Mini Shell

Direktori : /opt/imunify360-webshield/lualib/ngx/
Upload File :
Current File : //opt/imunify360-webshield/lualib/ngx/pipe.lua

-- Copyright (C) by OpenResty Inc.


local base = require "resty.core.base"
base.allows_subsystem("http")


require "resty.core.phase"  -- for ngx.get_phase

local assert = assert
local error = error
local ipairs = ipairs
local tonumber = tonumber
local tostring = tostring
local type = type
local str_find = string.find
local table_concat = table.concat
local ffi = require "ffi"
local C = ffi.C
local ffi_new = ffi.new
local ffi_str = ffi.string
local ngx_phase = ngx.get_phase
local get_string_buf = base.get_string_buf
local get_size_ptr = base.get_size_ptr
local get_request = base.get_request
local FFI_AGAIN = base.FFI_AGAIN
local FFI_BAD_CONTEXT = base.FFI_BAD_CONTEXT
local FFI_DECLINED = base.FFI_DECLINED
local FFI_ERROR = base.FFI_ERROR
local FFI_NO_REQ_CTX = base.FFI_NO_REQ_CTX
local FFI_OK = base.FFI_OK
local co_yield = coroutine._yield


ffi.cdef[[
typedef int                         ngx_pid_t;
typedef uintptr_t                   ngx_msec_t;
typedef unsigned char               u_char;
typedef struct ngx_http_lua_pipe_s  ngx_http_lua_pipe_t;

typedef struct {
    ngx_pid_t               _pid;
    ngx_msec_t              write_timeout;
    ngx_msec_t              stdout_read_timeout;
    ngx_msec_t              stderr_read_timeout;
    ngx_msec_t              wait_timeout;
    ngx_http_lua_pipe_t    *pipe;
} ngx_http_lua_ffi_pipe_proc_t;

int ngx_http_lua_ffi_pipe_spawn(ngx_http_request_t *r,
    ngx_http_lua_ffi_pipe_proc_t *proc,
    const char *file, const char **argv, int merge_stderr, size_t buffer_size,
    const char **environ, u_char *errbuf, size_t *errbuf_size);

int ngx_http_lua_ffi_pipe_proc_read(ngx_http_request_t *r,
    ngx_http_lua_ffi_pipe_proc_t *proc, int from_stderr, int reader_type,
    size_t length, u_char **buf, size_t *buf_size, u_char *errbuf,
    size_t *errbuf_size);

int ngx_http_lua_ffi_pipe_get_read_result(ngx_http_request_t *r,
    ngx_http_lua_ffi_pipe_proc_t *proc, int from_stderr, u_char **buf,
    size_t *buf_size, u_char *errbuf, size_t *errbuf_size);

ssize_t ngx_http_lua_ffi_pipe_proc_write(ngx_http_request_t *r,
    ngx_http_lua_ffi_pipe_proc_t *proc, const u_char *data, size_t len,
    u_char *errbuf, size_t *errbuf_size);

ssize_t ngx_http_lua_ffi_pipe_get_write_result(ngx_http_request_t *r,
    ngx_http_lua_ffi_pipe_proc_t *proc, u_char *errbuf, size_t *errbuf_size);

int ngx_http_lua_ffi_pipe_proc_shutdown_stdin(
    ngx_http_lua_ffi_pipe_proc_t *proc, u_char *errbuf, size_t *errbuf_size);

int ngx_http_lua_ffi_pipe_proc_shutdown_stdout(
    ngx_http_lua_ffi_pipe_proc_t *proc, u_char *errbuf, size_t *errbuf_size);

int ngx_http_lua_ffi_pipe_proc_shutdown_stderr(
    ngx_http_lua_ffi_pipe_proc_t *proc, u_char *errbuf, size_t *errbuf_size);

int ngx_http_lua_ffi_pipe_proc_wait(ngx_http_request_t *r,
    ngx_http_lua_ffi_pipe_proc_t *proc, char **reason, int *status,
    u_char *errbuf, size_t *errbuf_size);

