Mercurial > crates > nonstick

comparison libpam-sys/libpam-sys-impls/src/lib.rs @ 108:e97534be35e3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make some proc macros for doing cfg-like stuff for PAM impls.
author Paul Fisher <paul@pfish.zone>
date Sat, 28 Jun 2025 00:34:45 -0400
parents
children bb465393621f
comparison
equal deleted inserted replaced
107:49c6633f6fd2 108:e97534be35e3
1 use proc_macro as pm;
2 use proc_macro2::{Delimiter, Group, Literal, Span, TokenStream, TokenTree};
3 use quote::{format_ident, quote};
4 use std::fmt::Display;
5 use syn::Lit;
6
7 /// A `cfg`-like attribute macro for code specific to one PAM implementation.
8 ///
9 /// Different versions of PAM export different functions and have some
10 /// meaningful internal implementation differences, like the way `pam_conv`
11 /// is handled (see [the Linux-PAM man page for details][man7]).
12 ///
13 /// ```
14 /// # use libpam_sys_impls::cfg_pam_impl;
15 /// #[cfg_pam_impl("illumos")]
16 /// fn do_something() { /* illumos-only code */ }
17 ///
18 /// #[cfg_pam_impl(not("illumos"))]
19 /// fn do_something() { /* non-illumos code */ }
20 ///
21 /// #[cfg_pam_impl(any("linux-pam", "openpam"))]
22 /// fn do_something_else() { /* Linux-PAM or OpenPAM */ }
23 ///
24 /// #[cfg_pam_impl(not(any("illumos", "openpam")))]
25 /// fn do_a_third_thing() { /* Neither Illumos nor OpenPAM */ }
26 ///
27 /// #[cfg_pam_impl(any())]
28 /// fn this_will_never_build() { /* why would you do this? */ }
29 /// ```
30 ///
31 /// [man7]: https://man7.org/linux/man-pages/man3/pam_conv.3.html
32 #[proc_macro_attribute]
33 pub fn cfg_pam_impl(attr: pm::TokenStream, item: pm::TokenStream) -> pm::TokenStream {
34 eprintln!("Got TokenStream: {:?}", attr);
35 Predicate::parse(attr.into(), None)
36 .map(|p| {
37 if p.matches(pam_impl_str()) {
38 item
39 } else {
40 pm::TokenStream::new()
41 }
42 })
43 .unwrap_or_else(|e| syn::Error::from(e).into_compile_error().into())
44 }
45
46 #[derive(Debug)]
47 enum Error {
48 WithSpan(syn::Error),
49 WithoutSpan(String),
50 }
51
52 impl Error {
53 fn new<D: Display>(span: Option<Span>, msg: D) -> Self {
54 match span {
55 Some(span) => syn::Error::new(span, msg).into(),
56 None => Self::WithoutSpan(msg.to_string()),
57 }
58 }
59 }
60
61 impl From<syn::Error> for Error {
62 fn from(value: syn::Error) -> Self {
63 Self::WithSpan(value)
64 }
65 }
66
67 impl From<String> for Error {
68 fn from(value: String) -> Self {
69 Self::WithoutSpan(value)
70 }
71 }
72
73 impl From<Error> for syn::Error {
74 fn from(value: Error) -> Self {
75 match value {
76 Error::WithSpan(e) => e,
77 Error::WithoutSpan(s) => syn::Error::new(Span::call_site(), s),
78 }
79 }
80 }
81
82 type Result<T> = std::result::Result<T, Error>;
83
84 #[derive(Debug)]
85 enum Predicate {
86 Literal(String),
87 Any(Vec<String>),
88 Not(Box<Predicate>),
89 }
90
91 impl Predicate {
92 fn matches(&self, value: &str) -> bool {
93 match self {
94 Self::Literal(literal) => value == literal,
95 Self::Not(pred) => !pred.matches(value),
96 Self::Any(options) => {
97 options.iter().any(|s| s == value)
98 }
99 }
100 }
101
102 fn parse(stream: TokenStream, span: Option<Span>) -> Result<Self> {
103 let mut iter = stream.into_iter();
104 let pred = match iter.next() {
105 None => return error(span, "a PAM implementation predicate must be provided"),
106 Some(TokenTree::Literal(lit)) => Self::Literal(Self::string_lit(lit)?),
107 Some(TokenTree::Ident(id)) => {
108 let next = Self::parens(iter.next(), span)?;
109 match id.to_string().as_str() {
110 "not" => Self::Not(Box::new(Self::parse(next.stream(), Some(next.span()))?)),
111 "any" => Self::Any(Self::parse_any(next)?),
112 _ => return unexpected(&id.into(), "\"not\" or \"any\""),
113 }
114 }
115 Some(other) => return unexpected(&other, "\"not\", \"any\", or a string literal"),
116 };
117 // Check for anything after. We only allow a comma and nothing else.
