> parents: 156 diff changeset	352 b"%s\0".as_ptr().cast(),
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	353 entry.as_ptr(),
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	354 )
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	355 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	356 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	357 }
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	358 }
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	359
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	360 impl PamShared for LibPamHandle {
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	361 fn username(&mut self, prompt: Option<&OsStr>) -> Result<OsString> {
ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	362 let prompt = memory::option_cstr_os(prompt);
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	363 let mut output: *const c_char = ptr::null();
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	364 let ret = unsafe {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	365 libpam_sys::pam_get_user(
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	366 self.inner_mut(),
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	367 &mut output,
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	368 memory::prompt_ptr(prompt.as_deref()),
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	369 )
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	370 };
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	371 ErrorCode::result_from(ret)?;
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	372 Ok(unsafe { memory::copy_pam_string(output).ok_or(ErrorCode::ConversationError)? })
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	373 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	374
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	375 fn environ(&self) -> impl EnvironMap {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	376 LibPamEnviron::new(self)
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	377 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	378
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	379 fn environ_mut(&mut self) -> impl EnvironMapMut {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	380 LibPamEnvironMut::new(self)
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	381 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	382
146 1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	383 fn items(&self) -> impl Items {
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	384 LibPamItems(self)
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	385 }
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	386
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	387 fn items_mut(&mut self) -> impl ItemsMut {
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	388 LibPamItemsMut(self)
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	389 }
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	390 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	391
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	392 impl Conversation for LibPamHandle {
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	393 fn communicate(&self, messages: &[Exchange]) {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	394 match self.conversation_item() {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	395 Ok(conv) => conv.communicate(messages),
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	396 Err(e) => {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	397 for msg in messages {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	398 msg.set_error(e)
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	399 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	400 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	401 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	402 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	403 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	404
146 1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	405 impl ModuleClient for LibPamHandle {
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	406 fn authtok(&mut self, prompt: Option<&OsStr>) -> Result<OsString> {
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	407 self.get_authtok(prompt, ItemType::AuthTok)
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	408 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	409
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	410 fn old_authtok(&mut self, prompt: Option<&OsStr>) -> Result<OsString> {
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	411 self.get_authtok(prompt, ItemType::OldAuthTok)
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	412 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	413
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	414 fn get_module_data<T: 'static>(&self, key: &str) -> Option<&T> {
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	415 // It's technically unsafe to do this, but we assume that other modules
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	416 // aren't going to go out of their way to find the key we've used
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	417 // and corrupt its value's data.
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	418 let full_key = module_data_key::<T>(key);
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	419 let mut ptr: *const c_void = ptr::null();
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	420 unsafe {
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	421 ErrorCode::result_from(libpam_sys::pam_get_data(
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	422 self.inner(),
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	423 full_key.as_ptr(),
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	424 &mut ptr,
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	425 ))
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	426 .ok()?;
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	427
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	428 (ptr as *const T).as_ref()
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	429 }
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	430 }
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	431
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	432 fn set_module_data<T: 'static>(&mut self, key: &str, data: T) -> Result<()> {
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	433 let full_key = module_data_key::<T>(key);
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	434 let data = Box::new(data);
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	435 ErrorCode::result_from(unsafe {
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	436 libpam_sys::pam_set_data(
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	437 self.inner_mut(),
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	438 full_key.as_ptr(),
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	439 Box::into_raw(data).cast(),
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	440 drop_module_data::<T>,
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	441 )
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	442 })
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	443 }
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	444
146 1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	445 fn authtok_item(&self) -> Result<Option<OsString>> {
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	446 unsafe { items::get_cstr_item(self, ItemType::AuthTok) }
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	447 }
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	448 fn old_authtok_item(&self) -> Result<Option<OsString>> {
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	449 unsafe { items::get_cstr_item(self, ItemType::OldAuthTok) }
1bc52025156b Split PAM items into their own separate struct. Paul Fisher <paul@pfish.zone> parents: 144 diff changeset	450 }
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	451 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	452
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	453 /// Constructs a type-specific, module-specific key for this data.
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	454 fn module_data_key<T: 'static>(key: &str) -> CString {
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	455 // The type ID is unique per-type.
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	456 let tid = TypeId::of::<T>();
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	457 // The `set_data_cleanup` function lives statically inside each PAM module,
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	458 // so its address will be different between `pam_a.so` and `pam_b.so`,
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	459 // even if both modules .so files are byte-for-byte identical.
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	460 let cleanup_addr = drop_module_data::<T> as usize;
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	461 // Then, by adding the key,
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	462 let key = format!("{key:?}::{tid:?}::{cleanup_addr:016x}");
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	463 CString::new(key).expect("null bytes somehow got into a debug string?")
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	464 }
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	465
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	466 /// Function called at the end of a PAM session that is called to clean up
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	467 /// a value previously provided to PAM in a `pam_set_data` call.
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	468 ///
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	469 /// You should never call this yourself.
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	470 extern "C" fn drop_module_data<T>(_: mut libpam_sys::pam_handle, c_data: mut c_void, _: c_int) {
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	471 unsafe {
153 3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	472 // Adopt the pointer into a Box and immediately drop it.
3036f2e6a022 Add module-specific data support. Paul Fisher <paul@pfish.zone> parents: 148 diff changeset	473 let _: Box<T> = Box::from_raw(c_data.cast());
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	474 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	475 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	476
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	477 // Implementations of internal functions.
