hint pin input

src/lib.rs

@@ -28,7 +28,7 @@ impl PamFido2Luks {
     fn open(
         &self,
         user: String,
-        mut password: impl FnMut() -> PamResult<String>,
+        mut password: impl FnMut(&str) -> PamResult<String>,
         args: Vec<String>,
     ) -> Fido2LuksResult<()> {
         let args: HashMap<String, String> = args
@@ -100,7 +100,7 @@ impl PamFido2Luks {
             if !credentials.is_empty() {
                 loop {
                     let (pin, pass) = if pin_prefix {
-                        let password = password()
+                        let password = password("PIN + FIDO2 salt (pin:password):")
                             .map_err(|e| Fido2LuksError::AskPassError { cause: e.into() })?;
                         let mut parts = password.split(":");
                         (
@@ -110,7 +110,7 @@ impl PamFido2Luks {
                     } else {
                         (
                             pin.cloned(),
-                            password()
+                            password("FIDO2 salt: ")
                                 .map_err(|e| Fido2LuksError::AskPassError { cause: e.into() })?,
                         )
                     };
@@ -158,13 +158,13 @@ impl PamServiceModule for PamFido2Luks {
             if let Some(user) = user {
                 PamFido2Luks.open(
                     user,
-                    move || match password.take() {
+                    move |q: &str| match password.take() {
                         Some(pass) => Ok(pass),
                         None => pamh
-                            .conv(Some("Fido2 salt: "), PamMsgStyle::PROMPT_ECHO_OFF)
+                            .conv(Some(q), PamMsgStyle::PROMPT_ECHO_OFF)
                             .map(|s| s.map(|s| s.to_str().unwrap()).unwrap_or("").to_string()),
                     },
-                    args
+                    args,
                 )
             } else {
                 Err(AskPassError::Pam(PamError::AUTH_ERR))?