From d4774619df3088e751c3100807e198d75a832ebd Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Thu, 11 Jul 2019 17:53:22 +0000 Subject: Mutability fixes --- nitrocli/src/commands.rs | 72 +++++++++++++++++++++++++----------------------- 1 file changed, 38 insertions(+), 34 deletions(-) (limited to 'nitrocli/src') diff --git a/nitrocli/src/commands.rs b/nitrocli/src/commands.rs index ffe4496..869e667 100644 --- a/nitrocli/src/commands.rs +++ b/nitrocli/src/commands.rs @@ -95,7 +95,7 @@ where /// Open the password safe on the given device. fn get_password_safe<'dev, D>( ctx: &mut args::ExecCtx<'_>, - device: &'dev D, + device: &'dev mut D, ) -> Result> where D: Device, @@ -111,7 +111,7 @@ where ) } -fn with_password_safe(ctx: &mut args::ExecCtx<'_>, device: &D, op: F) -> Result<()> +fn with_password_safe(ctx: &mut args::ExecCtx<'_>, device: &mut D, op: F) -> Result<()> where D: Device, F: FnOnce(&mut args::ExecCtx<'_>, nitrokey::PasswordSafe<'_>) -> Result<()>, @@ -199,10 +199,10 @@ fn try_with_pin_and_data_with_pinentry( pin_entry: &pinentry::PinEntry, msg: &'static str, data: D, - op: F, + mut op: F, ) -> Result where - F: Fn(D, &str) -> result::Result, + F: FnMut(D, &str) -> result::Result, { let mut data = data; let mut retry = 3; @@ -235,10 +235,10 @@ fn try_with_pin_and_data( pin_entry: &pinentry::PinEntry, msg: &'static str, data: D, - op: F, + mut op: F, ) -> Result where - F: Fn(D, &str) -> result::Result, + F: FnMut(D, &str) -> result::Result, { let pin = match pin_entry.pin_type() { pinentry::PinType::Admin => &ctx.admin_pin, @@ -266,10 +266,10 @@ fn try_with_pin( ctx: &mut args::ExecCtx<'_>, pin_entry: &pinentry::PinEntry, msg: &'static str, - op: F, + mut op: F, ) -> Result<()> where - F: Fn(&str) -> result::Result<(), nitrokey::Error>, + F: FnMut(&str) -> result::Result<(), nitrokey::Error>, { try_with_pin_and_data(ctx, pin_entry, msg, (), |data, pin| { op(pin).map_err(|err| (data, err)) @@ -358,7 +358,7 @@ pub fn status(ctx: &mut args::ExecCtx<'_>) -> Result<()> { /// Perform a factory reset. pub fn reset(ctx: &mut args::ExecCtx<'_>) -> Result<()> { - with_device(ctx, |ctx, device| { + with_device(ctx, |ctx, mut device| { let pin_entry = pinentry::PinEntry::from(pinentry::PinType::Admin, &device)?; // To force the user to enter the admin PIN before performing a @@ -385,7 +385,7 @@ pub fn unencrypted_set( ctx: &mut args::ExecCtx<'_>, mode: args::UnencryptedVolumeMode, ) -> Result<()> { - with_storage_device(ctx, |ctx, device| { + with_storage_device(ctx, |ctx, mut device| { let pin_entry = pinentry::PinEntry::from(pinentry::PinType::Admin, &device)?; let mode = match mode { args::UnencryptedVolumeMode::ReadWrite => nitrokey::VolumeMode::ReadWrite, @@ -407,7 +407,7 @@ pub fn unencrypted_set( /// Open the encrypted volume on the Nitrokey. pub fn encrypted_open(ctx: &mut args::ExecCtx<'_>) -> Result<()> { - with_storage_device(ctx, |ctx, device| { + with_storage_device(ctx, |ctx, mut device| { let pin_entry = pinentry::PinEntry::from(pinentry::PinType::User, &device)?; // We may forcefully close a hidden volume, if active, so be sure to @@ -422,7 +422,7 @@ pub