Mercurial > crates > nonstick
annotate src/libpam/module.rs @ 171:e27c5c667a5a
Create full new types for return code and flags, separate end to end.
This plumbs the ReturnCode and RawFlags types through the places where
we call into or are called from PAM.
Also adds Sun documentation to the project.
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Fri, 25 Jul 2025 20:52:14 -0400 |
| parents | 2f5913131295 |
| children | 6727cbe56f4a |
| rev | line source |
|---|---|
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
1 use crate::constants::{ErrorCode, RawFlags, Result}; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
2 use crate::libpam::handle::LibPamHandle; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
3 use crate::module::PamModule; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
4 use crate::{AuthnFlags, AuthtokAction, BaseFlags, CredAction}; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
5 use std::ffi::{c_char, c_int, c_void, CStr}; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
6 |
|
78
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
7 /// Generates the dynamic library entry points for a PAM module |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
8 /// |
|
78
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
9 /// Calling `pam_hooks!(SomeType)` on a type that implements |
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
10 /// [`PamModule`] will generate the exported |
|
78
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
11 /// `extern "C"` functions that PAM uses to call into your module. |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
12 /// |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
13 /// ## Examples: |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
14 /// |
|
78
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
15 /// Here is full example of a PAM module that would authenticate |
|
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
16 /// and authorize everybody: |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
17 /// |
|
77
351bdc13005e
Update the libpam module to work with the new structure.
Paul Fisher <paul@pfish.zone>
parents:
75
diff
changeset
|
18 /// ```no_run |
|
78
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
19 /// use nonstick::{ |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
20 /// pam_hooks, ConversationAdapter, AuthnFlags, LibPamTransaction, ModuleClient, PamModule, |
|
103
dfcd96a74ac4
write a truly prodigious amount of documentation
Paul Fisher <paul@pfish.zone>
parents:
96
diff
changeset
|
21 /// Result as PamResult, |
|
78
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
22 /// }; |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
23 /// use std::ffi::CStr; |
|
64
bbe84835d6db
More organization; add lots of docs.
Paul Fisher <paul@pfish.zone>
parents:
60
diff
changeset
|
24 /// # fn main() {} |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
25 /// |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
26 /// struct MyPamModule; |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
27 /// pam_hooks!(MyPamModule); |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
28 /// |
|
146
1bc52025156b
Split PAM items into their own separate struct.
Paul Fisher <paul@pfish.zone>
parents:
144
diff
changeset
|
29 /// impl<T: ModuleClient> PamModule<T> for MyPamModule { |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
30 /// fn authenticate(handle: &mut T, args: Vec<&CStr>, flags: AuthnFlags) -> PamResult<()> { |
|
143
ebb71a412b58
Turn everything into OsString and Just Walk Out! for strings with nul.
Paul Fisher <paul@pfish.zone>
parents:
141
diff
changeset
|
31 /// let password = handle.authtok(Some("what's your password?".as_ref()))?; |
|
78
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
32 /// let response = |
|
002adfb98c5c
Rename files, reorder structs, remove annoying BorrowedBinaryData type.
Paul Fisher <paul@pfish.zone>
parents:
77
diff
changeset
|
33 /// format!("If you say your password is {password:?}, who am I to disagree?"); |
|
77
351bdc13005e
Update the libpam module to work with the new structure.
Paul Fisher <paul@pfish.zone>
parents:
75
diff
changeset
|
34 /// handle.info_msg(&response); |
|
351bdc13005e
Update the libpam module to work with the new structure.
Paul Fisher <paul@pfish.zone>
parents:
75
diff
changeset
|
35 /// Ok(()) |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
36 /// } |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
37 /// |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
38 /// fn account_management(handle: &mut T, args: Vec<&CStr>, flags: AuthnFlags) -> PamResult<()> { |
|
90
f6186e41399b
Miscellaneous fixes and cleanup:
Paul Fisher <paul@pfish.zone>
parents:
78
diff
changeset
|
39 /// let username = handle.username(None)?; |
|
143
ebb71a412b58
Turn everything into OsString and Just Walk Out! for strings with nul.
Paul Fisher <paul@pfish.zone>
parents:
141
diff
changeset
|
40 /// let response = format!("Hello {username:?}! I trust you unconditionally."); |
|
77
351bdc13005e
Update the libpam module to work with the new structure.
