Mercurial > crates > nonstick

view src/libpam/conversation.rs @ 88:c9fc7e6257d3 default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
This is a v0.0.7 if I ever saw one.
author Paul Fisher <paul@pfish.zone>
date Tue, 10 Jun 2025 05:36:58 -0400
parents 05291b601f0a
children
line wrap: on
line source

use crate::conv::{BinaryQAndA, RadioQAndA};
use crate::conv::{Conversation, ErrorMsg, InfoMsg, MaskedQAndA, Message, QAndA};
use crate::libpam::answer::BinaryAnswer;
use crate::libpam::answer::{Answer, Answers, TextAnswer};
use crate::libpam::memory::Immovable;
use crate::libpam::pam_ffi::AppData;
pub use crate::libpam::pam_ffi::LibPamConversation;
use crate::libpam::question::{Indirect, IndirectTrait, Question, Questions};
use crate::ErrorCode;
use crate::Result;
use std::ffi::c_int;
use std::iter;
use std::marker::PhantomData;
use std::result::Result as StdResult;

impl LibPamConversation<'_> {
    fn wrap<C: Conversation>(conv: &mut C) -> Self {
        Self {
            callback: Self::wrapper_callback::<C>,
            appdata: (conv as *mut C).cast(),
            life: PhantomData,
            _marker: Immovable(PhantomData),
        }
    }

    /// Passed as the conversation function into PAM for an owned handle.
    ///
    /// PAM calls this, we compute answers, then send them back.
    unsafe extern "C" fn wrapper_callback<C: Conversation>(
        count: c_int,
        questions: *const *const Question,
        answers: *mut *mut Answer,
        me: *mut AppData,
    ) -> c_int {
        let internal = || {
            // Collect all our pointers
            let conv = me
                .cast::<C>()
                .as_mut()
                .ok_or(ErrorCode::ConversationError)?;
            let indirect = Indirect::borrow_ptr(questions).ok_or(ErrorCode::ConversationError)?;
            let answers_ptr = answers.as_mut().ok_or(ErrorCode::ConversationError)?;

            // Build our owned list of Q&As from the questions we've been asked
            let messages: Vec<OwnedMessage> = indirect
                .iter(count as usize)
                .map(TryInto::try_into)
                .collect::<Result<_>>()
                .map_err(|_| ErrorCode::ConversationError)?;
            // Borrow all those Q&As and ask them.
            // If we got an invalid message type, bail before sending.
            let borrowed: Result<Vec<_>> = messages.iter().map(Message::try_from).collect();
            // TODO: Do we want to log something here?
            conv.communicate(&borrowed?);

            // Send our answers back.
            let owned = Answers::build(messages).map_err(|_| ErrorCode::ConversationError)?;
            *answers_ptr = owned.into_ptr();
            Ok(())
        };
        ErrorCode::result_to_c(internal())
    }
}

impl Conversation for LibPamConversation<'_> {
    fn communicate(&mut self, messages: &[Message]) {
        let internal = || {
            let questions = Questions::new(messages)?;
            let mut response_pointer = std::ptr::null_mut();
            // SAFETY: We're calling into PAM with valid everything.
            let result = unsafe {
                (self.callback)(
                    messages.len() as c_int,
                    questions.indirect(),
                    &mut response_pointer,
                    self.appdata,
                )
            };
            ErrorCode::result_from(result)?;
            // SAFETY: This is a pointer we just got back from PAM.
            // We have to trust that the responses from PAM match up
            // with the questions we sent.
            unsafe {
                let mut owned_responses = Answers::from_c_heap(response_pointer, messages.len());
                for (msg, response) in iter::zip(messages, owned_responses.iter_mut()) {
                    convert(msg, response);
                }
            };
            Ok(())
        };
        if let Err(e) = internal() {
            messages.iter().for_each(|m| m.set_error(e))
        }
    }
}

/// Like [`Message`], but this time we own the contents.
#[derive(Debug)]
pub enum OwnedMessage<'a> {
    MaskedPrompt(MaskedQAndA<'a>),
    Prompt(QAndA<'a>),
    Info(InfoMsg<'a>),
    Error(ErrorMsg<'a>),
    RadioPrompt(RadioQAndA<'a>),
    BinaryPrompt(BinaryQAndA<'a>),
}

impl<'a> TryFrom<&'a OwnedMessage<'a>> for Message<'a> {
    type Error = ErrorCode;
    fn try_from(src: &'a OwnedMessage) -> StdResult<Self, ErrorCode> {
        match src {
            OwnedMessage::MaskedPrompt(m) => Ok(Message::MaskedPrompt(m)),
            OwnedMessage::Prompt(m) => Ok(Message::Prompt(m)),
            OwnedMessage::Info(m) => Ok(Message::Info(m)),
            OwnedMessage::Error(m) => Ok(Message::Error(m)),
            OwnedMessage::RadioPrompt(m) => Ok(Message::RadioPrompt(m)),
            OwnedMessage::BinaryPrompt(m) => Ok(Message::BinaryPrompt(m)),
        }
    }
}

/// Fills in the answer of the Message with the given response.
///
/// # Safety
///
/// You are responsible for ensuring that the src-dst pair matches.
unsafe fn convert(msg: &Message, resp: &mut Answer) {
    macro_rules! fill_text {
        ($dst:ident, $src:ident) => {{
            let text_resp = unsafe { TextAnswer::upcast($src) };
            $dst.set_answer(text_resp.contents().map(Into::into));
        }};
    }
    match *msg {
        Message::MaskedPrompt(qa) => fill_text!(qa, resp),
        Message::Prompt(qa) => fill_text!(qa, resp),
        Message::Error(m) => m.set_answer(Ok(())),
        Message::Info(m) => m.set_answer(Ok(())),
        Message::RadioPrompt(qa) => fill_text!(qa, resp),
        Message::BinaryPrompt(qa) => {
            let bin_resp = unsafe { BinaryAnswer::upcast(resp) };
            qa.set_answer(Ok(bin_resp.data().into()));
            bin_resp.zero_contents()
        }
    }
}