crates/nonstick: src/handle.rs comparison

comparison src/handle.rs @ 70:9f8381a1c09c

Implement low-level conversation primitives. This change does two primary things: 1. Introduces new Conversation traits, to be implemented both by the library and by PAM client applications. 2. Builds the memory-management infrastructure for passing messages through the conversation. ...and it adds tests for both of the above, including ASAN tests.

author	Paul Fisher <paul@pfish.zone>
date	Tue, 03 Jun 2025 01:21:59 -0400
parents	8f3ae0c7ab92
children	58f9d2a4df38

comparison

equal deleted inserted replaced

-:8f3ae0c7ab92
+:9f8381a1c09c
 ///
 /// # Example
 ///
 /// ```no_run
 /// # use nonstick::PamHandle;
-/// # fn _doc(handle: &impl PamHandle) -> Result<(), Box<dyn std::error::Error>> {
+/// # fn _doc(handle: &mut impl PamHandle) -> Result<(), Box<dyn std::error::Error>> {
 /// // Get the username using the default prompt.
 /// let user = handle.get_user(None)?;
 /// // Get the username using a custom prompt.
 /// let user = handle.get_user(Some("who ARE you even???"))?;
 /// # Ok(())
 /// # }
 /// ```
 ///
 /// [man]: https://www.man7.org/linux/man-pages/man3/pam_get_user.3.html
 /// [mwg]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/mwg-expected-by-module-item.html#mwg-pam_get_user
-fn get_user(&self, prompt: Option<&str>) -> Result<String>;
+fn get_user(&mut self, prompt: Option<&str>) -> Result<String>;
 /// Retrieves the authentication token from the user.
 ///
 /// This is essentially like `handle.get_item::<Item::AuthTok>()`.
 ///
 ///
 /// # Example
 ///
 /// ```no_run
 /// # use nonstick::PamHandle;
-/// # fn _doc(handle: &impl PamHandle) -> Result<(), Box<dyn std::error::Error>> {
+/// # fn _doc(handle: &mut impl PamHandle) -> Result<(), Box<dyn std::error::Error>> {
 /// // Get the user's password using the default prompt.
 /// let pass = handle.get_authtok(None)?;
 /// // Get the user's password using a custom prompt.
 /// let pass = handle.get_authtok(Some("Reveal your secrets!"))?;
 /// Ok(())
 /// # }
 /// ```
 ///
 /// [man]: https://www.man7.org/linux/man-pages/man3/pam_get_authtok.3.html
 /// [mwg]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/mwg-expected-by-module-item.html#mwg-pam_get_item
-fn get_authtok(&self, prompt: Option<&str>) -> Result<SecureString>;
+fn get_authtok(&mut self, prompt: Option<&str>) -> Result<SecureString>;
 /// Retrieves an [Item] that has been set, possibly by the PAM client.
 ///
 /// These items are *references to PAM memory*
 /// which are *owned by the PAM session*
 ///
 /// ```no_run
 /// # use nonstick::PamHandle;
 /// use nonstick::items::Service;
 ///
-/// # fn _doc(pam_handle: &impl PamHandle) -> Result<(), Box<dyn std::error::Error>> {
+/// # fn _doc(pam_handle: &mut impl PamHandle) -> Result<(), Box<dyn std::error::Error>> {
 /// let svc: Option<Service> = pam_handle.get_item()?;
 /// match svc {
 ///     Some(name) => eprintln!("The calling service name is {:?}", name.to_string_lossy()),
 ///     None => eprintln!("Who knows what the calling service is?"),
 /// }
 /// # }
 /// ```
 ///
 /// [man]: https://www.man7.org/linux/man-pages/man3/pam_get_item.3.html
 /// [mwg]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/mwg-expected-by-module-item.html#mwg-pam_get_item
-fn get_item<T: Item>(&self) -> Result<Option<T>>;
+fn get_item<T: Item>(&mut self) -> Result<Option<T>>;
 /// Sets an item in the PAM context. It can be retrieved using [`get_item`](Self::get_item).
 ///
 /// See the [`pam_set_item` manual page][man]
 /// or [`pam_set_item` in the Module Writer's Guide][mwg].
 /// otherwise you'll get back a completely invalid `&T`
 /// and further behavior is undefined.
 ///
 /// [man]: https://www.man7.org/linux/man-pages/man3/pam_get_data.3.html
 /// [mwg]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/mwg-expected-by-module-item.html#mwg-pam_get_data
-unsafe fn get_data<T>(&self, key: &str) -> Result<Option<&T>>;
+unsafe fn get_data<T>(&mut self, key: &str) -> Result<Option<&T>>;
 /// Stores a pointer that can be retrieved later with [`get_data`](Self::get_data).
 ///
 /// This data is accessible to this module and other PAM modules
 /// (using the provided `key`), but is *not* accessible to the application.
 }
 }
 }
 impl PamHandle for LibPamHandle {
-fn get_user(&self, prompt: Option<&str>) -> crate::Result<String> {
+fn get_user(&mut self, prompt: Option<&str>) -> crate::Result<String> {
 let prompt = memory::option_cstr(prompt)?;
 let mut output: *const c_char = std::ptr::null_mut();
 let ret = unsafe {
 pam_ffi::pam_get_user(&self.0, &mut output, memory::prompt_ptr(prompt.as_ref()))
 };
 ErrorCode::result_from(ret)?;
 memory::copy_pam_string(output)
 }
-fn get_authtok(&self, prompt: Option<&str>) -> crate::Result<SecureString> {
+fn get_authtok(&mut self, prompt: Option<&str>) -> crate::Result<SecureString> {
 let prompt = memory::option_cstr(prompt)?;
 let mut output: *const c_char = std::ptr::null_mut();
 let res = unsafe {
 pam_ffi::pam_get_authtok(
 &self.0,
 };
 ErrorCode::result_from(res)?;
 memory::copy_pam_string(output).map(SecureString::from)
 }
-fn get_item<T: Item>(&self) -> crate::Result<Option<T>> {
+fn get_item<T: Item>(&mut self) -> crate::Result<Option<T>> {
 let mut ptr: *const libc::c_void = std::ptr::null();
 let out = unsafe {
 let ret = pam_ffi::pam_get_item(&self.0, T::type_id().into(), &mut ptr);
 ErrorCode::result_from(ret)?;
 let typed_ptr: *const T::Raw = ptr.cast();
 ErrorCode::result_from(result)
 }
 }
 impl PamModuleHandle for LibPamHandle {
-unsafe fn get_data<T>(&self, key: &str) -> crate::Result<Option<&T>> {
+unsafe fn get_data<T>(&mut self, key: &str) -> crate::Result<Option<&T>> {
 let c_key = CString::new(key).map_err(|_| ErrorCode::ConversationError)?;
 let mut ptr: *const libc::c_void = std::ptr::null();
 ErrorCode::result_from(pam_ffi::pam_get_data(&self.0, c_key.as_ptr(), &mut ptr))?;
 match ptr.is_null() {
 true => Ok(None),

Mercurial > crates > nonstick

comparison src/handle.rs @ 70:9f8381a1c09c