crates/nonstick: src/conv.rs comparison

comparison src/conv.rs @ 143:ebb71a412b58

Turn everything into OsString and Just Walk Out! for strings with nul. To reduce the hazard surface of the API, this replaces most uses of &str with &OsStr (and likewise with String/OsString). Also, I've decided that instead of dealing with callers putting `\0` in their parameters, I'm going to follow the example of std::env and Just Walk Out! (i.e., panic!()). This makes things a lot less annoying for both me and (hopefully) users.

author	Paul Fisher <paul@pfish.zone>
date	Sat, 05 Jul 2025 22:12:46 -0400
parents	80c07e5ab22f
children	1bc52025156b

comparison

equal deleted inserted replaced

-:5c1e315c18ff
+:ebb71a412b58
 // Temporarily allowed until we get the actual conversation functions hooked up.
 #![allow(dead_code)]
 use crate::constants::{ErrorCode, Result};
 use std::cell::Cell;
+use std::ffi::{OsStr, OsString};
 use std::fmt;
 use std::fmt::Debug;
 use std::result::Result as StdResult;
 /// An individual pair of request/response to be sent to the user.
 /// ```
 /// use nonstick::conv::{Exchange, QAndA};
 /// use nonstick::ErrorCode;
 ///
 /// fn cant_respond(message: Exchange) {
+///     // "question" is kind of a bad name in the context of
+///     // a one-way message, but it's for consistency.
 ///     match message {
 ///         Exchange::Info(i) => {
-///             eprintln!("fyi, {}", i.question());
+///             eprintln!("fyi, {:?}", i.question());
 ///             i.set_answer(Ok(()))
 ///         }
 ///         Exchange::Error(e) => {
-///             eprintln!("ERROR: {}", e.question());
+///             eprintln!("ERROR: {:?}", e.question());
 ///             e.set_answer(Ok(()))
 ///         }
 ///         // We can't answer any questions.
 ///         other => other.set_error(ErrorCode::ConversationError),
 ///     }
 q_and_a!(
 /// A Q&A that asks the user for text and does not show it while typing.
 ///
 /// In other words, a password entry prompt.
-MaskedQAndA<'a, Q=&'a str, A=String>,
+MaskedQAndA<'a, Q=&'a OsStr, A=OsString>,
 Exchange::MaskedPrompt
 );
 q_and_a!(
 /// A standard Q&A prompt that asks the user for text.
 ///
 /// This is the normal "ask a person a question" prompt.
 /// When the user types, their input will be shown to them.
 /// It can be used for things like usernames.
-QAndA<'a, Q=&'a str, A=String>,
+QAndA<'a, Q=&'a OsStr, A=OsString>,
 Exchange::Prompt
 );
 q_and_a!(
 /// A Q&A for "radio button"–style data. (Linux-PAM extension)
 ///
 /// This message type is theoretically useful for "yes/no/maybe"
 /// questions, but nowhere in the documentation is it specified
 /// what the format of the answer will be, or how this should be shown.
-RadioQAndA<'a, Q=&'a str, A=String>,
+RadioQAndA<'a, Q=&'a OsStr, A=OsString>,
 Exchange::RadioPrompt
 );
 q_and_a!(
 /// Asks for binary data. (Linux-PAM extension)
 /// A message containing information to be passed to the user.
 ///
 /// While this does not have an answer, [`Conversation`] implementations
 /// should still call [`set_answer`][`QAndA::set_answer`] to verify that
 /// the message has been displayed (or actively discarded).
-InfoMsg<'a, Q = &'a str, A = ()>,
+InfoMsg<'a, Q = &'a OsStr, A = ()>,
 Exchange::Info
 );
 q_and_a!(
 /// An error message to be passed to the user.
 ///
 /// While this does not have an answer, [`Conversation`] implementations
 /// should still call [`set_answer`][`QAndA::set_answer`] to verify that
 /// the message has been displayed (or actively discarded).
-ErrorMsg<'a, Q = &'a str, A = ()>,
+ErrorMsg<'a, Q = &'a OsStr, A = ()>,
 Exchange::Error
 );
 /// A channel for PAM modules to request information from the user.
 ///
 ///
 /// For example, to use a `Conversation` as a `ConversationAdapter`:
 ///
 /// ```
 /// # use nonstick::{Conversation, Result};
+/// # use std::ffi::OsString;
 /// // Bring this trait into scope to get `masked_prompt`, among others.
 /// use nonstick::ConversationAdapter;
 ///
-/// fn ask_for_token(convo: &impl Conversation) -> Result<String> {
+/// fn ask_for_token(convo: &impl Conversation) -> Result<OsString> {
 ///     convo.masked_prompt("enter your one-time token")
 /// }
 /// ```
 ///
