NetBSD/libexec/httpd/lua-bozo.c
alnsn 9a921db489 Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
  doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
  manual. Those functions may throw (longjump) and leak data allocated
  by C function. In one case, I use luaL_Buffer, in the other case,
  I rearranged calls a bit.
2017-05-28 22:37:36 +00:00

458 lines
11 KiB
C

/* $NetBSD: lua-bozo.c,v 1.15 2017/05/28 22:37:36 alnsn Exp $ */
/*
* Copyright (c) 2013 Marc Balmer <marc@msys.ch>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer and
* dedication in the documentation and/or other materials provided
* with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/
/* this code implements dynamic content generation using Lua for bozohttpd */
#ifndef NO_LUA_SUPPORT
#include <sys/param.h>
#include <lua.h>
#include <lauxlib.h>
#include <lualib.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "bozohttpd.h"
/* Lua binding for bozohttp */
#if LUA_VERSION_NUM < 502
#define LUA_HTTPDLIBNAME "httpd"
#endif
#define FORM "application/x-www-form-urlencoded"
static bozohttpd_t *
httpd_instance(lua_State *L)
{
bozohttpd_t *httpd;
lua_pushstring(L, "bozohttpd");
lua_gettable(L, LUA_REGISTRYINDEX);
httpd = lua_touserdata(L, -1);
lua_pop(L, 1);
return httpd;
}
static int
lua_flush(lua_State *L)
{
bozohttpd_t *httpd = httpd_instance(L);
bozo_flush(httpd, stdout);
return 0;
}
static int
lua_print(lua_State *L)
{
bozohttpd_t *httpd = httpd_instance(L);
bozo_printf(httpd, "%s\r\n", lua_tostring(L, 1));
return 0;
}
static int
lua_read(lua_State *L)
{
bozohttpd_t *httpd = httpd_instance(L);
luaL_Buffer lbuf;
char *data;
lua_Integer len;
ssize_t n;
len = luaL_checkinteger(L, 1);
data = luaL_buffinitsize(L, &lbuf, (size_t)len);
if ((n = bozo_read(httpd, STDIN_FILENO, data, len)) >= 0) {
luaL_pushresultsize(&lbuf, n);
return 1;
} else {
lua_pushnil(L);
lua_pushstring(L, "bozo_read() call failed");
return 2;
}
}
static int
lua_register_handler(lua_State *L)
{
bozohttpd_t *httpd = httpd_instance(L);
lua_state_map_t *map;
lua_handler_t *handler;
const char *name;
int ref;
lua_pushstring(L, "lua_state_map");
lua_gettable(L, LUA_REGISTRYINDEX);
map = lua_touserdata(L, -1);
lua_pop(L, 1);
name = luaL_checkstring(L, 1);
luaL_checktype(L, 2, LUA_TFUNCTION);
lua_pushvalue(L, 2);
ref = luaL_ref(L, LUA_REGISTRYINDEX);
handler = bozomalloc(httpd, sizeof(lua_handler_t));
handler->name = bozostrdup(httpd, NULL, name);
handler->ref = ref;
SIMPLEQ_INSERT_TAIL(&map->handlers, handler, h_next);
httpd->process_lua = 1;
return 0;
}
static int
lua_write(lua_State *L)
{
bozohttpd_t *httpd = httpd_instance(L);
const char *data;
size_t len;
ssize_t n;
data = luaL_checklstring(L, 1, &len);
if ((n = bozo_write(httpd, STDIN_FILENO, data, len)) >= 0) {
lua_pushinteger(L, n);
return 1;
} else {
lua_pushnil(L);
lua_pushstring(L, "bozo_write() call failed");
return 2;
}
}
static int
luaopen_httpd(lua_State *L)
{
static struct luaL_Reg functions[] = {
{ "flush", lua_flush },
{ "print", lua_print },
{ "read", lua_read },
{ "register_handler", lua_register_handler },
{ "write", lua_write },
{ NULL, NULL }
};
#if LUA_VERSION_NUM >= 502
luaL_newlib(L, functions);
#else
luaL_register(L, LUA_HTTPDLIBNAME, functions);
