Trait pamsm::PamLibExt

pub trait PamLibExt: Sealed {
    fn get_user(&self, prompt: Option<&str>) -> PamResult<Option<&CStr>>;
    fn get_cached_user(&self) -> PamResult<Option<&CStr>>;
    fn get_cached_authtok(&self) -> PamResult<Option<&CStr>>;
    fn get_cached_oldauthtok(&self) -> PamResult<Option<&CStr>>;
    fn get_authtok(&self, prompt: Option<&str>) -> PamResult<Option<&CStr>>;
    fn set_authtok(&self, authtok: &CString) -> PamResult<()>;
    fn get_rhost(&self) -> PamResult<Option<&CStr>>;
    fn get_ruser(&self) -> PamResult<Option<&CStr>>;
    fn conv(
        &self, 
        prompt: Option<&str>, 
        style: PamMsgStyle
    ) -> PamResult<Option<&CStr>>;
    fn getenv(&self, name: &str) -> PamResult<Option<&CStr>>;
    fn putenv(&self, name_value: &str) -> PamResult<()>;
    unsafe fn send_data<T: PamData + Clone + Send>(
        &self, 
        module_name: &str, 
        data: T
    ) -> PamResult<()>;
    unsafe fn retrieve_data<T: PamData + Clone + Send>(
        &self, 
        module_name: &str
    ) -> PamResult<T>;
    fn send_bytes(
        &self, 
        module_name: &str, 
        data: Vec<u8>, 
        cb: Option<PamCleanupCb>
    ) -> PamResult<()>;
    fn retrieve_bytes(&self, module_name: &str) -> PamResult<Vec<u8>>;
}

Extension trait over Pam, usually provided by the libpam shared library.

Required methods

fn get_user(&self, prompt: Option<&str>) -> PamResult<Option<&CStr>>

Get the username. If the PAM_USER item is not set, this function prompts for a username (like get_authtok). Returns PamError::SERVICE_ERR if the prompt contains any null byte

fn get_cached_user(&self) -> PamResult<Option<&CStr>>

Get the username, i.e. the PAM_USER item. If it’s not set return None.

fn get_cached_authtok(&self) -> PamResult<Option<&CStr>>

Get the cached authentication token.

fn get_cached_oldauthtok(&self) -> PamResult<Option<&CStr>>

Get the cached old authentication token.

fn get_authtok(&self, prompt: Option<&str>) -> PamResult<Option<&CStr>>

Get the cached authentication token or prompt the user for one if there isn’t any. Returns PamError::SERVICE_ERR if the prompt contains any null byte

fn set_authtok(&self, authtok: &CString) -> PamResult<()>

fn get_rhost(&self) -> PamResult<Option<&CStr>>

Get the remote hostname.

fn get_ruser(&self) -> PamResult<Option<&CStr>>

Get the remote username.

fn conv(
    &self,
    prompt: Option<&str>,
    style: PamMsgStyle
) -> PamResult<Option<&CStr>>

Prompt the user for custom input. Returns PamError::SERVICE_ERR if the prompt contains any null byte

fn getenv(&self, name: &str) -> PamResult<Option<&CStr>>

Get a variable from the pam environment list.

fn putenv(&self, name_value: &str) -> PamResult<()>

Put a variable in the pam environment list. name_value takes for form documented in pam_putent(3) :

• NAME=value will set variable NAME to value value
• NAME= will set variable NAME to an empty value
• NAME will unset the variable NAME

unsafe fn send_data<T: PamData + Clone + Send>(
    &self,
    module_name: &str,
    data: T
) -> PamResult<()>

Send data to be stored by the pam library under the name module_name. The data can then be retrieved from a different callback in this module, or even by a different module using retrieve_data<T>.

When this method is called a second time with the same module_name, the method PamData::cleanup is called on the data previously stored. The same happens when the application calls pam_end (3)

If your data can be converted into / from Vec<u8> you should consider using the send_bytes method instead.

Safety

This method should not be used if the send_bytes method is also used with the same module_name.

unsafe fn retrieve_data<T: PamData + Clone + Send>(
    &self,
    module_name: &str
) -> PamResult<T>

Retrieve data previously stored with send_data<T>.

Note that the result is a copy of the data and not a shared reference, which differs from the behavior of the underlying pam_get_data (3) function.

If you want to share the data instead you can wrap it in Arc.

Safety

The type parameter T must be the same as the one used in send_data<T> with the name module_name.

If the data was stored with send_bytes you must use retrieve_bytes instead.

fn send_bytes(
    &self,
    module_name: &str,
    data: Vec<u8>,
    cb: Option<PamCleanupCb>
) -> PamResult<()>

Similar to send_data, but only works with Vec<u8>. The PamData trait doesn’t have to be implemented on the data, a callback can be passed as an argument instead.

fn retrieve_bytes(&self, module_name: &str) -> PamResult<Vec<u8>>

Retrieve bytes previously stored with send_bytes. The result is a clone of the data.

Implementors

impl PamLibExt for Pam

fn get_user(&self, prompt: Option<&str>) -> PamResult<Option<&CStr>>

fn get_cached_user(&self) -> PamResult<Option<&CStr>>

fn get_cached_authtok(&self) -> PamResult<Option<&CStr>>

fn get_cached_oldauthtok(&self) -> PamResult<Option<&CStr>>

fn get_authtok(&self, prompt: Option<&str>) -> PamResult<Option<&CStr>>

fn set_authtok(&self, authtok: &CString) -> PamResult<()>

fn get_rhost(&self) -> PamResult<Option<&CStr>>

fn get_ruser(&self) -> PamResult<Option<&CStr>>

fn conv(
    &self,
    prompt: Option<&str>,
    style: PamMsgStyle
) -> PamResult<Option<&CStr>>

fn getenv(&self, name: &str) -> PamResult<Option<&CStr>>

fn putenv(&self, name_value: &str) -> PamResult<()>

unsafe fn send_data<T: PamData + Clone + Send>(
    &self,
    module_name: &str,
    data: T
) -> PamResult<()>

unsafe fn retrieve_data<T: PamData + Clone + Send>(
    &self,
    module_name: &str
) -> PamResult<T>

fn send_bytes(
    &self,
    module_name: &str,
    data: Vec<u8>,
    cb: Option<PamCleanupCb>
) -> PamResult<()>

fn retrieve_bytes(&self, module_name: &str) -> PamResult<Vec<u8>>