Mercurial > crates > nonstick

view src/items.rs @ 56:daa2cde64601

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Big big refactor. Probably should have been multiple changes. - Makes FFI safer by explicitly specifying c_int in calls. - Uses ToPrimitive/FromPrimitive to make this easier. - Pulls PamFlag variables into a bitflags! struct. - Pulls PamMessageStyle variables into an enum. - Renames ResultCode to ErrorCode. - Switches from PAM_SUCCESS to using a Result<(), ErrorCode>. - Uses thiserror to make ErrorCode into an Error. - Gets rid of pam_try! because now we have Results. - Expands some names (e.g. Conv to Conversation). - Adds more doc comments. - Returns passwords as a SecureString, to avoid unnecessarily keeping it around in memory.
author Paul Fisher <paul@pfish.zone>
date Sun, 04 May 2025 02:56:55 -0400
parents 9d1160b02d2c
children 3f4a77aa88be
line wrap: on
line source

use num_derive::{FromPrimitive, ToPrimitive};
use num_traits::{FromPrimitive, ToPrimitive};
use std::ffi::{c_int, CStr};

#[derive(FromPrimitive, ToPrimitive)]
#[repr(i32)]
pub enum ItemType {
    /// Unset. This should never be used.
    Unset = 0,
    /// The service name
    Service = 1,
    /// The user name
    User = 2,
    /// The tty name
    Tty = 3,
    /// The remote host name
    RemoteHost = 4,
    /// The pam_conv structure
    Conversation = 5,
    /// The authentication token (password)
    AuthTok = 6,
    /// The old authentication token
    OldAuthTok = 7,
    /// The remote user name
    RemoteUser = 8,
    /// the prompt for getting a username
    UserPrompt = 9,
    /// app supplied function to override failure delays
    FailDelay = 10,
    /// X :display name
    XDisplay = 11,
    /// X :server authentication data
    XAuthData = 12,
    /// The type for pam_get_authtok
    AuthTokType = 13,
}

impl From<c_int> for ItemType {
    fn from(value: c_int) -> Self {
        Self::from_i32(value).unwrap_or(Self::Unset)
    }
}

impl From<ItemType> for c_int {
    fn from(val: ItemType) -> Self {
        val.to_i32().unwrap_or(0)
    }
}

// A type that can be requested by `pam::Handle::get_item`.
pub trait Item {
    /// The `repr(C)` type that is returned (by pointer) by the underlying `pam_get_item` function.
    type Raw;

    /// The `ItemType` for this type
    fn type_id() -> ItemType;

    /// The function to convert from the pointer to the C-representation to this safer wrapper type.
    ///
    /// # Safety
    ///
    /// This function assumes the pointer is a valid pointer to a `Self::Raw` instance.
    unsafe fn from_raw(raw: *const Self::Raw) -> Self;

    /// The function to convert from this wrapper type to a C-compatible pointer.
    fn into_raw(self) -> *const Self::Raw;
}

macro_rules! cstr_item {
    ($name:ident) => {
        ///A `CStr`-based item from a PAM conversation.
        #[derive(Debug)]
        pub struct $name<'s>(pub &'s CStr);

        impl<'s> std::ops::Deref for $name<'s> {
            type Target = &'s CStr;
            fn deref(&self) -> &Self::Target {
                &self.0
            }
        }

        impl<'s> Item for $name<'s> {
            type Raw = libc::c_char;

            fn type_id() -> ItemType {
                ItemType::$name
            }

            unsafe fn from_raw(raw: *const Self::Raw) -> Self {
                Self(std::ffi::CStr::from_ptr(raw))
            }

            fn into_raw(self) -> *const Self::Raw {
                self.0.as_ptr()
            }
        }
    };
}

cstr_item!(Service);
cstr_item!(User);
cstr_item!(Tty);
cstr_item!(RemoteHost);
// Conv
cstr_item!(AuthTok);
cstr_item!(OldAuthTok);
cstr_item!(RemoteUser);
cstr_item!(UserPrompt);