1 files changed, 18 insertions, 19 deletions

diff --git a/privsep.lua b/privsep.lua
index 5e0b915..a07b8ed 100644
--- a/privsep.lua
+++ b/privsep.lua
@@ -1,31 +1,29 @@
 
 lpc = require("lpc")
-ipcmsg = require("json")
+ipcmsg = require("cmsgpack")
+ipcmsg.encode = ipcmsg.pack
+ipcmsg.decode = ipcmsg.unpack
+
+socket = require("socket")
+socket.unix = require("socket.unix")
+
 
-local privsep_exec = "./lua-privsep"
 local modules_path = "./modules"
 
 local privsep = {}
-function privsep.call_privileged(modname, funcname, sessionid, args)
-	local pid, w, r = lpc.run(privsep_exec, modname)
-	w:write(ipcmsg.encode{ funcname, sessionid, args }.."\n")
-	w:close()
 
-	local resp = r:read("*all")
-	local retcode = lpc.wait(pid)
+function privsep.call_privileged(mod, func, sectoken, args)
+	local c = assert(socket.unix())
+	assert(c:connect("/var/run/privsep/root.sock"))
 
-	if resp == nil or resp == "" then
-		io.stderr:write("remote '"..modname.."' failed: "..tostring(retcode).."\n")
-		return nil
+	local req = { mod = mod, func = func, args = args, sectoken = sectoken }
+	c:send(ipcmsg.encode(req))
+	local retmsg, errmsg = c:receive("*a")
+	if retmsg then
+		local data = ipcmsg.decode(retmsg)
+		return unpack(data.result or {})
 	end
-
-	local data = ipcmsg.decode(resp)
-	local status, errmsg, result = unpack(data)
-	if not status then
-		io.stderr:write("modname: "..tostring(errmsg).."\n")
-		return nil
-	end
-	return unpack(result)
+	return nil
 end
 
 function privsep.wrap(modname, sessionid)
@@ -40,3 +38,4 @@ function privsep.wrap(modname, sessionid)
 end
 
 return privsep
+