118 if maybe_comma(iter.next())? {
119 if let Some(next) = iter.next() {
120 return unexpected(&next, "nothing");
121 }
122 }
123 Ok(pred)
124 }
125
126 fn parens(tree: Option<TokenTree>, mut span: Option<Span>) -> Result<Group> {
127 if let Some(tree) = tree {
128 span = Some(tree.span());
129 if let TokenTree::Group(g) = tree {
130 if g.delimiter() == Delimiter::Parenthesis {
131 return Ok(g);
132 }
133 }
134 }
135 Err(Error::new(span, "expected function-call syntax"))
136 }
137
138 fn parse_any(g: Group) -> Result<Vec<String>> {
139 let mut output = Vec::new();
140 let mut iter = g.stream().into_iter();
141 loop {
142 match iter.next() {
143 None => break,
144 Some(TokenTree::Literal(lit)) => {
145 output.push(Self::string_lit(lit)?);
146 if !maybe_comma(iter.next())? {
147 break
148 }
149 },
150 Some(other) => return unexpected(&other, "string literal"),
151 }
152 }
153 Ok(output)
154 }
155
156 fn string_lit(lit: Literal) -> Result<String> {
157 let tree: TokenTree = lit.clone().into();
158 match syn::parse2::<Lit>(tree.into())? {
159 Lit::Str(s) => Ok(s.value()),
160 _ => unexpected(&lit.into(), "string literal"),
161 }
162 }
163 }
164
165 fn error<T, M: Display>(span: Option<Span>, message: M) -> Result<T> {
166 Err(Error::new(span, message))
167 }
168
169 fn unexpected<T>(tree: &TokenTree, want: &str) -> Result<T> {
170 error(
171 Some(tree.span()),
172 format!("expected {want}; got unexpected token {tree}"),
173 )
174 }
175
176 fn maybe_comma(next: Option<TokenTree>) -> Result<bool> {
177 match next {
178 None => Ok(false),
179 Some(tree) => {
180 if let TokenTree::Punct(p) = &tree {
181 if p.as_char() == ',' {
182 return Ok(true);
183 }
184 }
185 unexpected(&tree, "',' or ')'")
186 }
187 }
188 }
189
190 /// A proc macro that outputs the PAM implementation macro and const.
191 #[proc_macro]
192 pub fn pam_impl_enum(data: pm::TokenStream) -> pm::TokenStream {
193 if !data.is_empty() { panic!("unexpected stuff in pam_impl_enum!()") }
194
195 let variant = format_ident!("{}", pam_impl_str());
196
197 quote!(
198 /// The PAM implementations supported by `libpam-sys`.
199 #[non_exhaustive]
200 #[derive(Clone, Copy, Debug, PartialEq)]
201 pub enum PamImpl {
202 /// [Linux-PAM] is provided by most Linux implementations.
203 ///
204 /// [Linux-PAM]: https://github.com/linux-pam/linux-pam
205 LinuxPam,
206 /// [OpenPAM] is used by most BSD distributions, including Mac OS X.
