From 219a4da3039ab9c472f72f07a4cd44d9c8cccebe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Tue, 22 Jul 2025 22:44:08 +0200
Subject: [PATCH 1/5] cargo-credential-libsecret: pull out error, attr_url,
 schema too

---
 credential/cargo-credential-libsecret/src/lib.rs | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/credential/cargo-credential-libsecret/src/lib.rs b/credential/cargo-credential-libsecret/src/lib.rs
index 8eb06d685b2..b69fa2ee36f 100644
--- a/credential/cargo-credential-libsecret/src/lib.rs
+++ b/credential/cargo-credential-libsecret/src/lib.rs
@@ -145,11 +145,11 @@ mod linux {
             }
 
             let index_url_c = CString::new(registry.index_url).unwrap();
+            let mut error: *mut GError = null_mut();
+            let attr_url = CString::new("url").unwrap();
+            let schema = schema();
             match action {
                 cargo_credential::Action::Get(_) => {
-                    let mut error: *mut GError = null_mut();
-                    let attr_url = CString::new("url").unwrap();
-                    let schema = schema();
                     unsafe {
                         let token_c = secret_password_lookup_sync(
                             &schema,
@@ -187,9 +187,6 @@ mod linux {
                 cargo_credential::Action::Login(options) => {
                     let label = label(registry.name.unwrap_or(registry.index_url));
                     let token = CString::new(read_token(options, registry)?.expose()).unwrap();
-                    let mut error: *mut GError = null_mut();
-                    let attr_url = CString::new("url").unwrap();
-                    let schema = schema();
                     unsafe {
                         secret_password_store_sync(
                             &schema,
@@ -215,9 +212,6 @@ mod linux {
                     Ok(CredentialResponse::Login)
                 }
                 cargo_credential::Action::Logout => {
-                    let schema = schema();
-                    let mut error: *mut GError = null_mut();
-                    let attr_url = CString::new("url").unwrap();
                     unsafe {
                         secret_password_clear_sync(
                             &schema,

From 1abdb1d2aa13b5be2f212488a5a8288531f9e907 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Tue, 22 Jul 2025 22:46:22 +0200
Subject: [PATCH 2/5] cargo-credential-libsecret: give FFI correctly-sized
 object

The type is
	typedef struct {
		const gchar *name;
		SecretSchemaFlags flags;
		SecretSchemaAttribute attributes[32];

		/* <private> */
		gint reserved;
		gpointer reserved1;
		gpointer reserved2;
		gpointer reserved3;
		gpointer reserved4;
		gpointer reserved5;
		gpointer reserved6;
		gpointer reserved7;
	} SecretSchema;
so the current object we give it is 8 pointers too short

It's incredibly lucky that libsecret, at this time,
only uses reserved, and not in any of the functions we call
---
 .../cargo-credential-libsecret/src/lib.rs     | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/credential/cargo-credential-libsecret/src/lib.rs b/credential/cargo-credential-libsecret/src/lib.rs
index b69fa2ee36f..d59dbfef53c 100644
--- a/credential/cargo-credential-libsecret/src/lib.rs
+++ b/credential/cargo-credential-libsecret/src/lib.rs
@@ -22,6 +22,12 @@ mod linux {
     #[allow(non_camel_case_types)]
     type gboolean = c_int;
 
+    #[allow(non_camel_case_types)]
+    type gint = c_int;
+
+    #[allow(non_camel_case_types)]
+    type gpointer = *mut ();
+
     type GQuark = u32;
 
     #[repr(C)]
@@ -41,6 +47,14 @@ mod linux {
         name: *const gchar,
         flags: SecretSchemaFlags,
         attributes: [SecretSchemaAttribute; 32],
+        reserved: gint,
+        reserved1: gpointer,
+        reserved2: gpointer,
+        reserved3: gpointer,
+        reserved4: gpointer,
+        reserved5: gpointer,
+        reserved6: gpointer,
+        reserved7: gpointer,
     }
 
     #[repr(C)]
@@ -104,6 +118,14 @@ mod linux {
             name: b"org.rust-lang.cargo.registry\0".as_ptr() as *const gchar,
             flags: SecretSchemaFlags::None,
             attributes,
+            reserved: 0,
+            reserved1: null_mut(),
+            reserved2: null_mut(),
+            reserved3: null_mut(),
+            reserved4: null_mut(),
+            reserved5: null_mut(),
+            reserved6: null_mut(),
+            reserved7: null_mut(),
         }
     }
 

From 67749b1a3018d5089a604a46032d669a6a238874 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Tue, 22 Jul 2025 22:50:40 +0200
Subject: [PATCH 3/5] cargo-credential-libsecret: don't allocate "url" C string

We already don't do this and use this precise idiom elsewhere
---
 credential/cargo-credential-libsecret/src/lib.rs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/credential/cargo-credential-libsecret/src/lib.rs b/credential/cargo-credential-libsecret/src/lib.rs
index d59dbfef53c..e42e0190355 100644
--- a/credential/cargo-credential-libsecret/src/lib.rs
+++ b/credential/cargo-credential-libsecret/src/lib.rs
@@ -168,7 +168,7 @@ mod linux {
 
             let index_url_c = CString::new(registry.index_url).unwrap();
             let mut error: *mut GError = null_mut();
-            let attr_url = CString::new("url").unwrap();
+            let attr_url = b"url\0".as_ptr() as *const gchar;
             let schema = schema();
             match action {
                 cargo_credential::Action::Get(_) => {
@@ -177,7 +177,7 @@ mod linux {
                             &schema,
                             null_mut(),
                             &mut error,
-                            attr_url.as_ptr(),
+                            attr_url,
                             index_url_c.as_ptr(),
                             null() as *const gchar,
                         );
@@ -217,7 +217,7 @@ mod linux {
                             token.as_ptr(),
                             null_mut(),
                             &mut error,
-                            attr_url.as_ptr(),
+                            attr_url,
                             index_url_c.as_ptr(),
                             null() as *const gchar,
                         );
@@ -239,7 +239,7 @@ mod linux {
                             &schema,
                             null_mut(),
                             &mut error,
-                            attr_url.as_ptr(),
+                            attr_url,
                             index_url_c.as_ptr(),
                             null() as *const gchar,
                         );