Paul Fisher <paul@pfish.zone>
parents:
75
diff
changeset
|
41 /// handle.info_msg(&response); |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
42 /// Ok(()) |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
43 /// } |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
44 /// } |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
45 /// ``` |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
46 #[macro_export] |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
47 macro_rules! pam_hooks { |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
48 ($ident:ident) => { |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
49 mod _pam_hooks_scope { |
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
50 use std::ffi::{c_char, c_int, c_void}; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
51 use $crate::ModuleExporter; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
52 use $crate::constants::{RawFlags, ReturnCode}; |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
53 |
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
54 macro_rules! export { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
55 ($func:ident) => { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
56 #[no_mangle] |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
57 unsafe extern "C" fn $func( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
58 pamh: *mut c_void, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
59 flags: RawFlags, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
60 argc: c_int, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
61 argv: *const *const c_char, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
62 ) -> c_int { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
63 let ret: ReturnCode = ModuleExporter::$func::<super::$ident>( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
64 pamh, flags, argc, argv |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
65 ).into(); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
66 ret.into() |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
67 } |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
68 }; |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
69 } |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
70 |
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
71 export!(pam_sm_acct_mgmt); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
72 export!(pam_sm_authenticate); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
73 export!(pam_sm_chauthtok); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
74 export!(pam_sm_close_session); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
75 export!(pam_sm_open_session); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
76 export!(pam_sm_setcred); |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
77 } |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
78 }; |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
79 } |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
80 |
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
81 #[doc(hidden)] |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
82 pub struct ModuleExporter; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
83 |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
84 // All of the below are only intended to be called directly from C. |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
85 #[allow(clippy::missing_safety_doc)] |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
86 impl ModuleExporter { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
87 pub unsafe fn pam_sm_acct_mgmt<M: PamModule<LibPamHandle>>( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
88 pamh: *mut c_void, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
89 flags: RawFlags, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
90 argc: c_int, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
91 argv: *const *const c_char, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
92 ) -> Result<()> { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
93 let handle = wrap(pamh)?; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
94 let args = extract_argv(argc, argv); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
95 M::account_management(handle, args, AuthnFlags::from(flags)) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
96 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
97 |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
98 pub unsafe fn pam_sm_authenticate<M: PamModule<LibPamHandle>>( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
99 pamh: *mut c_void, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
100 flags: RawFlags, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
101 argc: c_int, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
102 argv: *const *const c_char, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
103 ) -> Result<()> { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
104 let handle = wrap(pamh)?; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
105 let args = extract_argv(argc, argv); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
106 M::authenticate(handle, args, AuthnFlags::from(flags)) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
107 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
108 |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
109 pub unsafe fn pam_sm_chauthtok<M: PamModule<LibPamHandle>>( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
110 pamh: *mut c_void, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
111 flags: RawFlags, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
112 argc: c_int, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
113 argv: *const *const c_char, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
114 ) -> Result<()> { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
115 let handle = wrap(pamh)?; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
116 let (action, flags) = AuthtokAction::extract(flags)?; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
117 let args = extract_argv(argc, argv); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
118 M::change_authtok(handle, args, action, flags) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
119 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
120 |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
121 pub unsafe fn pam_sm_close_session<M: PamModule<LibPamHandle>>( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
122 pamh: *mut c_void, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
123 flags: RawFlags, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
124 argc: c_int, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
125 argv: *const *const c_char, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
126 ) -> Result<()> { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
127 let handle = wrap(pamh)?; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
128 let args = extract_argv(argc, argv); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
129 M::close_session(handle, args, BaseFlags::from(flags)) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
130 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
131 |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
132 pub unsafe fn pam_sm_open_session<M: PamModule<LibPamHandle>>( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
133 pamh: *mut c_void, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
134 flags: RawFlags, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
135 argc: c_int, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
136 argv: *const *const c_char, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
137 ) -> Result<()> { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
138 let handle = wrap(pamh)?; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
139 let args = extract_argv(argc, argv); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
140 M::open_session(handle, args, BaseFlags::from(flags)) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
141 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
142 |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
143 pub unsafe fn pam_sm_setcred<M: PamModule<LibPamHandle>>( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
144 pamh: *mut c_void, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
145 flags: RawFlags, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
146 argc: c_int, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
147 argv: *const *const c_char, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
148 ) -> Result<()> { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
149 let handle = wrap(pamh)?; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
150 let (action, flags) = CredAction::extract(flags)?; |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
151 let args = extract_argv(argc, argv); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
152 M::set_credentials(handle, args, action, flags) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
153 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
154 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
155 |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
156 /// Turns `argc`/`argv` into a [Vec] of [CStr]s. |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
157 /// |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
158 /// # Safety |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
159 /// |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
160 /// We use this only with arguments we get from `libpam`, which we kind of have to trust. |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
161 unsafe fn extract_argv<'a>(argc: c_int, argv: *const *const c_char) -> Vec<&'a CStr> { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
162 (0..argc) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
163 .map(|o| unsafe { CStr::from_ptr(*argv.offset(o as isize) as *const c_char) }) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
164 .collect() |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
165 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
166 |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
167 /// Wraps the pointer in a PAM handle, or returns an error if it's null. |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
168 /// |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
169 /// # Safety |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
170 /// |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
171 /// It's up to you to pass a valid handle. |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
172 unsafe fn wrap<'a>(handle: *mut c_void) -> Result<&'a mut LibPamHandle> { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
173 handle.cast::<LibPamHandle>().as_mut().ok_or(ErrorCode::SystemError) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
174 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
175 |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
176 #[cfg(test)] |
|
71
58f9d2a4df38
Reorganize everything again???
Paul Fisher <paul@pfish.zone>
parents:
70
diff
changeset
|
177 mod tests { |
|
73
ac6881304c78
Do conversations, along with way too much stuff.
Paul Fisher <paul@pfish.zone>
parents:
72
diff
changeset
|
178 // Compile-time test that the `pam_hooks` macro compiles. |
|
146
1bc52025156b
Split PAM items into their own separate struct.
Paul Fisher <paul@pfish.zone>
parents:
144
diff
changeset
|
179 use crate::{ModuleClient, PamModule}; |
|
73
ac6881304c78
Do conversations, along with way too much stuff.
Paul Fisher <paul@pfish.zone>
parents:
72
diff
changeset
|
180 struct Foo; |
|
146
1bc52025156b
Split PAM items into their own separate struct.
Paul Fisher <paul@pfish.zone>
parents:
144
diff
changeset
|
181 impl<T: ModuleClient> PamModule<T> for Foo {} |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
182 |
|
73
ac6881304c78
Do conversations, along with way too much stuff.
Paul Fisher <paul@pfish.zone>
parents:
72
diff
changeset
|
183 pam_hooks!(Foo); |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
59
diff
changeset
|
184 } |