Mercurial Hosting > luan
annotate src/luan/host/WebHandler.java @ 1187:83c8a5a47f70
fixes for luanhost
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Thu, 22 Feb 2018 18:38:45 -0700 |
parents | 94cf2576a922 |
children | d3a3ca116e42 |
rev | line source |
---|---|
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
1 package luan.host; |
1135 | 2 |
3 import java.io.File; | |
4 import java.io.IOException; | |
5 import java.util.Map; | |
6 import java.util.HashMap; | |
7 import org.slf4j.Logger; | |
8 import org.slf4j.LoggerFactory; | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
9 import luan.webserver.Handler; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
10 import luan.webserver.Server; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
11 import luan.webserver.Request; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
12 import luan.webserver.Response; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
13 import luan.webserver.handlers.IndexHandler; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
14 import luan.webserver.handlers.ListHandler; |
1135 | 15 import luan.Luan; |
16 import luan.LuanState; | |
17 import luan.LuanException; | |
18 import luan.LuanTable; | |
19 import luan.LuanFunction; | |
20 import luan.modules.IoLuan; | |
21 import luan.modules.JavaLuan; | |
22 import luan.modules.PackageLuan; | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
23 import luan.modules.http.LuanHandler; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
24 import luan.modules.http.NotFound; |
1135 | 25 |
26 | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
27 public class WebHandler implements Handler { |
1135 | 28 private static final Logger logger = LoggerFactory.getLogger(WebHandler.class); |
29 | |
30 private static class Site { | |
31 final Handler handler; | |
32 final LuanHandler luanHandler; | |
33 | |
34 Site(Handler handler,LuanHandler luanHandler) { | |
35 this.handler = handler; | |
36 this.luanHandler = luanHandler; | |
37 } | |
38 } | |
39 | |
40 public static String allowJavaFileName = "allow_java"; // change for security | |
41 private static final Map<String,Site> siteMap = new HashMap<String,Site>(); | |
42 private static String sitesDir = null; | |
43 | |
44 public static boolean isServing() { | |
45 return sitesDir != null; | |
46 } | |
47 | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
48 public WebHandler(String dir) { |
1135 | 49 if( sitesDir != null ) |
50 throw new RuntimeException("already set"); | |
51 if( !new File(dir).exists() ) | |
52 throw new RuntimeException(); | |
53 this.sitesDir = dir; | |
54 } | |
55 | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
56 public Response handle(Request request) { |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
57 String host = (String)request.headers.get("host"); |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
58 int i = host.indexOf(':'); |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
59 String domain = i == -1 ? host : host.substring(0,i); |
1135 | 60 // System.out.println("handle "+domain); |
61 Site site = getSite(domain); | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
62 return site==null ? null : site.handler.handle(request); |
1135 | 63 } |
64 | |
65 public static Object runLuan(String domain,String sourceText,String sourceName) throws LuanException { | |
66 return getSite(domain).luanHandler.runLuan(sourceText,sourceName); | |
67 } | |
68 | |
69 public static Object callSite(String domain,String fnName,Object... args) throws LuanException { | |
70 return getSite(domain).luanHandler.call_rpc(fnName,args); | |
71 } | |
72 | |
73 private static Site getSite(String domain) { | |
74 synchronized(siteMap) { | |
75 Site site = siteMap.get(domain); | |
76 if( site == null ) { | |
77 if( sitesDir==null ) | |
78 throw new NullPointerException("sitesDir"); | |
79 File dir = new File(sitesDir,domain); | |
80 if( !dir.exists() /* && !recover(dir) */ ) | |
81 return null; | |
82 site = newSite(dir.toString(),domain); | |
83 siteMap.put(domain,site); | |
84 } | |
85 return site; | |
86 } | |
87 } | |
88 /* | |
89 private static boolean recover(File dir) { | |
90 File backups = new File(dir.getParentFile().getParentFile(),"backups"); | |
