Mercurial > crates > nonstick

comparison libpam-sys/libpam-sys-consts/src/constants.rs @ 148:4b3a5095f68c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Move libpam-sys helpers into their own library. - Renames libpam-sys-helpers to libpam-sys-consts. - Moves libpam-sys-helpers::helpers into libpam-sys-helpers, which moves them completely out of libpam-sys's dependency chain. - Moves the aliases from libpam-sys into libpam-sys::aliases.
author Paul Fisher <paul@pfish.zone>
date Mon, 07 Jul 2025 12:11:43 -0400
parents libpam-sys/libpam-sys-helpers/src/constants.rs@999bf07efbcb
children
comparison
equal deleted inserted replaced
147:4d7333337569 148:4b3a5095f68c
1 //! All of `libpam`'s constants.
2 //!
3 //! These constants are tested on a per-platform basis by `libpam-sys-test`'s
4 //! `test_constants.rs`.
5
6 #![allow(non_camel_case_types)]
7
8 /// Macro to make defining a bunch of constants way easier.
9 macro_rules! define {
10 ($(#[$attr:meta])* $($name:ident = $value:expr);+$(;)?) => {
11 define!(
12 @meta { $(#[$attr])* }
13 $(pub const $name: i32 = $value;)+
14 );
15 };
16 (@meta $m:tt $($i:item)+) => { define!(@expand $($m $i)+); };
17 (@expand $({ $(#[$m:meta])* } $i:item)+) => {$($(#[$m])* $i)+};
18 }
19
20 /// Macro to make defining C-style enums way easier.
21 macro_rules! c_enum {
22 ($(#[$attr:meta])* $($name:ident $(= $value:expr)?,)*) => {
23 c_enum!(
24 (0)
25 $(#[$attr])*
26 $($name $(= $value)?,)*
27 );
28 };
29 (($n:expr) $(#[$attr:meta])* $name:ident, $($rest:ident $(= $rv:expr)?,)*) => {
30 $(#[$attr])* pub const $name: i32 = $n;
31 c_enum!(($n + 1) $(#[$attr])* $($rest $(= $rv)?,)*);
32 };
33 (($n:expr) $(#[$attr:meta])* $name:ident = $value:expr, $($rest:ident $(= $rv:expr)?,)*) => {
34 $(#[$attr])* pub const $name: i32 = $value;
35 c_enum!(($value + 1) $(#[$attr])* $($rest $(= $rv)?,)*);
36 };
37 (($n:expr) $(#[$attr:meta])*) => {};
38 }
39
40 // There are a few truly universal constants.
41 // They are defined here directly.
42 /// The successful return code.
43 pub const PAM_SUCCESS: i32 = 0;
44
45 c_enum!(
46 /// An item type.
47 PAM_SERVICE = 1,
48 PAM_USER,
49 PAM_TTY,
50 PAM_RHOST,
51 PAM_CONV,
52 PAM_AUTHTOK,
53 PAM_OLDAUTHTOK,
54 PAM_RUSER,
55 PAM_USER_PROMPT,
56 );
57
58 c_enum!(
59 /// A message style.
60 PAM_PROMPT_ECHO_OFF = 1,
61 PAM_PROMPT_ECHO_ON,
62 PAM_ERROR_MSG,
63 PAM_TEXT_INFO,
64 );
65
66 define!(
67 /// Maximum size of PAM conversation elements (suggested).
68 PAM_MAX_NUM_MSG = 32;
69 PAM_MAX_MSG_SIZE = 512;
70 PAM_MAX_RESP_SIZE = 512;
71 );
72
73 #[cfg(pam_impl = "LinuxPam")]
74 pub use linux_pam::*;
75 #[cfg(pam_impl = "LinuxPam")]
76 mod linux_pam {
77 c_enum!(
78 /// An error return code.
