diff options
Diffstat (limited to '')
| -rw-r--r-- | src/auth.rs | 51 |
1 files changed, 40 insertions, 11 deletions
diff --git a/src/auth.rs b/src/auth.rs index 82a09cb..99a8216 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -1,8 +1,7 @@ -use nix::unistd::{User, Group, Uid, Gid}; -use crate::{persist, secure}; +use nix::unistd::{User, Group, Uid, Gid, self}; +use crate::persist; -#[derive(Debug)] pub struct Config { pub permit: bool, pub persist: bool, @@ -55,20 +54,31 @@ pub fn load_config_file(path: &str) -> Option<Vec<Config>> { } }; - let (user_name, privlaged_name, as_index) = match args.iter().position(|&a| a == "as") { + let (user_name, privlaged_name, name_index) = match args.iter().position(|&a| a == "as") { Some(index) => { if index != len - 2 { config_error(line_num, "Target user not specified or to many arguments after `as`"); continue; } - (args[index-1].to_string(), args[index+1].to_string(), index) + (args[index-1].to_string(), args[index+1].to_string(), index-1) }, None => (args[len-1].to_string(), "root".to_string(), len-1) }; - let persist = args[1..as_index].contains(&"persist"); + let persist = args[1..name_index].contains(&"persist"); - let nopass = args[1..as_index].contains(&"nopass"); + let nopass = args[1..name_index].contains(&"nopass"); + + + for &check in args[1..name_index].iter() { + match check { + "persist" => continue, + "nopass" => continue, + _ => { + config_error(line_num, &format!("Unexpected token `{}`", check)) + } + } + } let (user_uid, user_gid) = @@ -111,11 +121,18 @@ pub fn load_config_file(path: &str) -> Option<Vec<Config>> { } +/// Print a crab config error to the standard output fn config_error(line_num: usize, message: &str) { eprintln!("Error in config at line {}: {}", line_num, message); } +/// Returns a Uid from a Users name +/// #### Arguments +/// * `name` - The name of the user +/// #### Returns +/// * `None` - If the user doesn't exist +/// * `Some(Gid)` - If the user exists fn get_uid_from_name(name: &str) -> Option<Uid> { return match User::from_name(name) { Ok(result) => match result { @@ -127,6 +144,12 @@ fn get_uid_from_name(name: &str) -> Option<Uid> { } +/// Returns a Uesrs name from a Uid +/// #### Arguments +/// * `uid` - The uid of the user +/// #### Returns +/// * `None` - If the user doesn't exist +/// * `Some(Gid)` - If the user exists fn get_name_from_uid(uid: Uid) -> Option<String> { return match User::from_uid(uid) { Ok(result) => match result { @@ -138,6 +161,12 @@ fn get_name_from_uid(uid: Uid) -> Option<String> { } +/// Returns a Gid from a Groups name +/// #### Arguments +/// * `name` - The name of the group +/// #### Returns +/// * `None` - If the group doesn't exist +/// * `Some(Gid)` - If the group exists fn get_gid_from_name(name: &str) -> Option<Gid> { return match Group::from_name(name) { Ok(result) => match result { @@ -155,7 +184,7 @@ fn get_gid_from_name(name: &str) -> Option<Gid> { /// either the function coudn't retrieve the users groups, or the user is not in /// any groups. fn get_groups() -> Vec<Gid> { - let groups = match nix::unistd::getgroups() { + let groups = match unistd::getgroups() { Ok(data) => data, Err(_) => return vec![] }; @@ -212,7 +241,6 @@ pub fn authenticate(config: &Config, force_pass: bool, uid: Uid) -> bool { None => return false }; if config.nopass || ( !force_pass && config.persist && persist::get_persist(&name) ) { - secure::elevate_privilages(config.privlaged_uid); return true; } let input = match rpassword::prompt_password(format!("crab ({}) password: ", &name)) { @@ -227,9 +255,10 @@ pub fn authenticate(config: &Config, force_pass: bool, uid: Uid) -> bool { if !auth.authenticate().is_ok() || !auth.open_session().is_ok() { return false; } - if config.persist { + if !force_pass && config.persist { persist::set_persist(&name); + } else if force_pass { + persist::remove_persist(&name); } - secure::elevate_privilages(config.privlaged_uid); return true; } |