91 if( !backups.exists() ) | |
92 return false; | |
93 String name = dir.getName(); | |
94 File from = null; | |
95 for( File backup : backups.listFiles() ) { | |
96 File d = new File(backup,"current/"+name); | |
97 if( d.exists() && (from==null || from.lastModified() < d.lastModified()) ) | |
98 from = d; | |
99 } | |
100 if( from == null ) | |
101 return false; | |
102 if( !from.renameTo(dir) ) | |
103 throw new RuntimeException("couldn't rename "+from+" to "+dir); | |
104 logger.info("recovered "+name+" from "+from); | |
105 return true; | |
106 } | |
107 */ | |
108 static LuanTable initLuan(LuanState luan,String dir,String domain) { | |
109 LuanTable init; | |
110 try { | |
111 init = (LuanTable)luan.eval( | |
112 "local Luan = require 'luan:Luan.luan'\n" | |
113 +"local f = Luan.load_file 'classpath:luan/host/Init.luan'\n" | |
114 +"return f('"+dir+"','"+domain+"')\n" | |
115 ); | |
116 } catch(LuanException e) { | |
117 throw new RuntimeException(e); | |
118 } | |
119 File allowJavaFile = new File(dir,"site/private/"+allowJavaFileName); | |
120 if( !allowJavaFile.exists() ) { | |
121 JavaLuan.setSecurity( luan, javaSecurity ); | |
122 IoLuan.setSecurity( luan, ioSecurity(dir) ); | |
123 } | |
124 return init; | |
125 } | |
126 | |
127 private static Site newSite(String dir,String domain) { | |
128 LuanState luan = new LuanState(); | |
129 LuanTable init = initLuan(luan,dir,domain); | |
130 | |
131 String loggerRoot = (String)init.rawGet("logger_root"); | |
132 LuanHandler luanHandler = new LuanHandler(luan,loggerRoot); | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
133 NotFound notFoundHandler = new NotFound(luanHandler); |
1135 | 134 |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
135 Handler handler = luanHandler; |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
136 handler = new IndexHandler(handler); |
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
137 handler = new ListHandler( handler, notFoundHandler ); |
1135 | 138 |
139 String logDir = dir+"/site/private/local/logs/web"; | |
140 new File(logDir).mkdirs(); | |
141 | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
142 return new Site(handler,luanHandler); |
1135 | 143 } |
144 | |
145 public static void removeHandler(String domain) throws Exception { | |
146 synchronized(siteMap) { | |
147 Site site = siteMap.remove(domain); | |
148 if( site != null ) { | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
149 site.luanHandler.close(); |
1135 | 150 } |
151 } | |
152 } | |
153 | |
154 public static void loadHandler(String domain) { | |
155 getSite(domain); | |
156 } | |
157 | |
158 private static final IoLuan.Security ioSecurity(String dir) { | |
1174
bdf27aa2a65c
fix luanhost security bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1136
diff
changeset
|
159 final String siteUri = "file:" + dir + "/site"; |
1135 | 160 return new IoLuan.Security() { |
161 public void check(LuanState luan,String name) throws LuanException { | |
162 if( name.startsWith("file:") ) { | |
163 if( name.contains("..") ) | |
164 throw new LuanException("Security violation - '"+name+"' contains '..'"); | |
1174
bdf27aa2a65c
fix luanhost security bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1136
diff
changeset
|
165 if( !(name.equals(siteUri) || name.startsWith(siteUri+"/")) ) |
1135 | 166 throw new LuanException("Security violation - '"+name+"' outside of site dir"); |
167 } | |
168 else if( name.startsWith("classpath:luan/host/") ) { | |
169 throw new LuanException("Security violation"); | |
170 } | |
171 else if( name.startsWith("os:") || name.startsWith("bash:") ) { | |
172 throw new LuanException("Security violation"); | |
173 } | |
174 } | |
175 }; | |
176 } | |
177 | |
178 private static final JavaLuan.Security javaSecurity = new JavaLuan.Security() { | |
179 public void check(LuanState luan,String name) throws LuanException { | |
180 if( !name.startsWith("luan:") ) | |
181 throw new LuanException("Security violation - only luan:* modules can load Java"); | |
182 if( name.equals("luan:logging/Logging") ) | |
183 throw new LuanException("Security violation - cannot reload Logging"); | |
184 } | |
185 }; | |
186 } |