Mercurial > crates > nonstick
diff libpam-sys/src/lib.rs @ 176:0730f5f2ee2a
Turn `libpam-sys-consts` back into `libpam-sys-impls`.
This moves the constants into `libpam-sys` and makes `libpam-sys-impls`
responsible solely for detecting the current PAM implementation.
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Wed, 30 Jul 2025 17:53:31 -0400 |
| parents | 9e4ce1631bd3 |
| children |
line wrap: on
line diff
--- a/libpam-sys/src/lib.rs Wed Jul 30 14:57:12 2025 -0400 +++ b/libpam-sys/src/lib.rs Wed Jul 30 17:53:31 2025 -0400 @@ -13,450 +13,16 @@ //! You can override this **at build time** by setting the `LIBPAMSYS_IMPL` //! environment variable to one of the values of the [`pam_impl::PamImpl`] enum. //! For more information about configuration, see the documentation of -//! [`libpam-sys-consts`](https://crates.io/crates/libpam-sys-consts). +//! [`libpam-sys-impls`](https://crates.io/crates/libpam-sys-impls). #![allow(non_camel_case_types)] #![allow(unused_imports)] pub mod aliases; -#[doc(inline)] -pub use libpam_sys_consts::constants::*; +mod constants; +mod ffi; #[doc(inline)] -pub use libpam_sys_consts::{pam_impl, pam_impl_name}; -use std::ffi::{c_char, c_int, c_uint, c_void}; -use std::fmt; -use std::marker::{PhantomData, PhantomPinned}; - -/// An opaque structure that PAM uses to communicate. -/// -/// This is only ever returned in pointer form and cannot be constructed. -#[repr(C)] -pub struct pam_handle { - _value: (), - _marker: PhantomData<(PhantomPinned, *mut c_void)>, -} - -impl fmt::Debug for pam_handle { - fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - write!(f, "pam_handle({self:p}") - } -} - -/// Used by PAM to communicate between the module and the application. -#[repr(C)] -#[derive(Debug)] -pub struct pam_conv { - pub conv: unsafe extern "C" fn( - num_msg: c_int, - msg: *const *const pam_message, - resp: *mut *mut pam_response, - appdata: *mut c_void, - ) -> c_int, - pub appdata_ptr: *mut c_void, -} - -/// A message sent into a PAM conversation. -#[repr(C)] -#[derive(Debug)] -pub struct pam_message { - pub msg_style: c_int, - pub msg: *const c_char, -} - -/// A response returned from a PAM conversation. -#[repr(C)] -#[derive(Debug)] -pub struct pam_response { - pub resp: *mut c_char, - /// Completely unused. - pub resp_retcode: c_int, -} - -/// Definition of the PAM_XAUTHDATA item. Compatible with `xcb_auth_info_t`. -#[cfg(pam_impl = "LinuxPam")] -#[repr(C)] -pub struct pam_xauth_data { - pub namelen: c_int, - pub name: *mut c_char, - pub datalen: c_int, - pub data: *mut c_char, -} - -#[cfg(pam_impl = "LinuxPam")] -#[derive(Debug)] -#[repr(C)] -pub struct pam_modutil_privs { - pub grplist: *mut libc::gid_t, - pub number_of_groups: c_int, - pub allocated: c_int, - pub old_gid: libc::gid_t, - pub old_uid: libc::uid_t, - pub is_dropped: c_int, -} - -#[cfg(pam_impl = "OpenPam")] -pub type pam_func_t = unsafe extern "C" fn( - handle: *mut pam_handle, - flags: c_int, - argc: c_int, - argv: *const *const c_char, -) -> c_int; - -#[cfg(pam_impl = "OpenPam")] -#[derive(Debug)] -#[repr(C)] -pub struct pam_module { - pub path: *mut c_char, - pub func: [pam_func_t; 6], - pub dlh: *mut c_void, -} - -#[cfg(any(pam_impl = "OpenPam", pam_impl = "Sun"))] -#[derive(Debug)] -#[repr(C)] -pub struct pam_repository { - pub type_: *mut c_char, - pub scope: *mut c_void, - pub scope_len: usize, -} - -// These are the functions specified in X/SSO. Everybody exports them. -extern "C" { - /// Account validation. - pub fn pam_acct_mgmt(pamh: *mut pam_handle, flags: c_int) -> c_int; - - /// Authenticate a user. - pub fn pam_authenticate(pamh: *mut pam_handle, flags: c_int) -> c_int; - - // Nobody implements pam_authenticate_secondary. - - /// Manage authentication tokens. - pub fn pam_chauthtok(pamh: *mut pam_handle, flags: c_int) -> c_int; - - /// Close an opened user session. - pub fn pam_close_session(pamh: *mut pam_handle, flags: c_int) -> c_int; - - /// Ends the PAM transaction. - pub fn pam_end(pamh: *mut pam_handle, flags: c_int) -> c_int; - - /// Gets module-specific data. PAM still owns the data. - pub fn pam_get_data( - pamh: *const pam_handle, - module_data_name: *const c_char, - data: *mut *const c_void, - ) -> c_int; - - /// Gets an environment variable. You own the return value. - pub fn pam_getenv(pamh: *const pam_handle, name: *const c_char) -> *mut c_char; - - /// Gets all the environment variables. You own everything it points to. - pub fn pam_getenvlist(pamh: *const pam_handle) -> *mut *mut c_char; - - /// Get information about the transaction. - /// - /// The item is owned by PAM. - pub fn pam_get_item( - pamh: *const pam_handle, - item_type: c_int, - item: *mut *const c_void, - ) -> c_int; - - // Nobody implements pam_get_mapped_authtok. - // Nobody implements pam_get_mapped_username. - - /// Get the username. PAM owns it. - pub fn pam_get_user( - pamh: *mut pam_handle, - user: *mut *const c_char, - prompt: *const c_char, - ) -> c_int; - - /// Opens a user session. - pub fn pam_open_session(pamh: *mut pam_handle, flags: c_int) -> c_int; - - /// Sets the value of an environment variable. `namevalue` is copied. - pub fn pam_putenv(pamh: *mut pam_handle, namevalue: *const c_char) -> c_int; - - /// Update or delete user credentials. - pub fn pam_setcred(pamh: *mut pam_handle, flags: c_int) -> c_int; - - /// Set module-specific data. PAM will call `cleanup` when completed. - pub fn pam_set_data( - pamh: *mut pam_handle, - module_data_name: *const c_char, - data: *mut c_void, - cleanup: unsafe extern "C" fn( - pamh: *mut pam_handle, - data: *mut c_void, - pam_end_status: c_int, - ), - ) -> c_int; - - /// Set information about the transaction. The `item` is copied. - pub fn pam_set_item(pamh: *mut pam_handle, item_type: c_int, item: *const c_void) -> c_int; - - // Nobody implements pam_set_mapped_authtok. - // Nobody implements pam_set_mapped_username. - - // The pam_sm_whatever functions are prototypes for the functions that - // a PAM module should implement, not symbols provided by PAM. - - /// Starts a PAM transaction. The `conv` may or may not be copied. - pub fn pam_start( - service: *const c_char, - user: *const c_char, - pam_conv: *mut pam_conv, - pamh: *mut *mut pam_handle, - ) -> c_int; - - /// Gets a statically-allocated error string. - /// - /// All implementations of PAM known to this library (Linux-PAM, OpenPAM, - /// and Sun) ignore `pamh` and will accept a null pointer. - pub fn pam_strerror(pamh: *const pam_handle, error_number: c_int) -> *mut c_char; -} - -#[cfg(any(pam_impl = "LinuxPam", pam_impl = "OpenPam"))] -extern "C" { - /// Gets `PAM_AUTHTOK`, or asks the user if that is unset. - pub