int ngx_http_lua_ffi_pipe_proc_kill(ngx_http_lua_ffi_pipe_proc_t *proc,
    int signal, u_char *errbuf, size_t *errbuf_size);

void ngx_http_lua_ffi_pipe_proc_destroy(ngx_http_lua_ffi_pipe_proc_t *proc);
]]


if not pcall(function() return C.ngx_http_lua_ffi_pipe_spawn end) then
    error("pipe API is not supported due to either a platform issue " ..
          "or lack of the HAVE_SOCKET_CLOEXEC_PATCH patch", 2)
end


local _M = { version = base.version }


local ERR_BUF_SIZE = 256
local VALUE_BUF_SIZE = 512
local PIPE_READ_ALL   = 0
local PIPE_READ_BYTES = 1
local PIPE_READ_LINE  = 2
local PIPE_READ_ANY   = 3


local proc_set_timeouts
do
    local MAX_TIMEOUT = 0xffffffff

    function proc_set_timeouts(proc, write_timeout, stdout_read_timeout,
                               stderr_read_timeout, wait_timeout)

        -- the implementation below is straightforward but could not be JIT
        -- compiled by the latest LuaJIT. When called in loops, LuaJIT will try
        -- to unroll it, and fall back to interpreter after it reaches the
        -- unroll limit.
        --[[
        local function set_timeout(proc, attr, timeout)
            if timeout then
                if timeout > MAX_TIMEOUT then
                    error("bad timeout value", 3)
                end
                proc[attr] = timeout
            end
        end
        set_timeout(...)
        ]]

        if write_timeout then
            if write_timeout < 0 or MAX_TIMEOUT < write_timeout then
                error("bad write_timeout option", 3)
            end

            proc.write_timeout = write_timeout
        end

        if stdout_read_timeout then
            if stdout_read_timeout < 0 or MAX_TIMEOUT < stdout_read_timeout then
                error("bad stdout_read_timeout option", 3)
            end

            proc.stdout_read_timeout = stdout_read_timeout
        end

        if stderr_read_timeout then
            if stderr_read_timeout < 0 or MAX_TIMEOUT < stderr_read_timeout then
                error("bad stderr_read_timeout option", 3)
            end

            proc.stderr_read_timeout = stderr_read_timeout
        end

        if wait_timeout then
            if wait_timeout < 0 or MAX_TIMEOUT < wait_timeout then
                error("bad wait_timeout option", 3)
            end

            proc.wait_timeout = wait_timeout
        end
    end
end


local function check_proc_instance(proc)
    if type(proc) ~= "cdata" then
        error("not a process instance", 3)
    end
end


local proc_read
do
    local value_buf = ffi_new("char[?]", VALUE_BUF_SIZE)
    local buf = ffi_new("char *[1]")
    local buf_size = ffi_new("size_t[1]")

    function proc_read(proc, stderr, reader_type, len)
        check_proc_instance(proc)

        local r = get_request()
        if not r then
            error("no request found")
        end

        buf[0] = value_buf
        buf_size[0] = VALUE_BUF_SIZE
        local errbuf = get_string_buf(ERR_BUF_SIZE)
        local errbuf_size = get_size_ptr()
        errbuf_size[0] = ERR_BUF_SIZE
        local rc = C.ngx_http_lua_ffi_pipe_proc_read(r, proc, stderr,
                                                     reader_type, len, buf,
                                                     buf_size, errbuf,
                                                     errbuf_size)
        if rc == FFI_NO_REQ_CTX then
            error("no request ctx found")
        end

        if rc == FFI_BAD_CONTEXT then
            error(ffi_str(errbuf, errbuf_size[0]), 2)
        end

        while true do
            if rc == FFI_ERROR then
                return nil, ffi_str(errbuf, errbuf_size[0])
            end

