summaryrefslogtreecommitdiffstats
path: root/privsep.lua
blob: 5e0b9151489b6784794107a739b7ed61a8556d43 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42


lpc = require("lpc")
ipcmsg = require("json")

local privsep_exec = "./lua-privsep"
local modules_path = "./modules"

local privsep = {}
function privsep.call_privileged(modname, funcname, sessionid, args)
	local pid, w, r = lpc.run(privsep_exec, modname)
	w:write(ipcmsg.encode{ funcname, sessionid, args }.."\n")
	w:close()

	local resp = r:read("*all")
	local retcode = lpc.wait(pid)

	if resp == nil or resp == "" then
		io.stderr:write("remote '"..modname.."' failed: "..tostring(retcode).."\n")
		return nil
	end

	local data = ipcmsg.decode(resp)
	local status, errmsg, result = unpack(data)
	if not status then
		io.stderr:write("modname: "..tostring(errmsg).."\n")
		return nil
	end
	return unpack(result)
end

function privsep.wrap(modname, sessionid)
	local mod = dofile(modules_path.."/"..modname..".lua")
	local f = {}
	for k,v in pairs(mod) do
		f[k] = function(...)
			return privsep.call_privileged(modname, k, sessionid, {...})
		end
	end
	return f
end

return privsep
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 10:22:21 +0000