fn pam_get_authtok( - pamh: *mut pam_handle, - item: c_int, - authtok: *mut *const c_char, - prompt: *const c_char, - ) -> c_int; - - pub fn pam_prompt( - pamh: *const pam_handle, - style: c_int, - response: *mut *mut c_char, - fmt: *const c_char, - ... - ) -> c_int; - -} - -#[cfg(pam_impl = "LinuxPam")] -extern "C" { - pub fn pam_fail_delay(pamh: *mut pam_handle, musec_delay: c_uint) -> c_int; - - /// Start a PAM transaction based on configuration in the given directory. - pub fn pam_start_confdir( - service_name: *const c_char, - user: *const c_char, - pam_conversation: *mut pam_conv, - confdir: *const c_char, - pamh: *mut *mut pam_handle, - ) -> c_int; - - // We don't export the v-variants of the formatting functions. - - pub fn pam_syslog(pamh: *const pam_handle, priority: c_int, fmt: *const c_char, ...); - - pub fn pam_get_authtok_noverify( - pamh: *const pam_handle, - authtok: *mut *const c_char, - prompt: *const c_char, - ) -> c_int; - - pub fn pam_get_authtok_verify( - pamh: *const pam_handle, - authtok: *mut *const c_char, - prompt: *const c_char, - ) -> c_int; - - // pam_modutil also lives in libpam for Linux. - - pub fn pam_modutil_check_user_in_passwd( - pamh: *mut pam_handle, - user_name: *const c_char, - file_name: *const c_char, - ) -> c_int; - - pub fn pam_modutil_getpwnam(pamh: *mut pam_handle, user: *const c_char) -> *mut libc::passwd; - - pub fn pam_modutil_getpwuid(pamh: *mut pam_handle, uid: libc::uid_t) -> *mut libc::passwd; - - pub fn pam_modutil_getgrnam(pamh: *mut pam_handle, group: *const c_char) -> *mut libc::group; - - pub fn pam_modutil_getgrgid(pamh: *mut pam_handle, gid: libc::gid_t) -> *mut libc::group; - - pub fn pam_modutil_getspnam(pamh: *mut pam_handle, user: *const c_char) -> *mut libc::spwd; - - pub fn pam_modutil_user_in_group_nam_nam( - pamh: *mut pam_handle, - user: *const c_char, - group: *const c_char, - ) -> c_int; - - pub fn pam_modutil_user_in_group_nam_gid( - pamh: *mut pam_handle, - user: *const c_char, - group: libc::gid_t, - ) -> c_int; - - pub fn pam_modutil_user_in_group_uid_nam( - pamh: *mut pam_handle, - user: libc::uid_t, - group: *const c_char, - ) -> c_int; - - pub fn pam_modutil_user_in_group_uid_gid( - pamh: *mut pam_handle, - user: libc::uid_t, - group: libc::gid_t, - ) -> c_int; - - pub fn pam_modutil_getlogin(pamh: *mut pam_handle) -> *const c_char; - - pub fn pam_modutil_read(fd: c_int, buffer: *mut c_char, count: c_int) -> c_int; - - pub fn pam_modutil_write(fd: c_int, buffer: *const c_char, count: c_int) -> c_int; - - pub fn pam_modutil_audit_write( - pamh: *mut pam_handle, - type_: c_int, - message: *const c_char, - retval: c_int, - ) -> c_int; - - pub fn pam_modutil_drop_priv( - pamh: *mut pam_handle, - p: *mut pam_modutil_privs, - pw: *const libc::passwd, - ) -> c_int; - - pub fn pam_modutil_regain_priv(pamh: *mut pam_handle, p: *mut pam_modutil_privs) -> c_int; - - pub fn pam_modutil_sanitize_helper_fds( - pamh: *mut pam_handle, - redirect_stdin: pam_modutil_redirect_fd, - redirect_stdout: pam_modutil_redirect_fd, - redirect_stderr: pam_modutil_redirect_fd, - ) -> c_int; - - pub fn pam_modutil_search_key( - pamh: *mut pam_handle, - file_name: *const c_char, - key: *const c_char, - ) -> *mut c_char; -} - -#[cfg(pam_impl = "OpenPam")] -extern "C" { - pub fn openpam_borrow_cred(pamh: *mut