            if rc == FFI_OK then
                local p = buf[0]
                if p ~= value_buf then
                    p = ffi_new("char[?]", buf_size[0])
                    buf[0] = p
                    C.ngx_http_lua_ffi_pipe_get_read_result(r, proc, stderr,
                                                            buf, buf_size,
                                                            errbuf, errbuf_size)
                    assert(p == buf[0])
                end

                return ffi_str(p, buf_size[0])
            end

            if rc == FFI_DECLINED then
                local err = ffi_str(errbuf, errbuf_size[0])

                local p = buf[0]
                if p ~= value_buf then
                    p = ffi_new("char[?]", buf_size[0])
                    buf[0] = p
                    C.ngx_http_lua_ffi_pipe_get_read_result(r, proc, stderr,
                                                            buf, buf_size,
                                                            errbuf, errbuf_size)
                    assert(p == buf[0])
                end

                local partial = ffi_str(p, buf_size[0])
                return nil, err, partial
            end

            assert(rc == FFI_AGAIN)

            co_yield()

            buf[0] = value_buf
            buf_size[0] = VALUE_BUF_SIZE
            errbuf = get_string_buf(ERR_BUF_SIZE)
            errbuf_size = get_size_ptr()
            errbuf_size[0] = ERR_BUF_SIZE
            rc = C.ngx_http_lua_ffi_pipe_get_read_result(r, proc, stderr, buf,
                                                         buf_size, errbuf,
                                                         errbuf_size)
        end
    end

end


local function proc_write(proc, data)
    check_proc_instance(proc)

    local r = get_request()
    if not r then
        error("no request found", 2)
    end

    local data_type = type(data)
    if data_type ~= "string" then
        if data_type == "table" then
            data = table_concat(data, "")

        elseif data_type == "number" then
            data = tostring(data)

        else
            error("bad data arg: string, number, or table expected, got "
                  .. data_type, 2)
        end
    end

    local errbuf = get_string_buf(ERR_BUF_SIZE)
    local errbuf_size = get_size_ptr()
    errbuf_size[0] = ERR_BUF_SIZE
    local rc = C.ngx_http_lua_ffi_pipe_proc_write(r, proc, data, #data, errbuf,
                                                  errbuf_size)
    if rc == FFI_NO_REQ_CTX then
        error("no request ctx found", 2)
    end

    if rc == FFI_BAD_CONTEXT then
        error(ffi_str(errbuf, errbuf_size[0]), 2)
    end

    while true do
        if rc == FFI_ERROR then
            return nil, ffi_str(errbuf, errbuf_size[0])
        end

        if rc >= 0 then
            -- rc holds the bytes sent
            return tonumber(rc)
        end

        assert(rc == FFI_AGAIN)

        co_yield()

        errbuf = get_string_buf(ERR_BUF_SIZE)
        errbuf_size = get_size_ptr()
        errbuf_size[0] = ERR_BUF_SIZE
        rc = C.ngx_http_lua_ffi_pipe_get_write_result(r, proc, errbuf,
                                                      errbuf_size)
    end
end


local function proc_shutdown(proc, direction)
    check_proc_instance(proc)

    local rc
    local errbuf = get_string_buf(ERR_BUF_SIZE)
    local errbuf_size = get_size_ptr()
    errbuf_size[0] = ERR_BUF_SIZE

    if direction == "stdin" then
        rc = C.ngx_http_lua_ffi_pipe_proc_shutdown_stdin(proc, errbuf,
                                                         errbuf_size)

    elseif direction == "stdout" then
        rc = C.ngx_http_lua_ffi_pipe_proc_shutdown_stdout(proc, errbuf,
                                                          errbuf_size)

    elseif direction == "stderr" then
        rc = C.ngx_http_lua_ffi_pipe_proc_shutdown_stderr(proc, errbuf,
                                                          errbuf_size)

    else
        error("bad shutdown arg: " .. direction, 2)
    end

    if rc == FFI_ERROR then
        return nil, ffi_str(errbuf, errbuf_size[0])
    end

    return true
end


local proc_wait
do
    local reason = ffi_new("char *[1]")
    local status = ffi_new("int[1]")