From 688d59002e678ce5e813ab78c0d8cd6c388d418a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Tue, 22 Jul 2025 23:02:46 +0200
Subject: [PATCH 4/5] rustfmt mess

---
 .../cargo-credential-libsecret/src/lib.rs     | 64 +++++++++----------
 1 file changed, 31 insertions(+), 33 deletions(-)

diff --git a/credential/cargo-credential-libsecret/src/lib.rs b/credential/cargo-credential-libsecret/src/lib.rs
index e42e0190355..31afb95adc3 100644
--- a/credential/cargo-credential-libsecret/src/lib.rs
+++ b/credential/cargo-credential-libsecret/src/lib.rs
@@ -171,41 +171,39 @@ mod linux {
             let attr_url = b"url\0".as_ptr() as *const gchar;
             let schema = schema();
             match action {
-                cargo_credential::Action::Get(_) => {
-                    unsafe {
-                        let token_c = secret_password_lookup_sync(
-                            &schema,
-                            null_mut(),
-                            &mut error,
-                            attr_url,
-                            index_url_c.as_ptr(),
-                            null() as *const gchar,
-                        );
-                        if !error.is_null() {
-                            return Err(format!(
-                                "failed to get token: {}",
-                                CStr::from_ptr((*error).message)
-                                    .to_str()
-                                    .unwrap_or_default()
-                            )
-                            .into());
-                        }
-                        if token_c.is_null() {
-                            return Err(Error::NotFound);
-                        }
-                        let token = Secret::from(
-                            CStr::from_ptr(token_c)
+                cargo_credential::Action::Get(_) => unsafe {
+                    let token_c = secret_password_lookup_sync(
+                        &schema,
+                        null_mut(),
+                        &mut error,
+                        attr_url,
+                        index_url_c.as_ptr(),
+                        null() as *const gchar,
+                    );
+                    if !error.is_null() {
+                        return Err(format!(
+                            "failed to get token: {}",
+                            CStr::from_ptr((*error).message)
                                 .to_str()
-                                .map_err(|e| format!("expected utf8 token: {}", e))?
-                                .to_string(),
-                        );
-                        Ok(CredentialResponse::Get {
-                            token,
-                            cache: CacheControl::Session,
-                            operation_independent: true,
-                        })
+                                .unwrap_or_default()
+                        )
+                        .into());
                     }
-                }
+                    if token_c.is_null() {
+                        return Err(Error::NotFound);
+                    }
+                    let token = Secret::from(
+                        CStr::from_ptr(token_c)
+                            .to_str()
+                            .map_err(|e| format!("expected utf8 token: {}", e))?
+                            .to_string(),
+                    );
+                    Ok(CredentialResponse::Get {
+                        token,
+                        cache: CacheControl::Session,
+                        operation_independent: true,
+                    })
+                },
                 cargo_credential::Action::Login(options) => {
                     let label = label(registry.name.unwrap_or(registry.index_url));
                     let token = CString::new(read_token(options, registry)?.expose()).unwrap();

From ed85b79f8b532882e8d49709859f32796547ddde Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Wed, 23 Jul 2025 01:05:56 +0200
Subject: [PATCH 5/5] cargo-credential-libsecret: c""-style literals

---
 credential/cargo-credential-libsecret/src/lib.rs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/credential/cargo-credential-libsecret/src/lib.rs b/credential/cargo-credential-libsecret/src/lib.rs
index 31afb95adc3..431cd987ff8 100644
--- a/credential/cargo-credential-libsecret/src/lib.rs
+++ b/credential/cargo-credential-libsecret/src/lib.rs
@@ -111,11 +111,11 @@ mod linux {
             attr_type: SecretSchemaAttributeType::String,
         }; 32];
         attributes[0] = SecretSchemaAttribute {
-            name: b"url\0".as_ptr() as *const gchar,
+            name: c"url".as_ptr() as *const gchar,
             attr_type: SecretSchemaAttributeType::String,
         };
         SecretSchema {
-            name: b"org.rust-lang.cargo.registry\0".as_ptr() as *const gchar,
+            name: c"org.rust-lang.cargo.registry".as_ptr() as *const gchar,
             flags: SecretSchemaFlags::None,
             attributes,
             reserved: 0,
@@ -168,7 +168,7 @@ mod linux {
 
             let index_url_c = CString::new(registry.index_url).unwrap();
             let mut error: *mut GError = null_mut();
-            let attr_url = b"url\0".as_ptr() as *const gchar;
+            let attr_url = c"url".as_ptr() as *const gchar;
             let schema = schema();
             match action {
                 cargo_credential::Action::Get(_) => unsafe {
@@ -210,7 +210,7 @@ mod linux {
                     unsafe {
                         secret_password_store_sync(
                             &schema,
-                            b"default\0".as_ptr() as *const gchar,
+                            c"default".as_ptr() as *const gchar,
                             label.as_ptr(),
                             token.as_ptr(),
                             null_mut(),