Mercurial > crates > nonstick
comparison src/libpam/pam_ffi.rs @ 101:94b51fa4f797
Fix memory soundness issues:
- Ensure Questions are pinned in memory when sending them through PAM.
- Hold on to the PAM conversation struct after we build it.
(Linux-PAM is leninent about this and copies the pam_conv structure.)
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Tue, 24 Jun 2025 17:54:33 -0400 |
| parents | b87100c5eed4 |
| children | 94eb11cb1798 |
comparison
equal
deleted
inserted
replaced
| 100:3f11b8d30f63 | 101:94b51fa4f797 |
|---|---|
| 55 /// | 55 /// |
| 56 /// For most requests, this will be an owned [`CStr`], | 56 /// For most requests, this will be an owned [`CStr`], |
| 57 /// but for requests with style `PAM_BINARY_PROMPT`, | 57 /// but for requests with style `PAM_BINARY_PROMPT`, |
| 58 /// this will be `CBinaryData` (a Linux-PAM extension). | 58 /// this will be `CBinaryData` (a Linux-PAM extension). |
| 59 pub data: Option<CHeapBox<c_void>>, | 59 pub data: Option<CHeapBox<c_void>>, |
| 60 pub _marker: Immovable, | |
| 61 } | 60 } |
| 62 | 61 |
| 63 /// The callback that PAM uses to get information in a conversation. | 62 /// The callback that PAM uses to get information in a conversation. |
| 64 /// | 63 /// |
| 65 /// - `num_msg` is the number of messages in the `questions` array. | 64 /// - `num_msg` is the number of messages in the `questions` array. |
| 84 /// The function that is called to get information from the user. | 83 /// The function that is called to get information from the user. |
| 85 pub callback: ConversationCallback, | 84 pub callback: ConversationCallback, |
| 86 /// The pointer that will be passed as the last parameter | 85 /// The pointer that will be passed as the last parameter |
| 87 /// to the conversation callback. | 86 /// to the conversation callback. |
| 88 pub appdata: *const AppData, | 87 pub appdata: *const AppData, |
| 88 /// Marker to associate the lifetime of this with the conversation | |
| 89 /// that was passed in. | |
| 89 pub life: PhantomData<&'a mut ()>, | 90 pub life: PhantomData<&'a mut ()>, |
| 90 pub _marker: Immovable, | |
| 91 } | 91 } |
| 92 | 92 |
| 93 /// Gets a string version of an error message. | 93 /// Gets a string version of an error message. |
| 94 pub fn strerror(code: c_uint) -> Option<&'static str> { | 94 pub fn strerror(code: c_uint) -> Option<&'static str> { |
| 95 // SAFETY: Every single PAM implementation I can find (Linux-PAM, OpenPAM, | 95 // SAFETY: Every single PAM implementation I can find (Linux-PAM, OpenPAM, |