Mercurial > crates > nonstick
comparison src/handle.rs @ 90:f6186e41399b
Miscellaneous fixes and cleanup:
- Rename `get_user` to `username` and `get_authtok` to `authtok`.
- Use pam_strerror for error messages.
- Add library linkage to build.rs (it was missing???).
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Sat, 14 Jun 2025 09:30:16 -0400 |
| parents | 5aa1a010f1e8 |
| children | 039aae9a01f7 |
comparison
equal
deleted
inserted
replaced
| 89:dd3e9c4bcde3 | 90:f6186e41399b |
|---|---|
| 72 /// | 72 /// |
| 73 /// ```no_run | 73 /// ```no_run |
| 74 /// # use nonstick::PamShared; | 74 /// # use nonstick::PamShared; |
| 75 /// # fn _doc(handle: &mut impl PamShared) -> Result<(), Box<dyn std::error::Error>> { | 75 /// # fn _doc(handle: &mut impl PamShared) -> Result<(), Box<dyn std::error::Error>> { |
| 76 /// // Get the username using the default prompt. | 76 /// // Get the username using the default prompt. |
| 77 /// let user = handle.get_user(None)?; | 77 /// let user = handle.username(None)?; |
| 78 /// // Get the username using a custom prompt. | 78 /// // Get the username using a custom prompt. |
| 79 /// // If this were actually called right after the above, | 79 /// // If this were actually called right after the above, |
| 80 /// // both user and user_2 would have the same value. | 80 /// // both user and user_2 would have the same value. |
| 81 /// let user_2 = handle.get_user(Some("who ARE you even???"))?; | 81 /// let user_2 = handle.username(Some("who ARE you even???"))?; |
| 82 /// # Ok(()) | 82 /// # Ok(()) |
| 83 /// # } | 83 /// # } |
| 84 /// ``` | 84 /// ``` |
| 85 /// | 85 /// |
| 86 /// [man]: https://www.man7.org/linux/man-pages/man3/pam_get_user.3.html | 86 /// [man]: https://www.man7.org/linux/man-pages/man3/pam_get_user.3.html |
| 87 /// [mwg]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/mwg-expected-by-module-item.html#mwg-pam_get_user | 87 /// [mwg]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/mwg-expected-by-module-item.html#mwg-pam_get_user |
| 88 fn get_user(&mut self, prompt: Option<&str>) -> Result<&str>; | 88 fn username(&mut self, prompt: Option<&str>) -> Result<&str>; |
| 89 | 89 |
| 90 trait_item!( | 90 trait_item!( |
| 91 /// The identity of the user for whom service is being requested. | 91 /// The identity of the user for whom service is being requested. |
| 92 /// | 92 /// |
| 93 /// Unlike [`get_user`](Self::get_user), this will simply get | 93 /// Unlike [`username`](Self::username), this will simply get |
| 94 /// the current state of the user item, and not request the username. | 94 /// the current state of the user item, and not request the username. |
| 95 /// While PAM usually sets this automatically in the `get_user` call, | 95 /// While PAM usually sets this automatically in the `username` call, |
| 96 /// it may be changed by a module during the PAM transaction. | 96 /// it may be changed by a module during the PAM transaction. |
| 97 /// Applications should check it after each step of the PAM process. | 97 /// Applications should check it after each step of the PAM process. |
| 98 get = user_item, | 98 get = user_item, |
| 99 item = "PAM_USER", | 99 item = "PAM_USER", |
| 100 see = Self::get_user | 100 see = Self::username |
| 101 ); | 101 ); |
| 102 trait_item!( | 102 trait_item!( |
| 103 /// Sets the identity of the logging-in user. | 103 /// Sets the identity of the logging-in user. |
| 104 /// | 104 /// |
| 105 /// Usually this will be set during the course of | 105 /// Usually this will be set during the course of |
| 106 /// a [`get_user`](Self::get_user) call, but you may set it manually | 106 /// a [`username`](Self::username) call, but you may set it manually |
