Mercurial > crates > nonstick

changeset 62:d83623951070

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Further improve docs and put `conv` behind a feature gate.
author Paul Fisher <paul@pfish.zone>
date Wed, 21 May 2025 23:10:09 -0400
parents 5eecd797fc69
children a7aa5ca0d00d
files Cargo.toml README.md src/conv.rs src/items.rs src/lib.rs
diffstat 5 files changed, 30 insertions(+), 19 deletions(-) [+]
line wrap: on
line diff
--- a/Cargo.toml	Wed May 21 19:01:17 2025 -0400
+++ b/Cargo.toml	Wed May 21 23:10:09 2025 -0400
@@ -9,6 +9,9 @@
 license = "MIT"
 edition = "2021"
 
+[features]
+experimental = []
+
 [dependencies]
 bitflags = "2.9.0"
 libc = "0.2.97"
--- a/README.md	Wed May 21 19:01:17 2025 -0400
+++ b/README.md	Wed May 21 23:10:09 2025 -0400
@@ -1,20 +1,22 @@
 # 🍳 nonstick
 
-Nonstick lets you use PAM (Pluggable Authentication Modules) from Rust without having to deal with icky unsafe code.
+Nonstick lets you use PAM (Pluggable Authentication Modules) from Rust without getting stuck in unsafe code.
 
 ## Status
 
-It is currently very incomplete.
+This is currently very incomplete.
 It only provides functionality for developing your own PAM authentication module (i.e., a backend that PAM calls to authenticate a user or do something similar).
-If you’re looking for a library to implement a PAM client (i.e., something that authenticates using PAM), consider the [`pam` crate](https://crates.io/crates/pam).
+A very immature implementation of the PAM Conversation structure is gated behind the `experimental` feature.
 At the moment, [Linux-PAM](https://github.com/linux-pam/linux-pam) is the only supported PAM implementation.
 
-An earlier version of this suggested that I would try not to break APIs.
-This was optimistic on my part; it is likely APIs will break before v0.1.0, after which I _will_ try to break things _less_.
+*If you’re looking for a library to implement a PAM client* (i.e., something that authenticates using PAM), consider the [`pam` crate](https://crates.io/crates/pam).
+
+APIs are likely to break before v0.1.0, and thereafter should stabilize to an eventual 1.0 release.
 
 Goals include:
 
 - Bindings for PAM clients.
+- A robust and mature implementation of Conversation.
 - Support for non–Linux-PAM implementations.
 
 ## Credits
--- a/src/conv.rs	Wed May 21 19:01:17 2025 -0400
+++ b/src/conv.rs	Wed May 21 23:10:09 2025 -0400
@@ -1,4 +1,7 @@
 //! The [Conversation] struct, for interacting with the user.
+//!
+//! This module is experimental and will probably be rewritten in the future
+//! to improve the interface for both PAM modules and clients.
 
 use libc::{c_char, c_int};
 use std::ffi::{CStr, CString};
--- a/src/items.rs	Wed May 21 19:01:17 2025 -0400
+++ b/src/items.rs	Wed May 21 23:10:09 2025 -0400
@@ -21,7 +21,7 @@
     Tty = 3,
     /// The remote host (if applicable).
     RemoteHost = 4,
-    /// The [crate::Conversation] structure.
+    /// The conversation struct (not a CStr-based item).
     Conversation = 5,
     /// The authentication token (password).
     AuthTok = 6,
@@ -54,29 +54,32 @@
     }
 }
 
-/// A type that can be requested by [crate::PamHandle::get_item].
+/// A type that can be requested by [`PamHandle::get_item`](crate::PamHandle::get_item).
 pub trait Item {
     /// The `repr(C)` type that is returned (by pointer) by the underlying `pam_get_item` function.
+    /// This memory is owned by the PAM session.
     type Raw;
 
-    /// The `ItemType` for this type
+    /// The [ItemType] corresponding to this Rust type.
     fn type_id() -> ItemType;
 
     /// The function to convert from the pointer to the C-representation to this safer wrapper type.
     ///
     /// # Safety
     ///
-    /// This function assumes the pointer is a valid pointer to a `Self::Raw` instance.
+    /// This function assumes the pointer is a valid pointer to a [Self::Raw] instance.
     unsafe fn from_raw(raw: *const Self::Raw) -> Self;
 
     /// The function to convert from this wrapper type to a C-compatible pointer.
     fn into_raw(self) -> *const Self::Raw;
 }
 
+/// Macro to generate PAM [Item]s represented as [CStr]s.
 macro_rules! cstr_item {
     ($name:ident) => {
-        #[doc = concat!("The [ItemType::", stringify!($name), "]")]
-        #[doc = " item, represented as a [CStr]."]
+        #[doc = "The [CStr] representation of the "]
+        #[doc = concat!("[`", stringify!($name), "`](ItemType::", stringify!($name), ")")]
+        #[doc = " [Item]."]
         #[derive(Debug)]
         pub struct $name<'s>(pub &'s CStr);
 
--- a/src/lib.rs	Wed May 21 19:01:17 2025 -0400
+++ b/src/lib.rs	Wed May 21 23:10:09 2025 -0400
@@ -1,21 +1,21 @@
 //! A safe, nonstick interface to PAM.
 //!
 //! This implements a type-safe library to interact with PAM.
-//! Currently, it implements the subset of PAM useful for implementing a module.
+//! Currently, it implements a subset of PAM useful for implementing a module.
 //!
 //! To write a new PAM module using this crate:
 //!
 //!  1. Create a `dylib` crate.
-//!  2. Implement a subset of the functions in the [PamModule] trait
+//!  2. Implement a subset of the functions in the [`PamModule`] trait
 //!     corresponding to what you want your module to do.
-//!     In the simplest case (for a password-authentication system),
-//!     this will be the [PamModule::sm_authenticate] function.
-//!  3. Export your PAM module using the [pam_hooks!] macro.
+//!     In the simplest case (for a new password-based authenticator),
+//!     this will be the [`sm_authenticate`](PamModule::sm_authenticate) function.
+//!  3. Export your PAM module using the [`pam_hooks!`] macro.
 //!  4. Build and install the dynamic library.
 //!     This usually entails placing it at
-//!     `/usr/lib/security/pam_your_module.so`,
+//!     <code>/usr/lib/security/pam_<var>your_module</var>.so</code>,
 //!     or maybe
-//!     <code>/usr/lib/<var>your-architecture</var>/security/pam_your_module.so</code>.
+//!     <code>/usr/lib/<var>your-architecture</var>/security/pam_<var>your_module</var>.so</code>.
 //!
 //! For general information on writing PAM modules, see
 //! [The Linux-PAM Module Writers' Guide][module-guide]
@@ -23,6 +23,7 @@
 //! [module-guide]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/Linux-PAM_MWG.html
 
 pub mod constants;
+#[cfg(feature = "experimental")]
 pub mod conv;
 pub mod items;
 pub mod module;
@@ -33,6 +34,5 @@
 #[doc(inline)]
 pub use crate::{
     constants::{ErrorCode, Flags, MessageStyle, Result},
-    conv::Conversation,
     module::{PamHandle, PamModule},
 };