Mercurial > crates > nonstick
diff src/handle.rs @ 97:efe2f5f8b5b2
Implement "stateless" application-side PAM calls.
This introduces `authenticate`, `account_management`, and `change_authtok`.
These are the three PAM operations that are stateless (i.e., they don't start
a session or modify global credentials).
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Mon, 23 Jun 2025 19:10:34 -0400 |
| parents | 51c9d7e8261a |
| children | b87100c5eed4 |
line wrap: on
line diff
--- a/src/handle.rs Mon Jun 23 14:26:34 2025 -0400 +++ b/src/handle.rs Mon Jun 23 19:10:34 2025 -0400 @@ -1,6 +1,6 @@ //! The wrapper types and traits for handles into the PAM library. -use crate::constants::Result; +use crate::constants::{Flags, Result}; use crate::conv::Conversation; use crate::logging::Level; @@ -248,7 +248,14 @@ /// Like [`PamShared`], this is intended to allow creating mock implementations /// of PAM for testing PAM applications. pub trait PamHandleApplication: PamShared { - // reserved! + /// Starts the authentication process for the user. + fn authenticate(&mut self, flags: Flags) -> Result<()>; + + /// Does "account management". + fn account_management(&mut self, flags: Flags) -> Result<()>; + + /// Changes the authentication token. + fn change_authtok(&mut self, flags: Flags) -> Result<()>; } /// Functionality of a PAM handle that can be expected by a PAM module.