 /// or to use a `ConversationAdapter` as a `Conversation`:
 ///
 /// ```
 /// use nonstick::{Conversation, ConversationAdapter};
 /// # use nonstick::{BinaryData, Result};
+/// # use std::ffi::{OsStr, OsString};
 /// mod some_library {
 /// #    use nonstick::Conversation;
 ///     pub fn get_auth_data(conv: &impl Conversation) { /* ... */
 ///     }
 /// }
 /// struct MySimpleConvo {/* ... */}
 /// # impl MySimpleConvo { fn new() -> Self { Self{} } }
 ///
 /// impl ConversationAdapter for MySimpleConvo {
 ///     // ...
-/// # fn prompt(&self, request: &str) -> Result<String> {
+/// # fn prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString> {
 /// #     unimplemented!()
 /// # }
 /// #
-/// # fn masked_prompt(&self, request: &str) -> Result<String> {
+/// # fn masked_prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString> {
 /// #     unimplemented!()
 /// # }
 /// #
-/// # fn error_msg(&self, message: &str) {
+/// # fn error_msg(&self, message: impl AsRef<OsStr>) {
 /// #     unimplemented!()
 /// # }
 /// #
-/// # fn info_msg(&self, message: &str) {
+/// # fn info_msg(&self, message: impl AsRef<OsStr>) {
 /// #     unimplemented!()
 /// # }
 /// #
-/// # fn radio_prompt(&self, request: &str) -> Result<String> {
+/// # fn radio_prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString> {
 /// #     unimplemented!()
 /// # }
 /// #
 /// # fn binary_prompt(&self, (data, data_type): (&[u8], u8)) -> Result<BinaryData> {
 /// #     unimplemented!()
 Self: Sized,
 {
 Demux(self)
 }
 /// Prompts the user for something.
-fn prompt(&self, request: &str) -> Result<String>;
+fn prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString>;
 /// Prompts the user for something, but hides what the user types.
-fn masked_prompt(&self, request: &str) -> Result<String>;
+fn masked_prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString>;
 /// Alerts the user to an error.
-fn error_msg(&self, message: &str);
+fn error_msg(&self, message: impl AsRef<OsStr>);
 /// Sends an informational message to the user.
-fn info_msg(&self, message: &str);
+fn info_msg(&self, message: impl AsRef<OsStr>);
 /// \[Linux extension] Prompts the user for a yes/no/maybe conditional.
 ///
 /// PAM documentation doesn't define the format of the response.
 ///
 /// When called on an implementation that doesn't support radio prompts,
 /// this will return [`ErrorCode::ConversationError`].
 /// If implemented on an implementation that doesn't support radio prompts,
 /// this will never be called.
-fn radio_prompt(&self, request: &str) -> Result<String> {
+fn radio_prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString> {
 let _ = request;
 Err(ErrorCode::ConversationError)
 }
 /// \[Linux extension] Requests binary data from the user.
 ///
 Demux(value)
 }
 }
 macro_rules! conv_fn {
-($(#[$m:meta])* $fn_name:ident($($param:tt: $pt:ty),+) -> $resp_type:ty { $msg:ty }) => {
+($(#[$m:meta])* $fn_name:ident($param:tt: $pt:ty) -> $resp_type:ty { $msg:ty }) => {
 $(#[$m])*
-fn $fn_name(&self, $($param: $pt),*) -> Result<$resp_type> {
+fn $fn_name(&self, $param: impl AsRef<$pt>) -> Result<$resp_type> {
-let prompt = <$msg>::new($($param),*);
+let prompt = <$msg>::new($param.as_ref());
 self.communicate(&[prompt.exchange()]);
 prompt.answer()
 }
 };
-($(#[$m:meta])*$fn_name:ident($($param:tt: $pt:ty),+) { $msg:ty }) => {
+($(#[$m:meta])*$fn_name:ident($param:tt: $pt:ty) { $msg:ty }) => {
 $(#[$m])*
-fn $fn_name(&self, $($param: $pt),*) {
+fn $fn_name(&self, $param: impl AsRef<$pt>) {
-self.communicate(&[<$msg>::new($($param),*).exchange()]);
+self.communicate(&[<$msg>::new($param.as_ref()).exchange()]);
 }
 };
 }
 impl<C: Conversation> ConversationAdapter for C {
-conv_fn!(prompt(message: &str) -> String { QAndA });
+conv_fn!(prompt(message: OsStr) -> OsString { QAndA });
-conv_fn!(masked_prompt(message: &str) -> String { MaskedQAndA } );
+conv_fn!(masked_prompt(message: OsStr) -> OsString { MaskedQAndA } );
-conv_fn!(error_msg(message: &str) { ErrorMsg });
+conv_fn!(error_msg(message: OsStr) { ErrorMsg });
-conv_fn!(info_msg(message: &str) { InfoMsg });
+conv_fn!(info_msg(message: OsStr) { InfoMsg });
-conv_fn!(radio_prompt(message: &str) -> String { RadioQAndA });
