diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2013-03-08 16:42:03 +0100 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-03-08 16:51:15 +0100 |
| commit | 3e2d86693f6e8920c97fe296491e7741e31f922c (patch) | |
| tree | 1c755422fd27c7f192243e8eb7f7811193efa1f6 /server/handler.lua | |
| parent | e0cabd6295204fe8a6b54edfc9141302943fdbfb (diff) | |
| download | privsep-master.tar.bz2 privsep-master.tar.xz | |
This allows you load various modules into a server lua state and give
a performance boost when calling the privileged functions
Diffstat (limited to 'server/handler.lua')
| -rw-r--r-- | server/handler.lua | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/server/handler.lua b/server/handler.lua new file mode 100644 index 0000000..41a02fb --- /dev/null +++ b/server/handler.lua @@ -0,0 +1,64 @@ + +--print("DEBUG: got message:", msg) + +--ipcmsg = require("json") +ipcmsg = require("cmsgpack") +ipcmsg.encode = ipcmsg.pack +ipcmsg.decode = ipcmsg.unpack + +ml = require("ml") + +modules_path = "../modules/" + +mods = {} + +local function ret_error(errmsg) + io.stderr:write("ERROR: "..tostring(errmsg).."\n") + return ipcmsg.encode{ status = false, errmsg = errmsg} +end + +local function ret_success(...) + return ipcmsg.encode{ status = true, errmsg = "success", + result = {...} } +end + +reqhandler = {} +function reqhandler.load(req) + -- make sure we dont have any path elements in modname so we cannot pass + -- modnames like '../myevilmod' + local file = modules_path..string.gsub(req.modname, ".*/", "")..".lua" + mods[req.modidx] = dofile(file) + if mods[req.modidx] == nil then + return ret_error(file) + end + return true +end + +function reqhandler.call(req) + if req.modidx == nil or req.func == nil then + return ret_error("failed to call function "..tostring(req.func)) + end + local m = mods[req.modidx] + -- check that the func we want exists + if type(m[req.func]) ~= "function" then + ret_error(func..": not a function in '".. mfile .."'") + end + + -- TODO: check permissions here +-- print("DEBUG: Calling mods["..req.modidx.."]."..req.func) + + -- execute the func and pack the return values into a table + return m[req.func](unpack(req.args)) +end + +function handler(msg) + local req = ipcmsg.decode(msg) +-- print("DEBUG: req="..ml.tstring(req)) + if type(req.type) ~= "string" then + return ret_error("request type missing") + end + if type(reqhandler[req.type]) == "function" then + return ret_success(reqhandler[req.type](req)) + end + return ret_error("no handler for request type "..req.type) +end |