    function proc_wait(proc)
        check_proc_instance(proc)

        local r = get_request()
        if not r then
            error("no request found", 2)
        end

        local errbuf = get_string_buf(ERR_BUF_SIZE)
        local errbuf_size = get_size_ptr()
        errbuf_size[0] = ERR_BUF_SIZE
        local rc = C.ngx_http_lua_ffi_pipe_proc_wait(r, proc, reason, status,
                                                     errbuf, errbuf_size)
        if rc == FFI_NO_REQ_CTX then
            error("no request ctx found", 2)
        end

        if rc == FFI_BAD_CONTEXT then
            error(ffi_str(errbuf, errbuf_size[0]), 2)
        end

        if rc == FFI_ERROR then
            return nil, ffi_str(errbuf, errbuf_size[0])
        end

        if rc == FFI_OK then
            return true, ffi_str(reason[0]), tonumber(status[0])
        end

        if rc == FFI_DECLINED then
            return false, ffi_str(reason[0]), tonumber(status[0])
        end

        local ok, exit_reason, exit_status
        ok, exit_reason, exit_status = co_yield()
        return ok, exit_reason, exit_status
    end
end


local function proc_kill(proc, signal)
    check_proc_instance(proc)

    if type(signal) ~= "number" then
        error("bad signal arg: number expected, got " .. tostring(signal), 2)
    end

    local errbuf = get_string_buf(ERR_BUF_SIZE)
    local errbuf_size = get_size_ptr()
    errbuf_size[0] = ERR_BUF_SIZE

    local rc = C.ngx_http_lua_ffi_pipe_proc_kill(proc, signal, errbuf,
                                                 errbuf_size)
    if rc == FFI_ERROR then
        return nil, ffi_str(errbuf, errbuf_size[0])
    end

    return true
end


local mt = {
    __gc = C.ngx_http_lua_ffi_pipe_proc_destroy,

    __index = {
        pid = function (proc)
            return proc._pid
        end,

        set_timeouts = function (proc, write_timeout, stdout_read_timeout,
                                 stderr_read_timeout, wait_timeout)
            proc_set_timeouts(proc, write_timeout, stdout_read_timeout,
                              stderr_read_timeout, wait_timeout)
        end,

        stdout_read_all = function (proc)
            local data, err, partial = proc_read(proc, 0, PIPE_READ_ALL, 0)
            return data, err, partial
        end,

        stdout_read_bytes = function (proc, len)
            if len <= 0 then
                if len < 0 then
                    error("bad len argument", 2)
                end

                return ""
            end

            local data, err, partial = proc_read(proc, 0, PIPE_READ_BYTES, len)
            return data, err, partial
        end,

        stdout_read_line = function (proc)
            local data, err, partial = proc_read(proc, 0, PIPE_READ_LINE, 0)
            return data, err, partial
        end,

        stdout_read_any = function (proc, max)
            if type(max) ~= "number" then
                max = tonumber(max)
            end

            if not max or max <= 0 then
                error("bad max argument", 2)
            end

            local data, err, partial = proc_read(proc, 0, PIPE_READ_ANY, max)
            return data, err, partial
        end,

        stderr_read_all = function (proc)
            local data, err, partial = proc_read(proc, 1, PIPE_READ_ALL, 0)
            return data, err, partial
        end,

        stderr_read_bytes = function (proc, len)
            if len <= 0 then
                if len < 0 then
                    error("bad len argument", 2)
                end

                return ""
            end

            local data, err, partial = proc_read(proc, 1, PIPE_READ_BYTES, len)
            return data, err, partial
        end,

        stderr_read_line = function (proc)
            local data, err, partial = proc_read(proc, 1, PIPE_READ_LINE, 0)
            return data, err, partial
        end,

        stderr_read_any = function (proc, max)
            if type(max) ~= "number" then
                max = tonumber(max)
            end

            if not max or max <= 0 then
                error("bad max argument", 2)
            end