144 56b559b7ecea Big rename: separate concepts of Transaction from Handle. Paul Fisher <paul@pfish.zone> parents: 143 diff changeset	478 impl LibPamHandle {
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	479 #[cfg(any(pam_impl = "LinuxPam", pam_impl = "OpenPam"))]
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	480 fn get_authtok(&mut self, prompt: Option<&OsStr>, item_type: ItemType) -> Result<OsString> {
ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	481 let prompt = memory::option_cstr_os(prompt);
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	482 let mut output: *const c_char = ptr::null();
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	483 // SAFETY: We're calling this with known-good values.
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	484 let res = unsafe {
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	485 libpam_sys::pam_get_authtok(
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	486 self.inner_mut(),
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	487 item_type.into(),
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	488 &mut output,
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	489 memory::prompt_ptr(prompt.as_deref()),
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	490 )
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	491 };
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	492 ErrorCode::result_from(res)?;
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	493 // SAFETY: We got this string from PAM.
143 ebb71a412b58 Turn everything into OsString and Just Walk Out! for strings with nul. Paul Fisher <paul@pfish.zone> parents: 141 diff changeset	494 unsafe { memory::copy_pam_string(output) }.ok_or(ErrorCode::ConversationError)
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	495 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	496
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	497 #[cfg(pam_impl = "Sun")]
169 77470e45e397 Set up stuff to work the way Sun expects it to. Paul Fisher <paul@pfish.zone> parents: 166 diff changeset	498 fn get_authtok(&mut self, _prompt: Option<&OsStr>, item_type: ItemType) -> Result<OsString> {
77470e45e397 Set up stuff to work the way Sun expects it to. Paul Fisher <paul@pfish.zone> parents: 166 diff changeset	499 unsafe { items::get_cstr_item(self, item_type) }?.ok_or(ErrorCode::ConversationError)
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	500 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	501
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	502 /// Gets the `PAM_CONV` item from the handle.
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	503 fn conversation_item(&self) -> Result<&PamConv> {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	504 let mut output: *const c_void = ptr::null();
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	505 let result = unsafe {
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	506 libpam_sys::pam_get_item(self.inner(), ItemType::Conversation.into(), &mut output)
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	507 };
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	508 ErrorCode::result_from(result)?;
163 a75a66cb4181 Add end-to-end tests; fix issues found by tests. Paul Fisher <paul@pfish.zone> parents: 159 diff changeset	509 let output: *const PamConv = output.cast();
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	510 // SAFETY: We got this result from PAM, and we're checking if it's null.
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	511 unsafe { output.as_ref() }.ok_or(ErrorCode::ConversationError)
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	512 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	513 }
a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	514
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	515 /// Identifies what is being gotten or set with `pam_get_item`
ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	516 /// or `pam_set_item`.
159 634cd5f2ac8b Separate logging into its own trait apart from the rest of PAM. Paul Fisher <paul@pfish.zone> parents: 157 diff changeset	517 #[derive(Clone, Copy, PartialEq, Eq, TryFromPrimitive, IntoPrimitive)]
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	518 #[repr(i32)]
ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	519 #[non_exhaustive] // because C could give us anything!
ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	520 pub enum ItemType {
ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	521 /// The PAM service name.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	522 Service = libpam_sys::PAM_SERVICE,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	523 /// The user's login name.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	524 User = libpam_sys::PAM_USER,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	525 /// The TTY name.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	526 Tty = libpam_sys::PAM_TTY,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	527 /// The remote host (if applicable).
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	528 RemoteHost = libpam_sys::PAM_RHOST,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	529 /// The conversation struct (not a CStr-based item).
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	530 Conversation = libpam_sys::PAM_CONV,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	531 /// The authentication token (password).
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	532 AuthTok = libpam_sys::PAM_AUTHTOK,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	533 /// The old authentication token (when changing passwords).
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	534 OldAuthTok = libpam_sys::PAM_OLDAUTHTOK,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	535 /// The remote user's name.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	536 RemoteUser = libpam_sys::PAM_RUSER,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	537 /// The prompt shown when requesting a username.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	538 UserPrompt = libpam_sys::PAM_USER_PROMPT,
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	539 #[cfg(feature = "linux-pam-ext")]
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	540 /// App-supplied function to override failure delays.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	541 FailDelay = libpam_sys::PAM_FAIL_DELAY,
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	542 #[cfg(feature = "linux-pam-ext")]
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	543 /// X display name.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	544 XDisplay = libpam_sys::PAM_XDISPLAY,
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	545 #[cfg(feature = "linux-pam-ext")]
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	546 /// X server authentication data.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	547 XAuthData = libpam_sys::PAM_XAUTHDATA,
141 a508a69c068a Remove a lot of Results from functions. Paul Fisher <paul@pfish.zone> parents: 134 diff changeset	548 #[cfg(feature = "linux-pam-ext")]
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	549 /// The type of `pam_get_authtok`.
171 e27c5c667a5a Create full new types for return code and flags, separate end to end. Paul Fisher <paul@pfish.zone> parents: 169 diff changeset	550 AuthTokType = libpam_sys::PAM_AUTHTOK_TYPE,
73 ac6881304c78 Do conversations, along with way too much stuff. Paul Fisher <paul@pfish.zone> parents: diff changeset	551 }

Mercurial > crates > nonstick

annotate src/libpam/handle.rs @ 171:e27c5c667a5a