fn encrypted_open(ctx: &mut args::ExecCtx<'_>) -> Result<()> { /// Close the previously opened encrypted volume. pub fn encrypted_close(ctx: &mut args::ExecCtx<'_>) -> Result<()> { - with_storage_device(ctx, |_ctx, device| { + with_storage_device(ctx, |_ctx, mut device| { // Flush all filesystem caches to disk. We are mostly interested in // making sure that the encrypted volume on the Nitrokey we are // about to close is not closed while not all data was written to @@ -437,7 +437,7 @@ pub fn encrypted_close(ctx: &mut args::ExecCtx<'_>) -> Result<()> { /// Create a hidden volume. pub fn hidden_create(ctx: &mut args::ExecCtx<'_>, slot: u8, start: u8, end: u8) -> Result<()> { - with_storage_device(ctx, |ctx, device| { + with_storage_device(ctx, |ctx, mut device| { let pwd_entry = pinentry::PwdEntry::from(&device)?; let pwd = if let Some(pwd) = &ctx.password { pwd @@ -456,7 +456,7 @@ pub fn hidden_create(ctx: &mut args::ExecCtx<'_>, slot: u8, start: u8, end: u8) /// Open a hidden volume. pub fn hidden_open(ctx: &mut args::ExecCtx<'_>) -> Result<()> { - with_storage_device(ctx, |ctx, device| { + with_storage_device(ctx, |ctx, mut device| { let pwd_entry = pinentry::PwdEntry::from(&device)?; let pwd = if let Some(pwd) = &ctx.password { pwd @@ -479,7 +479,7 @@ pub fn hidden_open(ctx: &mut args::ExecCtx<'_>) -> Result<()> { /// Close a previously opened hidden volume. pub fn hidden_close(ctx: &mut args::ExecCtx<'_>) -> Result<()> { - with_storage_device(ctx, |_ctx, device| { + with_storage_device(ctx, |_ctx, mut device| { unsafe { sync() }; device @@ -527,7 +527,7 @@ pub fn config_set( user_password: Option, ) -> Result<()> { with_device(ctx, |ctx, device| { - let device = authenticate_admin(ctx, device)?; + let mut device = authenticate_admin(ctx, device)?; let config = device .get_config() .map_err(|err| get_error("Could not get configuration", err))?; @@ -545,14 +545,18 @@ pub fn config_set( /// Lock the Nitrokey device. pub fn lock(ctx: &mut args::ExecCtx<'_>) -> Result<()> { - with_device(ctx, |_ctx, device| { + with_device(ctx, |_ctx, mut device| { device .lock() .map_err(|err| get_error("Could not lock the device", err)) }) } -fn get_otp(slot: u8, algorithm: args::OtpAlgorithm, device: &T) -> Result { +fn get_otp( + slot: u8, + algorithm: args::OtpAlgorithm, + device: &mut T, +) -> Result { match algorithm { args::OtpAlgorithm::Hotp => device.get_hotp_code(slot), args::OtpAlgorithm::Totp => device.get_totp_code(slot), @@ -574,7 +578,7 @@ pub fn otp_get( algorithm: args::OtpAlgorithm, time: Option, ) -> Result<()> { - with_device(ctx, |ctx, device| { + with_device(ctx, |ctx, mut device| { if algorithm == args::OtpAlgorithm::Totp { device .set_time( @@ -590,10 +594,10 @@ pub fn otp_get( .get_config() .map_err(|err| get_error("Could not get device configuration", err))?; let otp = if config.user_password { - let user = authenticate_user(ctx, device)?; - get_otp(slot, algorithm, &user) + let mut user = authenticate_user(ctx, device)?; + get_otp(slot, algorithm, &mut user) } else { - get_otp(slot, algorithm, &device) + get_otp(slot, algorithm, &mut device) }?; println!