pam_handle, passwd: *const libc::passwd) -> c_int; - - pub fn openpam_subst( - pamh: *const pam_handle, - buf: *mut c_char, - _bufsize: *mut usize, - _template: *const c_char, - ) -> c_int; - - pub fn openpam_free_data(pamh: *mut pam_handle, data: *mut c_void, status: c_int); - - pub fn openpam_free_envlist(_envlist: *mut *mut c_char); - - pub fn openpam_get_option(_pamh: *mut pam_handle, _option: *const c_char) -> *const c_char; - - pub fn openpam_restore_cred(pamh: *mut pam_handle) -> c_int; - - pub fn openpam_set_option( - _pamh: *mut pam_handle, - _option: *const c_char, - _value: *const c_char, - ) -> c_int; - - pub fn pam_error(pamh: *const pam_handle, _fmt: *const c_char, ...) -> c_int; - - pub fn pam_info(_pamh: *const pam_handle, _fmt: *const c_char, ...) -> c_int; - - pub fn openpam_readline( - _f: *mut libc::FILE, - _lineno: *mut c_int, - _lenp: *mut usize, - ) -> *mut c_char; - - pub fn openpam_readlinev( - _f: *mut libc::FILE, - _lineno: *mut c_int, - _lenp: *mut c_int, - ) -> *mut *mut c_char; - - pub fn openpam_readword( - _f: *mut libc::FILE, - _lineno: *mut c_int, - _lenp: *mut usize, - ) -> *mut c_char; - - pub fn openpam_straddch( - _str: *mut *mut c_char, - _sizep: *mut usize, - _lenp: *mut usize, - ch: c_int, - ) -> c_int; - - pub fn openpam_set_feature(_feature: c_int, _onoff: c_int) -> c_int; - - pub fn openpam_get_feature(_feature: c_int, _onoff: *mut c_int) -> c_int; - - pub fn _openpam_log(_level: c_int, _func: *const c_char, _fmt: *const c_char, ...); - - /// A premade conversation function that talks to the TTY. - /// - /// ```no_run - /// # use std::ffi::CString; - /// # use std::ptr; - /// use libpam_sys::*; - /// # let service = CString::new("whatever").unwrap(); - /// # let user = CString::new("whatever").unwrap(); - /// let mut handle: *mut pam_handle = ptr::null_mut(); - /// let mut conv = pam_conv { - /// conv: openpam_ttyconv, - /// appdata_ptr: ptr::null_mut(), - /// }; - /// let result = unsafe { pam_start(service.as_ptr(), user.as_ptr(), &mut conv, &mut handle) }; - /// ``` - pub fn openpam_ttyconv( - n: c_int, - _msg: *const *const pam_message, - _resp: *mut *mut pam_response, - _data: *mut c_void, - ) -> c_int; - - pub static mut openpam_ttyconv_timeout: c_int; - - /// A null conversation function. - /// - /// ```no_run - /// # use std::ffi::CString; - /// # use std::ptr; - /// use libpam_sys::*; - /// # let service = CString::new("whatever").unwrap(); - /// # let user = CString::new("whatever").unwrap(); - /// let mut handle: *mut pam_handle = ptr::null_mut(); - /// let mut conv = pam_conv { - /// conv: openpam_nullconv, - /// appdata_ptr: ptr::null_mut(), - /// }; - /// let result = unsafe { pam_start(service.as_ptr(), user.as_ptr(), &mut conv, &mut handle) }; - /// ``` - pub fn openpam_nullconv( - n: c_int, - _msg: *const *const pam_message, - _resp: *mut *mut pam_response, - _data: *mut c_void, - ) -> c_int; -} - -#[cfg(pam_impl = "Sun")] -extern "C" { - pub fn __pam_get_authtok( - pamh: *mut pam_handle, - source: c_int, - type_: c_int, - prompt: *const c_char, - authtok: *mut *mut c_char, - ) -> c_int; - - pub fn __pam_log(priority: c_int, format: *const c_char, ...); -} +pub use crate::{constants::*, ffi::*}; +#[doc(inline)] +pub use libpam_sys_impls as pam_impl; +#[doc(inline)] +pub use libpam_sys_impls::pam_impl_name;