#endif
lua_pushstring(L, "httpd 1.0.0");
lua_setfield(L, -2, "_VERSION");
return 1;
}
#if LUA_VERSION_NUM < 502
static void
lua_openlib(lua_State *L, const char *name, lua_CFunction fn)
{
lua_pushcfunction(L, fn);
lua_pushstring(L, name);
lua_call(L, 1, 0);
}
#endif
/* bozohttpd integration */
void
bozo_add_lua_map(bozohttpd_t *httpd, const char *prefix, const char *script)
{
lua_state_map_t *map;
map = bozomalloc(httpd, sizeof(lua_state_map_t));
map->prefix = bozostrdup(httpd, NULL, prefix);
if (*script == '/')
map->script = bozostrdup(httpd, NULL, script);
else {
char cwd[MAXPATHLEN], *path;
getcwd(cwd, sizeof(cwd) - 1);
bozoasprintf(httpd, &path, "%s/%s", cwd, script);
map->script = path;
}
map->L = luaL_newstate();
if (map->L == NULL)
bozoerr(httpd, 1, "can't create Lua state");
SIMPLEQ_INIT(&map->handlers);
#if LUA_VERSION_NUM >= 502
luaL_openlibs(map->L);
lua_getglobal(map->L, "package");
lua_getfield(map->L, -1, "preload");
lua_pushcfunction(map->L, luaopen_httpd);
lua_setfield(map->L, -2, "httpd");
lua_pop(map->L, 2);
#else
lua_openlib(map->L, "", luaopen_base);
lua_openlib(map->L, LUA_LOADLIBNAME, luaopen_package);
lua_openlib(map->L, LUA_TABLIBNAME, luaopen_table);
lua_openlib(map->L, LUA_STRLIBNAME, luaopen_string);
lua_openlib(map->L, LUA_MATHLIBNAME, luaopen_math);
lua_openlib(map->L, LUA_OSLIBNAME, luaopen_os);
lua_openlib(map->L, LUA_IOLIBNAME, luaopen_io);
lua_openlib(map->L, LUA_HTTPDLIBNAME, luaopen_httpd);
#endif
lua_pushstring(map->L, "lua_state_map");
lua_pushlightuserdata(map->L, map);
lua_settable(map->L, LUA_REGISTRYINDEX);
lua_pushstring(map->L, "bozohttpd");
lua_pushlightuserdata(map->L, httpd);
lua_settable(map->L, LUA_REGISTRYINDEX);
if (luaL_loadfile(map->L, script))
bozoerr(httpd, 1, "failed to load script %s: %s", script,
lua_tostring(map->L, -1));
if (lua_pcall(map->L, 0, 0, 0))
bozoerr(httpd, 1, "failed to execute script %s: %s", script,
lua_tostring(map->L, -1));
SIMPLEQ_INSERT_TAIL(&httpd->lua_states, map, s_next);
}
static void
lua_env(lua_State *L, const char *name, const char *value)
{
lua_pushstring(L, value);
lua_setfield(L, -2, name);
}
/* decode query string */
static void
lua_url_decode(lua_State *L, char *s)
{
char *v, *p, *val, *q;
char buf[3];
int c;
v = strchr(s, '=');
if (v == NULL)
return;
*v++ = '\0';
val = malloc(strlen(v) + 1);
if (val == NULL)
return;
for (p = v, q = val; *p; p++) {
switch (*p) {
case '%':
if (*(p + 1) == '\0' || *(p + 2) == '\0') {
free(val);
return;
}
buf[0] = *++p;
buf[1] = *++p;
buf[2] = '\0';
sscanf(buf, "%2x", &c);
*q++ = (char)c;
break;
case '+':
*q++ = ' ';
break;
default:
*q++ = *p;
}
}
*q = '\0';
lua_pushstring(L, val);
lua_setfield(L, -2, s);
free(val);
}
static void
lua_decode_query(lua_State *L, char *query)
{
char *s;
s = strtok(query, "&");
while (s) {
lua_url_decode(L, s);
s = strtok(NULL, "&");
}
}
int
bozo_process_lua(bozo_httpreq_t *request)
{
bozohttpd_t *httpd = request->hr_httpd;
lua_state_map_t *map;
lua_handler_t *hndlr;
int n, ret, length;
char date[40];
bozoheaders_t *headp;
char *s, *query, *uri, *file, *command, *info, *content;
const char *type, *clen;
char *prefix, *handler, *p;
int rv = 0;
if (!httpd->process_lua)
return 0;