(ctx, "{}", otp)?; Ok(()) @@ -647,7 +651,7 @@ pub fn otp_set( args::OtpSecretFormat::Hex => data.secret, }; let data = nitrokey::OtpSlotData { secret, ..data }; - let device = authenticate_admin(ctx, device)?; + let mut device = authenticate_admin(ctx, device)?; match algorithm { args::OtpAlgorithm::Hotp => device.write_hotp_slot(data, counter), args::OtpAlgorithm::Totp => device.write_totp_slot(data, time_window), @@ -664,7 +668,7 @@ pub fn otp_clear( algorithm: args::OtpAlgorithm, ) -> Result<()> { with_device(ctx, |ctx, device| { - let device = authenticate_admin(ctx, device)?; + let mut device = authenticate_admin(ctx, device)?; match algorithm { args::OtpAlgorithm::Hotp => device.erase_hotp_slot(slot), args::OtpAlgorithm::Totp => device.erase_totp_slot(slot), @@ -768,7 +772,7 @@ fn choose_pin( /// Change a PIN. pub fn pin_set(ctx: &mut args::ExecCtx<'_>, pin_type: pinentry::PinType) -> Result<()> { - with_device(ctx, |ctx, device| { + with_device(ctx, |ctx, mut device| { let pin_entry = pinentry::PinEntry::from(pin_type, &device)?; let new_pin = choose_pin(ctx, &pin_entry, true)?; @@ -791,7 +795,7 @@ pub fn pin_set(ctx: &mut args::ExecCtx<'_>, pin_type: pinentry::PinType) -> Resu /// Unblock and reset the user PIN. pub fn pin_unblock(ctx: &mut args::ExecCtx<'_>) -> Result<()> { - with_device(ctx, |ctx, device| { + with_device(ctx, |ctx, mut device| { let pin_entry = pinentry::PinEntry::from(pinentry::PinType::User, &device)?; let user_pin = choose_pin(ctx, &pin_entry, false)?; let pin_entry = pinentry::PinEntry::from(pinentry::PinType::Admin, &device)?; @@ -846,8 +850,8 @@ pub fn pws_get( show_password: bool, quiet: bool, ) -> Result<()> { - with_device(ctx, |ctx, device| { - with_password_safe(ctx, &device, |ctx, pws| { + with_device(ctx, |ctx, mut device| { + with_password_safe(ctx, &mut device, |ctx, pws| { check_slot(&pws, slot)?; let show_all = !show_name && !show_login && !show_password; @@ -873,8 +877,8 @@ pub fn pws_set( login: &str, password: &str, ) -> Result<()> { - with_device(ctx, |ctx, device| { - with_password_safe(ctx, &device, |_ctx, pws| { + with_device(ctx, |ctx, mut device| { + with_password_safe(ctx, &mut device, |_ctx, mut pws| { pws .write_slot(slot, name, login, password) .map_err(|err| get_error("Could not write PWS slot", err)) @@ -884,8 +888,8 @@ pub fn pws_set( /// Clear a PWS slot. pub fn pws_clear(ctx: &mut args::ExecCtx<'_>, slot: u8) -> Result<()> { - with_device(ctx, |ctx, device| { - with_password_safe(ctx, &device, |_ctx, pws| { + with_device(ctx, |ctx, mut device| { + with_password_safe(ctx, &mut device, |_ctx, mut pws| { pws .erase_slot(slot) .map_err(|err| get_error("Could not clear PWS slot", err)) @@ -916,8 +920,8 @@ fn print_pws_slot( /// Print the status of all PWS slots. pub fn pws_status(ctx: &mut args::ExecCtx<'_>, all: bool) -> Result<()> { - with_device(ctx, |ctx, device| { - with_password_safe(ctx, &device, |ctx, pws| { + with_device(ctx, |ctx, mut device| { + with_password_safe(ctx, &mut device, |ctx, pws| { let slots = pws .get_slot_status() .map_err(|err| get_error("Could not read PWS slot status", err))?; -- cgit v1.2.1