refactor(native-pairing): extract shared on-demand arming state

Groundwork for web-UI-driven native (punktfunk/1) pairing. Replaces m3's fixed
startup PIN + local paired store with a shared `NativePairing` (new module):
arm-on-demand with a fresh, time-limited PIN (`arm(ttl)`), `current_pin()` read
per ceremony so a lapsed window stops pairing, plus the trust store (list/add/
remove/is_paired) and a `status()` snapshot. The management API (next commit) and
the QUIC accept loop share one handle. CLI `--allow-pairing`/`--require-pairing`
still arm at startup (no expiry, PIN logged) — back-compat. m3 pairing ceremony +
gate and the C-ABI roundtrip stay green; new unit tests for arm/expire/pair.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

This commit is contained in:

Enrico Bühler

2026-06-11 09:40:33 +00:00

parent fa553b1e2a

commit 5ca860533e

3 changed files with 295 additions and 93 deletions

									
										crates/punktfunk-host/src/main.rs
									
		+1
		
												View File
												
				@@ -21,6 +21,7 @@ mod inject;

				mod m0;

				mod m3;

				mod mgmt;

				mod native_pairing;

				mod pipeline;

				mod pwinit;

				mod vdisplay;