diff --git a/luprex/core/Makefile b/luprex/core/Makefile index 1d8ea952..e2c8d3bf 100644 --- a/luprex/core/Makefile +++ b/luprex/core/Makefile @@ -4,7 +4,7 @@ ifeq ($(OS),mingw) LIBS=-L../mingwlib -lssl -lcrypto -lws2_32 -lcrypt32 -lcryptui INCS=-I../mingwlib LUAFLAGS=-DLUA_COMPAT_ALL - OPT=-g -O1 + OPT=-g -O0 DRIVER=driver-mingw else ifeq ($(OS),linux) EXE=main diff --git a/luprex/core/cpp/driver-mingw.cpp b/luprex/core/cpp/driver-mingw.cpp index 6a217ab7..4526beed 100644 --- a/luprex/core/cpp/driver-mingw.cpp +++ b/luprex/core/cpp/driver-mingw.cpp @@ -28,20 +28,14 @@ #include #include -#define CHBUF_SIZE (256*1024) -#define POLLVEC_SIZE (DrivenEngine::MAX_CHAN+1) - -static std::unique_ptr chbuf; -static std::unique_ptr pollvec; - static void set_nonblocking(SOCKET sock) { u_long mode = 1; // 1 to enable non-blocking socket int status = ioctlsocket(sock, FIONBIO, &mode); assert(status == 0); } -static std::string winsock_error_string(int errcode) { - drv::ostringstream oss; +static std::string strerror_str(int errcode) { + std::ostringstream oss; oss << "error " << errcode; return oss.str(); } @@ -51,7 +45,7 @@ static PADDRINFOA find_good_addr(PADDRINFOA addrinfo) { if (addr->ai_family == AF_INET) { return addr; } - }std::string + } return nullptr; } @@ -190,9 +184,13 @@ static int socket_close(SOCKET socket) { } static int socket_poll(struct pollfd *pollvec, int pollcount, int mstimeout, std::string &err) { + if (pollcount == 0) { + if (mstimeout > 0) Sleep(mstimeout); + return 0; + } int status = WSAPoll(pollvec, pollcount, mstimeout); if (status < 0) { - err = winsock_error_string(WSAGetLastError()); + err = strerror_str(WSAGetLastError()); return -1; } return status; @@ -241,7 +239,47 @@ static int console_read(char *bytes, int nbytes) { } } -void driver_sysinit(int argc, char *argv[]) { +static void load_root_certs(SSL_CTX *ctx) { + HCERTSTORE hStore = CertOpenSystemStoreW(0, L"ROOT"); + PCCERT_CONTEXT pContext = NULL; + X509 *x509; + X509_STORE *store = SSL_CTX_get_cert_store(ctx); + + if (!hStore) { + fprintf(stderr, "Cannot open system certificate store.\n"); + exit(1); + } + + while ((pContext = CertEnumCertificatesInStore(hStore, pContext))) { + const unsigned char *encoded_cert = pContext->pbCertEncoded; + x509 = d2i_X509(NULL, &encoded_cert, pContext->cbCertEncoded); + if (x509) { + X509_STORE_add_cert(store, x509); + X509_free(x509); + } + } + + CertCloseStore(hStore, 0); +} + +static void ssl_ctx_use_dummycert(SSL_CTX *ctx); + +static SSL_CTX *new_ssl_server_context() { + SSL_CTX *ctx = SSL_CTX_new(TLS_method()); + SSL_CTX_set_mode(ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); + SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); + SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, nullptr); + ssl_ctx_use_dummycert(ctx); + return ctx; +} + +static SSL_CTX *new_ssl_client_context(int verify) { + SSL_CTX *ctx = SSL_CTX_new(TLS_method()); + SSL_CTX_set_mode(ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); + SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); + if (verify == SSL_VERIFY_PEER) load_root_certs(ctx); + SSL_CTX_set_verify(ctx, verify, nullptr); + return ctx; } class MonoClock { diff --git a/luprex/core/cpp/eng-malloc.hpp b/luprex/core/cpp/eng-malloc.hpp index 929e1981..30afaf53 100644 --- a/luprex/core/cpp/eng-malloc.hpp +++ b/luprex/core/cpp/eng-malloc.hpp @@ -56,7 +56,7 @@ void* realloc(void*, size_t); int memhash(); #else inline void *malloc(size_t x) { return ::malloc(x); } -inline void free(void *p) { return ::free(x); } +inline void free(void *p) { return ::free(p); } inline void *realloc(void *p, size_t x) { return ::realloc(p, x); } inline int memhash() { return 0; } #endif diff --git a/luprex/core/cpp/eng-tests.cpp b/luprex/core/cpp/eng-tests.cpp index 62a38b94..f21186a7 100644 --- a/luprex/core/cpp/eng-tests.cpp +++ b/luprex/core/cpp/eng-tests.cpp @@ -35,8 +35,8 @@ class DriverWebServerTest : public DrivenEngine { public: eng::vector channels_; virtual void event_init(int argc, char *argv[]) { - SharedChannel ch = new_outgoing_channel("stanford.edu:80"); - ch->out()->write_bytes("GET http://stanford.edu/index.html HTTP/1.1\n\n"); + SharedChannel ch = new_outgoing_channel("cert:stanford.edu:443"); + ch->out()->write_bytes("GET https://stanford.edu/xbanankjdsh.html HTTP/1.1\n\n"); channels_.emplace_back(std::move(ch)); } diff --git a/luprex/core/cpp/lpxclient.cpp b/luprex/core/cpp/lpxclient.cpp index 9b0deb32..3626e3ce 100644 --- a/luprex/core/cpp/lpxclient.cpp +++ b/luprex/core/cpp/lpxclient.cpp @@ -74,7 +74,7 @@ public: set_initial_state(); // Establish a connection to the server. - channel_ = new_outgoing_channel("cert:localhost:8085"); + channel_ = new_outgoing_channel("nocert:localhost:8085"); // Set the console prompt get_stdio_channel()->set_prompt(console_.get_prompt()); diff --git a/luprex/core/cpp/printbuffer.cpp b/luprex/core/cpp/printbuffer.cpp index 79422361..ef823390 100644 --- a/luprex/core/cpp/printbuffer.cpp +++ b/luprex/core/cpp/printbuffer.cpp @@ -4,6 +4,7 @@ #include #include +#include struct PrintBufferCore : public eng::opnew { // The most recent lines printed. @@ -190,7 +191,7 @@ bool PrintChanneler::channel(const PrintBuffer *printbuffer, std::ostream &ostre Invocation PrintChanneler::invocation(int64_t actor_id) { char buf[80]; - sprintf(buf, "%ld", line_); + sprintf(buf, PRId64, line_); return Invocation(Invocation::KIND_FLUSH_PRINTS, actor_id, actor_id, buf, InvocationData()); } diff --git a/luprex/core/cpp/source.cpp b/luprex/core/cpp/source.cpp index 090e1abf..169f4acb 100644 --- a/luprex/core/cpp/source.cpp +++ b/luprex/core/cpp/source.cpp @@ -1,4 +1,7 @@ +#define _USE_MATH_DEFINES +#include + #include "wrap-string.hpp" #include "wrap-vector.hpp" #include "wrap-map.hpp" @@ -15,7 +18,6 @@ #include #include #include -#include LuaDefine(makeclass, "classname", "create a class if it doesn't already exist") { LuaArg classname; @@ -478,7 +480,9 @@ void SourceDB::register_lua_builtins() { } if (reg->get_func() == nullptr) { if (builtin == nullptr) { - std::cerr << "No such builtin function: " << classname << " " << funcname << std::endl; + if ((!reg->get_sandbox()) || (reg->get_args() != nullptr)) { + std::cerr << "No such builtin function: " << classname << " " << funcname << std::endl; + } } else { reg->set_func(builtin); } @@ -680,6 +684,7 @@ LuaDefineBuiltin(table_remove, "vector, pos", "remove an element from a vector") LuaDefineBuiltin(table_sort, "vector [,comparefn]", "sort a vector"); LuaDefineBuiltin(table_pack, "v1, v2, v3...", "turn a sequence of arguments into a vector"); LuaDefineBuiltin(table_unpack, "vector", "turn a vector into a sequence of return values"); +LuaSandboxBuiltin(table_maxn, "", ""); LuaDefineBuiltin(string_byte, "str [,index]", "get a single byte from a string"); LuaDefineBuiltin(string_char, "byte, byte,...", "convert sequence of bytes to a string"); @@ -736,6 +741,7 @@ LuaDefineBuiltin(math_sinh, "x", "return the hyperbolic sine of x in radians"); LuaDefineBuiltin(math_sqrt, "x", "return the square root of x"); LuaDefineBuiltin(math_tan, "x", "return the tangent of x in radians"); LuaDefineBuiltin(math_tanh, "x", "return the hyperbolic tangent of x in radians"); +LuaSandboxBuiltin(math_log10, "", ""); LuaDefineBuiltin(assert, "flag [,message]", "assert that flag is true, if not, raise error"); LuaDefineBuiltin(error, "message", "raise an error"); @@ -762,6 +768,10 @@ LuaSandboxBuiltin(xpcall, "", ""); LuaSandboxBuiltin(loadfile, "", ""); LuaSandboxBuiltin(load, "", ""); LuaSandboxBuiltin(require, "", ""); +LuaSandboxBuiltin(module, "", ""); +LuaSandboxBuiltin(loadstring, "", ""); +LuaSandboxBuiltin(unpack, "", ""); + LuaSandboxBuiltin(debug_debug, "", ""); LuaSandboxBuiltin(debug_getuservalue, "", ""); @@ -786,6 +796,7 @@ LuaSandboxBuiltin(eris_settings, "", ""); LuaSandboxBuiltin(package_loadlib, "", ""); LuaSandboxBuiltin(package_searchpath, "", ""); +LuaSandboxBuiltin(package_seeall, "", ""); LuaSandboxBuiltin(coroutine_create, "", ""); LuaSandboxBuiltin(coroutine_resume, "", "");