Mercurial > crates > nonstick
comparison src/handle.rs @ 97:efe2f5f8b5b2
Implement "stateless" application-side PAM calls.
This introduces `authenticate`, `account_management`, and `change_authtok`.
These are the three PAM operations that are stateless (i.e., they don't start
a session or modify global credentials).
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Mon, 23 Jun 2025 19:10:34 -0400 |
| parents | 51c9d7e8261a |
| children | b87100c5eed4 |
comparison
equal
deleted
inserted
replaced
| 96:f3e260f9ddcb | 97:efe2f5f8b5b2 |
|---|---|
| 1 //! The wrapper types and traits for handles into the PAM library. | 1 //! The wrapper types and traits for handles into the PAM library. |
| 2 | 2 |
| 3 use crate::constants::Result; | 3 use crate::constants::{Flags, Result}; |
| 4 use crate::conv::Conversation; | 4 use crate::conv::Conversation; |
| 5 use crate::logging::Level; | 5 use crate::logging::Level; |
| 6 | 6 |
| 7 macro_rules! trait_item { | 7 macro_rules! trait_item { |
| 8 ($(#[$md:meta])* get = $getter:ident, item = $item:literal $(, see = $see:path)?) => { | 8 ($(#[$md:meta])* get = $getter:ident, item = $item:literal $(, see = $see:path)?) => { |
| 246 /// a module), you should not use the functionality exposed by this trait. | 246 /// a module), you should not use the functionality exposed by this trait. |
| 247 /// | 247 /// |
| 248 /// Like [`PamShared`], this is intended to allow creating mock implementations | 248 /// Like [`PamShared`], this is intended to allow creating mock implementations |
| 249 /// of PAM for testing PAM applications. | 249 /// of PAM for testing PAM applications. |
| 250 pub trait PamHandleApplication: PamShared { | 250 pub trait PamHandleApplication: PamShared { |
| 251 // reserved! | 251 /// Starts the authentication process for the user. |
| 252 fn authenticate(&mut self, flags: Flags) -> Result<()>; | |
| 253 | |
| 254 /// Does "account management". | |
| 255 fn account_management(&mut self, flags: Flags) -> Result<()>; | |
| 256 | |
| 257 /// Changes the authentication token. | |
| 258 fn change_authtok(&mut self, flags: Flags) -> Result<()>; | |
| 252 } | 259 } |
| 253 | 260 |
| 254 /// Functionality of a PAM handle that can be expected by a PAM module. | 261 /// Functionality of a PAM handle that can be expected by a PAM module. |
| 255 /// | 262 /// |
| 256 /// If you are not writing a PAM module (e.g., you are writing an application), | 263 /// If you are not writing a PAM module (e.g., you are writing an application), |