+conv_fn!(radio_prompt(message: OsStr) -> OsString { RadioQAndA });
-conv_fn!(binary_prompt((data, data_type): (&[u8], u8)) -> BinaryData { BinaryQAndA });
+fn binary_prompt(&self, (data, typ): (&[u8], u8)) -> Result<BinaryData> {
+let prompt = BinaryQAndA::new((data, typ));
+self.communicate(&[prompt.exchange()]);
+prompt.answer()
+}
 }
 /// A [`Conversation`] which asks the questions one at a time.
 ///
 /// This is automatically created by [`ConversationAdapter::into_conversation`].
 }
 #[cfg(test)]
 mod tests {
 use super::*;
-use crate::constants::ErrorCode;
 #[test]
 fn test_demux() {
 #[derive(Default)]
 struct DemuxTester {
 error_ran: Cell<bool>,
 info_ran: Cell<bool>,
 }
 impl ConversationAdapter for DemuxTester {
-fn prompt(&self, request: &str) -> Result<String> {
+fn prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString> {
-match request {
+match request.as_ref().to_str().unwrap() {
-"what" => Ok("whatwhat".to_owned()),
+"what" => Ok("whatwhat".into()),
 "give_err" => Err(ErrorCode::PermissionDenied),
 _ => panic!("unexpected prompt!"),
 }
 }
-fn masked_prompt(&self, request: &str) -> Result<String> {
+fn masked_prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString> {
-assert_eq!("reveal", request);
+assert_eq!("reveal", request.as_ref());
-Ok("my secrets".to_owned())
+Ok("my secrets".into())
 }
-fn error_msg(&self, message: &str) {
+fn error_msg(&self, message: impl AsRef<OsStr>) {
 self.error_ran.set(true);
-assert_eq!("whoopsie", message);
+assert_eq!("whoopsie", message.as_ref());
 }
-fn info_msg(&self, message: &str) {
+fn info_msg(&self, message: impl AsRef<OsStr>) {
 self.info_ran.set(true);
-assert_eq!("did you know", message);
+assert_eq!("did you know", message.as_ref());
 }
-fn radio_prompt(&self, request: &str) -> Result<String> {
+fn radio_prompt(&self, request: impl AsRef<OsStr>) -> Result<OsString> {
-assert_eq!("channel?", request);
+assert_eq!("channel?", request.as_ref());
-Ok("zero".to_owned())
+Ok("zero".into())
 }
 fn binary_prompt(&self, data_and_type: (&[u8], u8)) -> Result<BinaryData> {
 assert_eq!((&[10, 9, 8][..], 66), data_and_type);
 Ok(BinaryData::new(vec![5, 5, 5], 5))
 }
 }
 let tester = DemuxTester::default();
-let what = QAndA::new("what");
+let what = QAndA::new("what".as_ref());
-let pass = MaskedQAndA::new("reveal");
+let pass = MaskedQAndA::new("reveal".as_ref());
-let err = ErrorMsg::new("whoopsie");
+let err = ErrorMsg::new("whoopsie".as_ref());
-let info = InfoMsg::new("did you know");
+let info = InfoMsg::new("did you know".as_ref());
-let has_err = QAndA::new("give_err");
+let has_err = QAndA::new("give_err".as_ref());
 let conv = tester.into_conversation();
 // Basic tests.
 // Test the Linux extensions separately.
 {
 let conv = tester.into_conversation();
-let radio = RadioQAndA::new("channel?");
+let radio = RadioQAndA::new("channel?".as_ref());
 let bin = BinaryQAndA::new((&[10, 9, 8], 66));
 conv.communicate(&[radio.exchange(), bin.exchange()]);
 assert_eq!("zero", radio.answer().unwrap());
 assert_eq!(BinaryData::from(([5, 5, 5], 5)), bin.answer().unwrap());
 }
 Exchange::Error(error) => {
 assert_eq!("oh no", error.question());
 error.set_answer(Ok(()))
 }
-Exchange::Prompt(prompt) => prompt.set_answer(match prompt.question() {
+Exchange::Prompt(prompt) => {
-"should_err" => Err(ErrorCode::PermissionDenied),
+prompt.set_answer(match prompt.question().to_str().unwrap() {
-"question" => Ok("answer".to_owned()),
+"should_err" => Err(ErrorCode::PermissionDenied),
-other => panic!("unexpected question {other:?}"),
+"question" => Ok("answer".into()),
-}),
+other => panic!("unexpected question {other:?}"),
+})
+}
 Exchange::MaskedPrompt(ask) => {
 assert_eq!("password!", ask.question());
 ask.set_answer(Ok("open sesame".into()))
 }
 Exchange::BinaryPrompt(prompt) => {
 assert_eq!((&[1, 2, 3][..], 69), prompt.question());
 prompt.set_answer(Ok(BinaryData::from((&[3, 2, 1], 42))))
 }
 Exchange::RadioPrompt(ask) => {
 assert_eq!("radio?", ask.question());
-ask.set_answer(Ok("yes".to_owned()))
+ask.set_answer(Ok("yes".into()))
 }
 }
 } else {
 panic!(
 "there should only be one message, not {len}",

Mercurial > crates > nonstick

comparison src/conv.rs @ 143:ebb71a412b58