From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 2619D81F25 for ; Fri, 26 Nov 2021 14:55:54 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 1D74F19407 for ; Fri, 26 Nov 2021 14:55:54 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id C5DA3191F5 for ; Fri, 26 Nov 2021 14:55:42 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id A037A44C64 for ; Fri, 26 Nov 2021 14:55:42 +0100 (CET) From: Wolfgang Bumiller To: pmg-devel@lists.proxmox.com Date: Fri, 26 Nov 2021 14:55:23 +0100 Message-Id: <20211126135524.117846-20-w.bumiller@proxmox.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20211126135524.117846-1-w.bumiller@proxmox.com> References: <20211126135524.117846-1-w.bumiller@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.433 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [u2f.rs, totp.rs, webauthn.rs, recovery.rs, mod.rs, methods.rs] Subject: [pmg-devel] [PATCH proxmox 5/6] tfa: clippy fixes X-BeenThere: pmg-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Mail Gateway development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Nov 2021 13:55:54 -0000 Signed-off-by: Wolfgang Bumiller --- proxmox-tfa/src/api/methods.rs | 20 ++++++++++---------- proxmox-tfa/src/api/mod.rs | 6 +++--- proxmox-tfa/src/api/recovery.rs | 4 ++-- proxmox-tfa/src/api/serde_tools.rs | 8 ++++---- proxmox-tfa/src/api/webauthn.rs | 6 +++--- proxmox-tfa/src/totp.rs | 14 ++++++++------ proxmox-tfa/src/u2f.rs | 2 +- 7 files changed, 31 insertions(+), 29 deletions(-) diff --git a/proxmox-tfa/src/api/methods.rs b/proxmox-tfa/src/api/methods.rs index b63d56e..08905da 100644 --- a/proxmox-tfa/src/api/methods.rs +++ b/proxmox-tfa/src/api/methods.rs @@ -142,7 +142,7 @@ pub fn get_tfa_entry(config: &TfaConfig, userid: &str, id: &str) -> Option match user_data.recovery() { @@ -155,21 +155,20 @@ pub fn get_tfa_entry(config: &TfaConfig, userid: &str, id: &str) -> Option { TypedTfaInfo { ty: TfaType::Totp, - // `into_iter().nth()` to *move* out of it - info: user_data.totp.iter().nth(index).unwrap().info.clone(), + info: user_data.totp.get(index).unwrap().info.clone(), } } Some((TfaType::Webauthn, index)) => TypedTfaInfo { ty: TfaType::Webauthn, - info: user_data.webauthn.iter().nth(index).unwrap().info.clone(), + info: user_data.webauthn.get(index).unwrap().info.clone(), }, Some((TfaType::U2f, index)) => TypedTfaInfo { ty: TfaType::U2f, - info: user_data.u2f.iter().nth(index).unwrap().info.clone(), + info: user_data.u2f.get(index).unwrap().info.clone(), }, Some((TfaType::Yubico, index)) => TypedTfaInfo { ty: TfaType::Yubico, - info: user_data.yubico.iter().nth(index).unwrap().info.clone(), + info: user_data.yubico.get(index).unwrap().info.clone(), }, None => return None, }, @@ -195,7 +194,7 @@ pub fn delete_tfa(config: &mut TfaConfig, userid: &str, id: &str) -> Result user_data.recovery = None, @@ -308,6 +307,7 @@ fn need_description(description: Option) -> Result { /// Permissions for accessing `userid` must have been verified by the caller. /// /// The caller must have already verified the user's password! +#[allow(clippy::too_many_arguments)] pub fn add_tfa_entry( config: &mut TfaConfig, access: A, @@ -354,7 +354,7 @@ pub fn add_tfa_entry( bail!("generating recovery tokens does not allow additional parameters"); } - let recovery = config.add_recovery(&userid)?; + let recovery = config.add_recovery(userid)?; Ok(TfaUpdateInfo { id: Some("recovery".to_string()), @@ -451,7 +451,7 @@ fn add_webauthn( None => config .webauthn_registration_challenge( access, - &userid, + userid, need_description(description)?, origin, ) @@ -464,7 +464,7 @@ fn add_webauthn( format_err!("missing 'value' parameter (webauthn challenge response missing)") })?; config - .webauthn_registration_finish(access, &userid, &challenge, &value, origin) + .webauthn_registration_finish(access, userid, &challenge, &value, origin) .map(TfaUpdateInfo::id) } } diff --git a/proxmox-tfa/src/api/mod.rs b/proxmox-tfa/src/api/mod.rs index b591a23..1f9fb2c 100644 --- a/proxmox-tfa/src/api/mod.rs +++ b/proxmox-tfa/src/api/mod.rs @@ -247,13 +247,13 @@ impl TfaConfig { TfaResponse::U2f(value) => match &challenge.u2f { Some(challenge) => { let u2f = check_u2f(&self.u2f)?; - user.verify_u2f(access.clone(), userid, u2f, &challenge.challenge, value) + user.verify_u2f(access, userid, u2f, &challenge.challenge, value) } None => bail!