207 ///
208 /// [OpenPAM]: https://git.des.dev/OpenPAM/OpenPAM
209 OpenPam,
210 /// [Illumos PAM] is used on Illumos and Solaris systems.
211 ///
212 /// [Illumos PAM]: https://code.illumos.org/plugins/gitiles/illumos-gate/+/refs/heads/master/usr/src/lib/libpam
213 Illumos,
214 /// Only the functionality in [the PAM spec],
215 /// with OpenPAM/Illumos constants.
216 ///
217 /// [the PAM spec]: https://pubs.opengroup.org/onlinepubs/8329799/toc.htm
218 MinimalOpenPam,
219 }
220
221 #[doc = concat!("This version of libpam-sys was built for **", stringify!(#variant), "**.")]
222 pub const LIBPAMSYS_IMPL: PamImpl = PamImpl::#variant;
223 ).into()
224 }
225
226 /// String literal of the name of the PAM implementation this was built for.
227 ///
228 /// The value is the string value of `libpamsys::PamImpl`.
229 #[proc_macro]
230 pub fn pam_impl_name(data: pm::TokenStream) -> pm::TokenStream {
231 if !data.is_empty() {
232 panic!("pam_impl_name! does not take any input")
233 }
234 pm::TokenTree::Literal(pm::Literal::string(pam_impl_str())).into()
235 }
236
237 fn pam_impl_str() -> &'static str {
238 env!("LIBPAMSYS_IMPL")
239 }
240
241 #[cfg(test)]
242 mod tests {
243 use super::*;
244
245 fn parse(tree: TokenStream) -> Predicate {
246 Predicate::parse(tree, None).unwrap()
247 }
248
249 #[test]
250 fn test_parse() {
251 macro_rules! cases {
252 ($(($($i:tt)*)),* $(,)?) => { [ $( quote!($($i)*) ),* ] };
253 }
254
255 let good = cases![
256 ("this"),
257 (any("this", "that", "the other")),
258 (not("the bees")),
259 (not(any("of", "those"))),
260 (not(not("saying it"))),
261 (any("trailing", "comma", "allowed",)),
262 ("even on a singleton",),
263 (not("forbidden here either",)),
264 (not(not(any("this", "is", "stupid"),),),),
265 ];
266 for tree in good {
267 parse(tree);
268 }
269 let bad = cases![
270 (),
271 (wrong),
272 (wheel::of::fortune),
273 ("invalid", "syntax"),
274 (any(any)),
275 (any),
276 (not),
277 (not(any)),
278 ("too many commas",,),
279 (any("too", "many",, "commas")),
280 (not("the commas",,,)),
281 (9),
282 (any("123", 8)),
283 (not(666)),
284 ];
285 for tree in bad {
286 Predicate::parse(tree, None).unwrap_err();
287 }
288 }
289
290 #[test]
291 fn test_match() {
292 macro_rules! cases {
293 ($(($e:expr, ($($i:tt)*))),* $(,)?) => {
294 [$(($e, quote!($($i)*))),*]
295 }
296 }
297 let matching = cases![
298 ("Illumos", (any("Illumos", "OpenPam"))),
299 ("LinuxPam", (not("OpenPam"))),
300 ("Other", (not(any("This", "That")))),
301 ("OpenPam", (not(not("OpenPam")))),
302 ("Anything", (not(any()))),
303 ];
304 for (good, tree) in matching {
305 let pred = parse(tree);
306 assert!(pred.matches(good))
307 }
308
309 let nonmatching = cases![
310 ("LinuxPam", (not("LinuxPam"))),
311 ("Illumos", ("LinuxPam")),
312 ("OpenPam", (any("LinuxPam", "Illumos"))),
313 ("One", (not(any("One", "Another")))),
314 ("Negatory", (not(not("Affirmative")))),
315 ];
316 for (bad, tree) in nonmatching {
317 let pred = parse(tree);
318 assert!(!pred.matches(bad))
319 }
320 }
321 }