info = NULL;
query = NULL;
prefix = NULL;
uri = request->hr_oldfile ? request->hr_oldfile : request->hr_file;
if (*uri == '/') {
file = bozostrdup(httpd, request, uri);
if (file == NULL)
goto out;
prefix = bozostrdup(httpd, request, &uri[1]);
} else {
if (asprintf(&file, "/%s", uri) < 0)
goto out;
prefix = bozostrdup(httpd, request, uri);
}
if (prefix == NULL)
goto out;
if (request->hr_query && request->hr_query[0])
query = bozostrdup(httpd, request, request->hr_query);
p = strchr(prefix, '/');
if (p == NULL)
goto out;
*p++ = '\0';
handler = p;
if (!*handler)
goto out;
p = strchr(handler, '/');
if (p != NULL)
*p++ = '\0';
command = file + 1;
if ((s = strchr(command, '/')) != NULL) {
info = bozostrdup(httpd, request, s);
*s = '\0';
}
type = request->hr_content_type;
clen = request->hr_content_length;
SIMPLEQ_FOREACH(map, &httpd->lua_states, s_next) {
if (strcmp(map->prefix, prefix))
continue;
SIMPLEQ_FOREACH(hndlr, &map->handlers, h_next) {
if (strcmp(hndlr->name, handler))
continue;
lua_rawgeti(map->L, LUA_REGISTRYINDEX, hndlr->ref);
/* Create the "environment" */
lua_newtable(map->L);
lua_env(map->L, "SERVER_NAME",
BOZOHOST(httpd, request));
lua_env(map->L, "GATEWAY_INTERFACE", "Luigi/1.0");
lua_env(map->L, "SERVER_PROTOCOL", request->hr_proto);
lua_env(map->L, "REQUEST_METHOD",
request->hr_methodstr);
lua_env(map->L, "SCRIPT_PREFIX", map->prefix);
lua_env(map->L, "SCRIPT_NAME", file);
lua_env(map->L, "HANDLER_NAME", hndlr->name);
lua_env(map->L, "SCRIPT_FILENAME", map->script);
lua_env(map->L, "SERVER_SOFTWARE",
httpd->server_software);
lua_env(map->L, "REQUEST_URI", uri);
lua_env(map->L, "DATE_GMT",
bozo_http_date(date, sizeof(date)));
if (query && *query)
lua_env(map->L, "QUERY_STRING", query);
if (info && *info)
lua_env(map->L, "PATH_INFO", info);
if (type && *type)
lua_env(map->L, "CONTENT_TYPE", type);
if (clen && *clen)
lua_env(map->L, "CONTENT_LENGTH", clen);
if (request->hr_serverport && *request->hr_serverport)
lua_env(map->L, "SERVER_PORT",
request->hr_serverport);
if (request->hr_remotehost && *request->hr_remotehost)
lua_env(map->L, "REMOTE_HOST",
request->hr_remotehost);
if (request->hr_remoteaddr && *request->hr_remoteaddr)
lua_env(map->L, "REMOTE_ADDR",
request->hr_remoteaddr);
/* Pass the headers in a separate table */
lua_newtable(map->L);
SIMPLEQ_FOREACH(headp, &request->hr_headers, h_next)
lua_env(map->L, headp->h_header,
headp->h_value);
/* Pass the query variables */
if ((query && *query) ||
(type && *type && !strcmp(type, FORM))) {
lua_newtable(map->L);
if (query && *query)
lua_decode_query(map->L, query);
if (type && *type && !strcmp(type, FORM)) {
if (clen && *clen && atol(clen) > 0) {
length = atol(clen);
content = bozomalloc(httpd,
length + 1);
n = bozo_read(httpd,
STDIN_FILENO, content,
length);
if (n >= 0) {
content[n] = '\0';
lua_decode_query(map->L,
content);
} else {
lua_pop(map->L, 1);
lua_pushnil(map->L);
}
free(content);
}
}
} else
lua_pushnil(map->L);
ret = lua_pcall(map->L, 3, 0, 0);
if (ret)
printf("<br>Lua error: %s\n",
lua_tostring(map->L, -1));
bozo_flush(httpd, stdout);
rv = 1;
goto out;
}
}
out:
free(prefix);
free(uri);
free(info);
free(query);
free(file);
return rv;
}
#endif /* NO_LUA_SUPPORT */