("no u2f factor available for user '{}'", userid), }, TfaResponse::Webauthn(value) => { let webauthn = check_webauthn(&self.webauthn, origin)?; - user.verify_webauthn(access.clone(), userid, webauthn, value) + user.verify_webauthn(access, userid, webauthn, value) } TfaResponse::Recovery(value) => { user.verify_recovery(&value)?; @@ -587,7 +587,7 @@ impl TfaUserData { None => None, }, u2f: match u2f { - Some(u2f) => self.u2f_challenge(access.clone(), userid, u2f)?, + Some(u2f) => self.u2f_challenge(access, userid, u2f)?, None => None, }, yubico: self.yubico.iter().any(|e| e.info.enable), diff --git a/proxmox-tfa/src/api/recovery.rs b/proxmox-tfa/src/api/recovery.rs index 9af2873..92c0e9d 100644 --- a/proxmox-tfa/src/api/recovery.rs +++ b/proxmox-tfa/src/api/recovery.rs @@ -12,7 +12,7 @@ fn getrandom(mut buffer: &mut [u8]) -> Result<(), io::Error> { libc::getrandom( buffer.as_mut_ptr() as *mut libc::c_void, buffer.len() as libc::size_t, - 0 as libc::c_uint, + 0, ) }; @@ -49,7 +49,7 @@ impl Recovery { getrandom(&mut secret)?; let mut this = Self { - secret: hex::encode(&secret).to_string(), + secret: hex::encode(&secret), entries: Vec::with_capacity(10), created: proxmox_time::epoch_i64(), }; diff --git a/proxmox-tfa/src/api/serde_tools.rs b/proxmox-tfa/src/api/serde_tools.rs index 1f307a2..b9f73d7 100644 --- a/proxmox-tfa/src/api/serde_tools.rs +++ b/proxmox-tfa/src/api/serde_tools.rs @@ -11,7 +11,7 @@ use serde::Deserialize; pub struct FoldSeqVisitor where Init: FnOnce(Option) -> Out, - F: Fn(&mut Out, T) -> (), + F: Fn(&mut Out, T), { init: Option, closure: F, @@ -22,7 +22,7 @@ where impl FoldSeqVisitor where Init: FnOnce(Option) -> Out, - F: Fn(&mut Out, T) -> (), + F: Fn(&mut Out, T), { pub fn new(expecting: &'static str, init: Init, closure: F) -> Self { Self { @@ -37,7 +37,7 @@ where impl<'de, T, Out, F, Init> serde::de::Visitor<'de> for FoldSeqVisitor where Init: FnOnce(Option) -> Out, - F: Fn(&mut Out, T) -> (), + F: Fn(&mut Out, T), T: Deserialize<'de>, { type Value = Out; @@ -104,7 +104,7 @@ pub fn fold<'de, T, Out, Init, Fold>( ) -> FoldSeqVisitor where Init: FnOnce(Option) -> Out, - Fold: Fn(&mut Out, T) -> (), + Fold: Fn(&mut Out, T), T: Deserialize<'de>, { FoldSeqVisitor::new(expected, init, fold) diff --git a/proxmox-tfa/src/api/webauthn.rs b/proxmox-tfa/src/api/webauthn.rs index aed2885..4e90007 100644 --- a/proxmox-tfa/src/api/webauthn.rs +++ b/proxmox-tfa/src/api/webauthn.rs @@ -41,9 +41,9 @@ impl std::ops::DerefMut for OriginUrl { } } -impl Into for OriginUrl { - fn into(self) -> String { - self.0.into() +impl From for String { + fn from(url: OriginUrl) -> String { + url.0.into() } } diff --git a/proxmox-tfa/src/totp.rs b/proxmox-tfa/src/totp.rs index d2e009b..1e342c4 100644 --- a/proxmox-tfa/src/totp.rs +++ b/proxmox-tfa/src/totp.rs @@ -20,9 +20,9 @@ pub enum Algorithm { Sha512, } -impl Into for Algorithm { - fn into(self) -> MessageDigest { - match self { +impl From for MessageDigest { + fn from(algo: Algorithm) -> MessageDigest { + match algo { Algorithm::Sha1 => MessageDigest::sha1(), Algorithm::Sha256 => MessageDigest::sha256(), Algorithm::Sha512 => MessageDigest::sha512(), @@ -343,7 +343,7 @@ impl std::str::FromStr for Totp { // FIXME: Also split on "%3A" / "%3a" let mut account = account.splitn(2, |&b| b == b':'); let first_part = percent_decode( - &account + account .next() .ok_or_else(|| anyhow!("missing account in otpauth uri"))?, ) @@ -364,13 +364,13 @@ impl std::str::FromStr for Totp { for parts in uri.split(|&b| b == b'&') { let mut parts = parts.splitn(2, |&b| b == b'='); let key = percent_decode( - &parts + parts .next() .ok_or_else(|| anyhow!("bad key in otpauth uri"))?, ) .decode_utf8()?; let value = percent_decode( - &parts + parts .next() .ok_or_else(|| anyhow!("bad value in otpauth uri"))?, ); @@ -467,6 +467,8 @@ impl PartialEq<&str> for TotpValue { return false; } + // I don't trust that `.parse()` never starts accepting `0x` prefixes so: + #[allow(clippy::from_str_radix_10)] match u32::from_str_radix(*other, 10) { Ok(value) => self.value() == value, Err(_) => false, diff --git a/proxmox-tfa/src/u2f.rs b/proxmox-tfa/src/u2f.rs index 84fea41..9175e14 100644 --- a/proxmox-tfa/src/u2f.rs +++ b/proxmox-tfa/src/u2f.rs @@ -579,7 +579,7 @@ mod bytes_as_base64url_nopad { pub fn serialize(data: &[u8], serializer: S) -> Result { serializer.serialize_str(&base64::encode_config( - data.as_ref(), + data, base64::URL_SAFE_NO_PAD, )) } -- 2.30.2