| 107 /// or change it during the PAM process. | 107 /// or change it during the PAM process. |
| 108 set = set_user_item, | 108 set = set_user_item, |
| 109 item = "PAM_USER", | 109 item = "PAM_USER", |
| 110 see = Self::user_item | 110 see = Self::user_item |
| 111 ); | 111 ); |
| 196 | 196 |
| 197 trait_item!( | 197 trait_item!( |
| 198 /// Gets the user's authentication token (e.g., password). | 198 /// Gets the user's authentication token (e.g., password). |
| 199 /// | 199 /// |
| 200 /// This is usually set automatically when | 200 /// This is usually set automatically when |
| 201 /// [`get_authtok`](PamHandleModule::get_authtok) is called, | 201 /// [`authtok`](PamHandleModule::authtok) is called, |
| 202 /// but can be manually set. | 202 /// but can be manually set. |
| 203 set = set_authtok_item, | 203 set = set_authtok_item, |
| 204 item = "PAM_AUTHTOK", | 204 item = "PAM_AUTHTOK", |
| 205 see = PamHandleModule::authtok_item | 205 see = PamHandleModule::authtok_item |
| 206 ); | 206 ); |
| 246 /// | 246 /// |
| 247 /// ```no_run | 247 /// ```no_run |
| 248 /// # use nonstick::handle::PamHandleModule; | 248 /// # use nonstick::handle::PamHandleModule; |
| 249 /// # fn _doc(handle: &mut impl PamHandleModule) -> Result<(), Box<dyn std::error::Error>> { | 249 /// # fn _doc(handle: &mut impl PamHandleModule) -> Result<(), Box<dyn std::error::Error>> { |
| 250 /// // Get the user's password using the default prompt. | 250 /// // Get the user's password using the default prompt. |
| 251 /// let pass = handle.get_authtok(None)?; | 251 /// let pass = handle.authtok(None)?; |
| 252 /// // Get the user's password using a custom prompt. | 252 /// // Get the user's password using a custom prompt. |
| 253 /// let pass = handle.get_authtok(Some("Reveal your secrets!"))?; | 253 /// let pass = handle.authtok(Some("Reveal your secrets!"))?; |
| 254 /// Ok(()) | 254 /// Ok(()) |
| 255 /// # } | 255 /// # } |
| 256 /// ``` | 256 /// ``` |
| 257 /// | 257 /// |
| 258 /// [man]: https://www.man7.org/linux/man-pages/man3/pam_get_authtok.3.html | 258 /// [man]: https://www.man7.org/linux/man-pages/man3/pam_get_authtok.3.html |
| 259 /// [mwg]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/mwg-expected-by-module-item.html#mwg-pam_get_item | 259 /// [mwg]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/mwg-expected-by-module-item.html#mwg-pam_get_item |
| 260 fn get_authtok(&mut self, prompt: Option<&str>) -> Result<&str>; | 260 fn authtok(&mut self, prompt: Option<&str>) -> Result<&str>; |
| 261 | 261 |
| 262 trait_item!( | 262 trait_item!( |
| 263 /// Gets the user's authentication token (e.g., password). | 263 /// Gets the user's authentication token (e.g., password). |
| 264 /// | 264 /// |
| 265 /// This is normally set automatically by PAM when calling | 265 /// This is normally set automatically by PAM when calling |
| 266 /// [`get_authtok`](Self::get_authtok), but can be set explicitly. | 266 /// [`authtok`](Self::authtok), but can be set explicitly. |
| 267 /// | 267 /// |
| 268 /// Like `get_authtok`, this should only ever be called | 268 /// Like `authtok`, this should only ever be called |
| 269 /// by *authentication* and *password-change* PAM modules. | 269 /// by *authentication* and *password-change* PAM modules. |
| 270 get = authtok_item, | 270 get = authtok_item, |
| 271 item = "PAM_AUTHTOK", | 271 item = "PAM_AUTHTOK", |
| 272 see = Self::get_authtok | 272 see = Self::authtok |
| 273 ); | 273 ); |
| 274 | 274 |
| 275 trait_item!( | 275 trait_item!( |
| 276 /// Gets the user's old authentication token when changing passwords. | 276 /// Gets the user's old authentication token when changing passwords. |
| 277 /// | 277 /// |