            local data, err, partial = proc_read(proc, 1, PIPE_READ_ANY, max)
            return data, err, partial
        end,

        write = proc_write,
        shutdown = proc_shutdown,
        wait = proc_wait,
        kill = proc_kill,
    }
}
local Proc = ffi.metatype("ngx_http_lua_ffi_pipe_proc_t", mt)


local pipe_spawn
do
    local sh_exe = "/bin/sh"
    local opt_c = "-c"
    local shell_args = ffi_new("const char* [?]", 4)
    shell_args[0] = sh_exe
    shell_args[1] = opt_c
    shell_args[3] = nil

    local write_timeout = 10000
    local stdout_read_timeout = 10000
    local stderr_read_timeout = 10000
    local wait_timeout = 10000

    -- reference shell cmd's constant strings here to prevent them from getting
    -- collected by the Lua GC.
    _M._gc_ref_c_opt = opt_c

    function pipe_spawn(args, opts)
        if ngx_phase() == "init" then
            error("API disabled in the current context", 2)
        end

        local exe
        local proc_args
        local proc_envs

        local args_type = type(args)
        if args_type == "table" then
            local nargs = 0

            for i, arg in ipairs(args)  do
                nargs = nargs + 1

                if type(arg) ~= "string" then
                    args[i] = tostring(arg)
                end
            end

            if nargs == 0 then
                error("bad args arg: non-empty table expected", 2)
            end

            exe = args[1]
            proc_args = ffi_new("const char* [?]", nargs + 1, args)
            proc_args[nargs] = nil

        elseif args_type == "string" then
            exe = sh_exe
            shell_args[2] = args
            proc_args = shell_args

        else
            error("bad args arg: table expected, got " .. args_type, 2)
        end

        local merge_stderr = 0
        local buffer_size = 4096
        local proc = Proc()

        if opts then
            merge_stderr = opts.merge_stderr and 1 or 0

            if opts.buffer_size then
                buffer_size = tonumber(opts.buffer_size)

                if not buffer_size or buffer_size < 1 then
                    error("bad buffer_size option", 2)
                end
            end

            if opts.environ then
                local environ = opts.environ
                local environ_type = type(environ)
                if environ_type ~= "table" then
                    error("bad environ option: table expected, got " ..
                          environ_type, 2)
                end

                local nenv = 0

                for i, env in ipairs(environ) do
                    nenv = nenv + 1

                    local env_type = type(env)
                    if env_type ~= "string" then
                        error("bad value at index " .. i .. " of environ " ..
                              "option: string expected, got " .. env_type, 2)
                    end

                    if not str_find(env, "=", 2, true) then
                        error("bad value at index " .. i .. " of environ " ..
                              "option: 'name=[value]' format expected, got '" ..
                              env .. "'", 2)
                    end
                end

                if nenv > 0 then
                    proc_envs = ffi_new("const char* [?]", nenv + 1, environ)
                    proc_envs[nenv] = nil
                end
            end

            proc_set_timeouts(proc,
                              opts.write_timeout or write_timeout,
                              opts.stdout_read_timeout or stdout_read_timeout,
                              opts.stderr_read_timeout or stderr_read_timeout,
                              opts.wait_timeout or wait_timeout)

        else
            proc_set_timeouts(proc,
                              write_timeout,
                              stdout_read_timeout,
                              stderr_read_timeout,
                              wait_timeout)
        end

        local errbuf = get_string_buf(ERR_BUF_SIZE)
        local errbuf_size = get_size_ptr()
        local r = get_request()
        errbuf_size[0] = ERR_BUF_SIZE
        local rc = C.ngx_http_lua_ffi_pipe_spawn(r, proc, exe, proc_args,
                                                 merge_stderr, buffer_size,
                                                 proc_envs, errbuf, errbuf_size)
        if rc == FFI_ERROR then
            return nil, ffi_str(errbuf, errbuf_size[0])
        end

        return proc
    end
end  -- do


_M.spawn = pipe_spawn


return _M

Zerion Mini Shell 1.0