Mercurial > prosody-modules

view misc/systemd/socket-activation.lua @ 3503:882180b459a0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_pubsub_post: Restructure authentication and authorization (BC) This deprecates the default "superuser" actor model and makes the default equivalent to the previous "request.id". A single actor and secret per node is supported because HTTP and WebHooks don't normally include any authorization identity. Allowing authentication bypass when no secret is given should be relatively safe when the actor is unprivileged, as will be unless explicitly configured otherwise.
author Kim Alvefur <zash@zash.se>
date Sat, 30 Mar 2019 21:16:13 +0100
parents 3296a09b4e57
children
line wrap: on
line source

-- Monkeypatch to support socket activation
--
-- Requires LuaSocket after "agnostic" changes merged
--
-- To enable:
-- RunScript "socket-activation.lua"

local socket = require"socket";
local tcp_serv_mt = debug.getregistry()["tcp{server}"];
local socket_bind = socket.bind;

local SD_LISTEN_FDS_START = 3;

local fds = tonumber(os.getenv"LISTEN_FDS") or 0;

if fds < SD_LISTEN_FDS_START then return; end

local servs = {};

for i = 1, fds do
	local serv = socket.tcp();
	if serv:getfd() >= 0 then
		return; -- This won't work, we will leak the old FD
	end
	debug.setmetatable(serv, tcp_serv_mt);
	serv:setfd(SD_LISTEN_FDS_START + i - 1);
	local ip, port = serv:getsockname();
	servs [ ip .. ":" .. port ] = serv;
end

function socket.bind( ip, port, backlog )
	local sock = servs [ ip .. ":" .. port ];
	if sock then
		servs [ ip .. ":" .. port ] = nil;
		return sock;
	end
	if next(servs) == nil then
		-- my work here is done
		socket.bind = socket_bind;
	end
	return socket_bind( ip, port, backlog );
end