79 PAM_OPEN_ERR = 1,
80 PAM_SYMBOL_ERR,
81 PAM_SERVICE_ERR,
82 PAM_SYSTEM_ERR,
83 PAM_BUF_ERR,
84 PAM_PERM_DENIED,
85 PAM_AUTH_ERR,
86 PAM_CRED_INSUFFICIENT,
87 PAM_AUTHINFO_UNAVAIL,
88 PAM_USER_UNKNOWN,
89 PAM_MAXTRIES,
90 PAM_NEW_AUTHTOK_REQD,
91 PAM_ACCT_EXPIRED,
92 PAM_SESSION_ERR,
93 PAM_CRED_UNAVAIL,
94 PAM_CRED_EXPIRED,
95 PAM_CRED_ERR,
96 PAM_NO_MODULE_DATA,
97 PAM_CONV_ERR,
98 PAM_AUTHTOK_ERR,
99 PAM_AUTHTOK_RECOVERY_ERR,
100 PAM_AUTHTOK_LOCK_BUSY,
101 PAM_AUTHTOK_DISABLE_AGING,
102 PAM_TRY_AGAIN,
103 PAM_IGNORE,
104 PAM_ABORT,
105 PAM_AUTHTOK_EXPIRED,
106 PAM_MODULE_UNKNOWN,
107 PAM_BAD_ITEM,
108 PAM_CONV_AGAIN,
109 PAM_INCOMPLETE,
110 _PAM_RETURN_VALUES,
111 );
112
113 define!(
114 /// A flag value.
115 PAM_SILENT = 0x8000;
116 PAM_DISALLOW_NULL_AUTHTOK = 0x0001;
117 PAM_ESTABLISH_CRED = 0x0002;
118 PAM_DELETE_CRED = 0x0004;
119 PAM_REINITIALIZE_CRED = 0x0008;
120 PAM_REFRESH_CRED = 0x0010;
121
122 PAM_CHANGE_EXPIRED_AUTHTOK = 0x0020;
123
124 PAM_PRELIM_CHECK = 0x4000;
125 PAM_UPDATE_AUTHTOK = 0x2000;
126 PAM_DATA_REPLACE = 0x20000000;
127 );
128
129 c_enum!(
130 /// An item type (Linux-only).
131 PAM_FAIL_DELAY = 10,
132 PAM_XDISPLAY,
133 PAM_XAUTHDATA,
134 PAM_AUTHTOK_TYPE,
135 );
136
137 /// To suppress messages in the item cleanup function.
138 pub const PAM_DATA_SILENT: i32 = 0x40000000;
139
140 // Message styles
141 define!(
142 /// A message style.
143 PAM_RADIO_TYPE = 5;
144 PAM_BINARY_PROMPT = 7;
145 );
146
147 pub const PAM_MODUTIL_NGROUPS: i32 = 64;
148
149 #[derive(Copy, Clone, Debug, PartialEq, Eq)]
150 #[repr(i32)]
151 pub enum pam_modutil_redirect_fd {
152 PAM_MODUTIL_IGNORE_FD,
153 PAM_MODUTIL_PIPE_FD,
154 PAM_MODUTIL_NULL_FD,
155 }
156
157 impl From<pam_modutil_redirect_fd> for i32 {
158 fn from(value: pam_modutil_redirect_fd) -> Self {
159 value as Self
160 }
161 }
162
163 impl TryFrom<i32> for pam_modutil_redirect_fd {
164 type Error = i32;
165 fn try_from(value: i32) -> Result<Self, Self::Error> {
166 match value {
167 0..=2 => Ok(unsafe { *(&value as *const i32).cast() }),
168 other => Err(other),
169 }
170 }
171 }
172
173 pub use pam_modutil_redirect_fd::*;
174 }
175
176 #[cfg(any(pam_impl = "OpenPam", pam_impl = "Sun", pam_impl = "XSso"))]
177 pub use xsso_shared::*;
178 #[cfg(any(pam_impl = "OpenPam", pam_impl = "Sun", pam_impl = "XSso"))]
179 mod xsso_shared {
180 c_enum!(
181 /// An error return code.
182 PAM_OPEN_ERR = 1,
183 PAM_SYMBOL_ERR,
184 PAM_SERVICE_ERR,
185 PAM_SYSTEM_ERR,
186 PAM_BUF_ERR,
187 PAM_CONV_ERR,
188 PAM_PERM_DENIED,
189 PAM_MAXTRIES,
190 PAM_AUTH_ERR,
191 PAM_NEW_AUTHTOK_REQD,
192 PAM_CRED_INSUFFICIENT,
193 PAM_AUTHINFO_UNAVAIL,
194 PAM_USER_UNKNOWN,
195 PAM_CRED_UNAVAIL,
196 PAM_CRED_EXPIRED,
197 PAM_CRED_ERR,
198 PAM_ACCT_EXPIRED,
199 PAM_AUTHTOK_EXPIRED,
200 PAM_SESSION_ERR,
201 PAM_AUTHTOK_ERR,
202 PAM_AUTHTOK_RECOVERY_ERR,
203 PAM_AUTHTOK_LOCK_BUSY,
204 PAM_AUTHTOK_DISABLE_AGING,
205 PAM_NO_MODULE_DATA,
206 PAM_IGNORE,
207 PAM_ABORT,
208 PAM_TRY_AGAIN,
209 );
210 // While `PAM_MODULE_UNKNOWN` and `PAM_DOMAIN_UNKNOWN` are in X/SSO,
211 // Sun doesn't use them so we're omitting them here.
