Mercurial > crates > nonstick
comparison src/pam_ffi/mod.rs @ 73:ac6881304c78
Do conversations, along with way too much stuff.
This implements conversations, along with all the memory management
brouhaha that goes along with it. The conversation now lives directly
on the handle rather than being a thing you have to get from it
and then call manually. It Turns Out this makes things a lot easier!
I guess we reorganized things again. For the last time. For real.
I promise.
This all passes ASAN, so it seems Pretty Good!
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Thu, 05 Jun 2025 03:41:38 -0400 |
| parents | 47eb242a4f88 |
| children | c7c596e6388f |
comparison
equal
deleted
inserted
replaced
| 72:47eb242a4f88 | 73:ac6881304c78 |
|---|---|
| 7 //! Everything in here is hazmat. | 7 //! Everything in here is hazmat. |
| 8 //! | 8 //! |
| 9 | 9 |
| 10 #![allow(dead_code)] | 10 #![allow(dead_code)] |
| 11 | 11 |
| 12 pub mod memory; | 12 mod conversation; |
| 13 mod handle; | |
| 14 mod memory; | |
| 13 mod message; | 15 mod message; |
| 14 mod response; | 16 mod response; |
| 15 | 17 |
| 16 use crate::pam_ffi::memory::Immovable; | 18 pub use handle::{LibPamHandle, OwnedLibPamHandle}; |
| 17 use crate::pam_ffi::message::OwnedMessages; | |
| 18 #[doc(inline)] | |
| 19 pub use message::Message; | |
| 20 #[doc(inline)] | |
| 21 pub use response::RawResponse; | |
| 22 use std::ffi::{c_char, c_int, c_void}; | 19 use std::ffi::{c_char, c_int, c_void}; |
| 23 | |
| 24 /// An opaque structure that a PAM handle points to. | |
| 25 #[repr(C)] | |
| 26 pub struct LibPamHandle { | |
| 27 _data: (), | |
| 28 _marker: Immovable, | |
| 29 } | |
| 30 | |
| 31 /// An opaque structure that is passed through PAM in a conversation. | |
| 32 #[repr(C)] | |
| 33 pub struct AppData { | |
| 34 _data: (), | |
| 35 _marker: Immovable, | |
| 36 } | |
| 37 | |
| 38 /// The callback that PAM uses to get information in a conversation. | |
| 39 /// | |
| 40 /// - `num_msg` is the number of messages in the `pam_message` array. | |
| 41 /// - `messages` is a pointer to the messages being sent to the user. | |
| 42 /// For details about its structure, see the documentation of | |
| 43 /// [`OwnedMessages`](super::OwnedMessages). | |
| 44 /// - `responses` is a pointer to an array of [`RawResponse`]s, | |
| 45 /// which PAM sets in response to a module's request. | |
| 46 /// This is an array of structs, not an array of pointers to a struct. | |
| 47 /// There should always be exactly as many `responses` as `num_msg`. | |
| 48 /// - `appdata` is the `appdata` field of the [`LibPamConversation`] we were passed. | |
| 49 pub type ConversationCallback = extern "C" fn( | |
| 50 num_msg: c_int, | |
| 51 messages: &OwnedMessages, | |
| 52 responses: &mut *mut RawResponse, | |
| 53 appdata: *const AppData, | |
| 54 ) -> c_int; | |
| 55 | |
| 56 /// The type used by libpam to call back into a conversation. | |
| 57 #[repr(C)] | |
| 58 pub struct LibPamConversation { | |
| 59 /// The function that is called to get information from the user. | |
| 60 callback: ConversationCallback, | |
| 61 /// The pointer that will be passed as the last parameter | |
| 62 /// to the conversation callback. | |
| 63 appdata: *const AppData, | |
| 64 } | |
| 65 | 20 |
| 66 #[link(name = "pam")] | 21 #[link(name = "pam")] |
| 67 extern "C" { | 22 extern "C" { |
| 68 pub fn pam_get_data( | 23 fn pam_get_data( |
| 69 pamh: *const LibPamHandle, | 24 pamh: *mut LibPamHandle, |
| 70 module_data_name: *const c_char, | 25 module_data_name: *const c_char, |
| 71 data: &mut *const c_void, | 26 data: &mut *const c_void, |
| 72 ) -> c_int; | 27 ) -> c_int; |
| 73 | 28 |
| 74 pub fn pam_set_data( | 29 fn pam_set_data( |
| 75 pamh: *mut LibPamHandle, | 30 pamh: *mut LibPamHandle, |
| 76 module_data_name: *const c_char, | 31 module_data_name: *const c_char, |
| 77 data: *const c_void, | 32 data: *const c_void, |
| 78 cleanup: extern "C" fn(pamh: *const c_void, data: *mut c_void, error_status: c_int), | 33 cleanup: extern "C" fn(pamh: *const c_void, data: *mut c_void, error_status: c_int), |
| 79 ) -> c_int; | 34 ) -> c_int; |
| 80 | 35 |
| 81 pub fn pam_get_item( | 36 fn pam_get_item(pamh: *mut LibPamHandle, item_type: c_int, item: &mut *const c_void) -> c_int; |
| 82 pamh: *mut LibPamHandle, | |
| 83 item_type: c_int, | |
| 84 item: &mut *const c_void, | |
| 85 ) -> c_int; | |
| 86 | 37 |
| 87 pub fn pam_set_item(pamh: *mut LibPamHandle, item_type: c_int, item: *const c_void) -> c_int; | 38 fn pam_set_item(pamh: *mut LibPamHandle, item_type: c_int, item: *const c_void) -> c_int; |
| 88 | 39 |
| 89 pub fn pam_get_user( | 40 fn pam_get_user( |
| 90 pamh: *mut LibPamHandle, | 41 pamh: *mut LibPamHandle, |
| 91 user: &mut *const c_char, | 42 user: &mut *const c_char, |
| 92 prompt: *const c_char, | 43 prompt: *const c_char, |
| 93 ) -> c_int; | 44 ) -> c_int; |
| 94 | 45 |
| 95 pub fn pam_get_authtok( | 46 fn pam_get_authtok( |
| 96 pamh: *mut LibPamHandle, | 47 pamh: *mut LibPamHandle, |
| 97 item_type: c_int, | 48 item_type: c_int, |
| 98 data: &mut *const c_char, | 49 data: &mut *const c_char, |
| 99 prompt: *const c_char, | 50 prompt: *const c_char, |
| 100 ) -> c_int; | 51 ) -> c_int; |
| 101 | 52 |
| 102 pub fn pam_end(pamh: *mut LibPamHandle, status: c_int) -> c_int; | 53 fn pam_end(pamh: *mut LibPamHandle, status: c_int) -> c_int; |
| 54 | |
| 55 // TODO: pam_authenticate - app | |
| 56 // pam_setcred - app | |
| 57 // pam_acct_mgmt - app | |
| 58 // pam_chauthtok - app | |
| 59 // pam_open_session - app | |
| 60 // pam_close_session - app | |
| 61 // pam_putenv - shared | |
| 62 // pam_getenv - shared | |
| 63 // pam_getenvlist - shared | |
| 103 } | 64 } |