Mercurial > crates > nonstick

diff pam-sober/src/lib.rs @ 34:ec70822cbdef

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Overhaul
author Andy Caldwell <andrew.caldwell@metaswitch.com>
date Sun, 24 Apr 2022 03:42:11 +0100
parents d5c842a50827
children
line wrap: on
line diff
--- a/pam-sober/src/lib.rs	Thu Jul 11 19:13:19 2019 -0700
+++ b/pam-sober/src/lib.rs	Sun Apr 24 03:42:11 2022 +0100
@@ -1,37 +1,20 @@
-#[macro_use] extern crate pam;
+extern crate pam;
 extern crate rand;
 
+use pam::constants::{PamFlag, PamResultCode, PAM_PROMPT_ECHO_ON};
+use pam::conv::Conv;
 use pam::module::{PamHandle, PamHooks};
-use pam::constants::{PamResultCode, PamFlag, PAM_PROMPT_ECHO_ON};
-use pam::conv::PamConv;
 use rand::Rng;
-use std::str::FromStr;
 use std::ffi::CStr;
-
-macro_rules! pam_try {
-    ($e:expr) => (
-        match $e {
-            Ok(v) => v,
-            Err(e) => return e,
-        }
-    );
-    ($e:expr, $err:expr) => (
-        match $e {
-            Ok(v) => v,
-            Err(e) => {
-                println!("Error: {}", e);
-                return $err;
-            }
-        }
-    );
-}
+use std::str::FromStr;
+use pam::pam_try;
 
 struct PamSober;
-pam_hooks!(PamSober);
+pam::pam_hooks!(PamSober);
 
 impl PamHooks for PamSober {
     // This function performs the task of authenticating the user.
-    fn sm_authenticate(pamh: &PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
+    fn sm_authenticate(pamh: &mut PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
         println!("Let's make sure you're sober enough to perform basic addition");
 
         /* TODO: use args to change difficulty ;-)
@@ -44,8 +27,9 @@
         // TODO: maybe we can change difficulty base on user?
         // let user = pam_try!(pam.get_user(None));
 
-        let conv = match pamh.get_item::<PamConv>() {
-            Ok(conv) => conv,
+        let conv = match pamh.get_item::<Conv>() {
+            Ok(Some(conv)) => conv,
+            Ok(None) => todo!(),
             Err(err) => {
                 println!("Couldn't get pam_conv");
                 return err;
@@ -58,24 +42,31 @@
         let math = format!("{} + {} = ", a, b);
 
         // This println kinda helps debugging since the test script doesn't echo
-        println!("{}", math);
+        eprintln!("[DEBUG]: {}{}", math, a + b);
 
         let password = pam_try!(conv.send(PAM_PROMPT_ECHO_ON, &math));
 
-        if password.and_then(|p| u32::from_str(&p).ok()) == Some(a+b) {
-            return PamResultCode::PAM_SUCCESS;
+        if let Some(password) = password {
+            let password = pam_try!(password.to_str(), PamResultCode::PAM_AUTH_ERR);
+            let answer = pam_try!(u32::from_str(password), PamResultCode::PAM_AUTH_ERR);
+            if answer == a + b {
+                PamResultCode::PAM_SUCCESS
+            } else {
+                println!("Wrong answer provided {} + {} != {}", a, b, answer);
+                PamResultCode::PAM_AUTH_ERR
+            }
+        } else {
+            println!("You failed the PAM sobriety test.");
+            PamResultCode::PAM_AUTH_ERR
         }
-
-        println!("You failed the PAM sobriety test.");
-        return PamResultCode::PAM_AUTH_ERR;
     }
 
-    fn sm_setcred(_pamh: &PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
+    fn sm_setcred(_pamh: &mut PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
         println!("set credentials");
         PamResultCode::PAM_SUCCESS
     }
 
-    fn acct_mgmt(_pamh: &PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
+    fn acct_mgmt(_pamh: &mut PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
         println!("account management");
         PamResultCode::PAM_SUCCESS
     }