212
213 /// A general flag for PAM operations.
214 pub const PAM_SILENT: i32 = 0x80000000u32 as i32;
215
216 /// A flag for `pam_authenticate`.
217 pub const PAM_DISALLOW_NULL_AUTHTOK: i32 = 0b1;
218
219 define!(
220 /// A flag for `pam_setcred`.
221 PAM_ESTABLISH_CRED = 0b0001;
222 PAM_DELETE_CRED = 0b0010;
223 PAM_REINITIALIZE_CRED = 0b0100;
224 PAM_REFRESH_CRED = 0b1000;
225 );
226
227 define!(
228 /// A flag for `pam_sm_chauthtok`.
229 PAM_PRELIM_CHECK = 0b0001;
230 PAM_UPDATE_AUTHTOK = 0b0010;
231 PAM_CHANGE_EXPIRED_AUTHTOK = 0b0100;
232 );
233 }
234
235 #[cfg(pam_impl = "OpenPam")]
236 pub use openpam::*;
237 #[cfg(pam_impl = "OpenPam")]
238 mod openpam {
239 c_enum!(
240 /// An error return code.
241 PAM_MODULE_UNKNOWN = 28,
242 PAM_DOMAIN_UNKNOWN,
243 PAM_BAD_HANDLE,
244 PAM_BAD_ITEM,
245 PAM_BAD_FEATURE,
246 PAM_BAD_CONSTANT,
247 );
248 /// The total number of PAM error codes (including success).
249 pub const PAM_NUM_ERRORS: i32 = 34;
250
251 c_enum!(
252 /// An item type.
253 PAM_REPOSITORY = 10,
254 PAM_AUTHTOK_PROMPT,
255 PAM_OLDAUTHTOK_PROMPT,
256 PAM_HOST,
257 );
258 /// The total number of PAM items.
259 pub const PAM_NUM_ITEMS: i32 = 14;
260
261 c_enum!(
262 /// An optional OpenPAM feature.
263 OPENPAM_RESTRICT_SERVICE_NAME,
264 OPENPAM_VERIFY_POLICY_FILE,
265 OPENPAM_RESTRICT_MODULE_NAME,
266 OPENPAM_VERIFY_MODULE_FILE,
267 OPENPAM_FALLBACK_TO_OTHER,
268 );
269 /// The number of optional OpenPAM features.
270 pub const OPENPAM_NUM_FEATURES: i32 = 5;
271
272 c_enum!(
273 /// Log level.
274 PAM_LOG_LIBDEBUG = -1,
275 PAM_LOG_DEBUG,
276 PAM_LOG_VERBOSE,
277 PAM_LOG_NOTICE,
278 PAM_LOG_ERROR,
279 );
280
281 c_enum!(
282 /// PAM primitives.
283 PAM_SM_AUTHENTICATE,
284 PAM_SM_SETCRED,
285 PAM_SM_ACCT_MGMT,
286 PAM_SM_OPEN_SESSION,
287 PAM_SM_CLOSE_SESSION,
288 PAM_SM_CHAUTHTOK,
289 );
290 /// The number of PAM primitives.
291 pub const PAM_NUM_PRIMITIVES: i32 = 6;
292 }
293
294 /// Constants exclusive to Illumos.
295 #[cfg(pam_impl = "Sun")]
296 pub use sun::*;
297 #[cfg(pam_impl = "Sun")]
298 mod sun {
299 /// The total number of PAM error codes.
300 pub const PAM_TOTAL_ERRNUM: i32 = 28;
301
302 c_enum!(
303 /// An item type.
304 PAM_REPOSITORY = 10,
305 PAM_RESOURCE,
306 PAM_AUSER,
307 );
308
309 /// A flag for `pam_chauthtok`.
310 pub const PAM_NO_AUTHTOK_CHECK: i32 = 0b1000;
311
312 define!(
313 /// A flag for `__pam_get_authtok`.
314 PAM_PROMPT = 1;
315 PAM_HANDLE = 2;
316 );
317 }