New --socket option. -- WORK IN PROGRESS --

e7df9234 · Luigi Scarso · b266ef07 · e7df9234 · e7df9234 · e7df9234
Commit e7df9234 authored 1 year ago by Luigi Scarso
--- a/manual/luatex-lua.tex
+++ b/manual/luatex-lua.tex
@@ -88,6 +88,7 @@ consequence. The following command|-|line options are understood:
 \NC \type{--[no-]mktex=FMT}             \NC disable/enable \type {mktexFMT} generation with \type {FMT} is
                                            \type {tex} or \type {tfm} \NC \NR
 \NC \type{--nosocket}                   \NC disable the \LUA\ socket library \NC\NR
+\NC \type{--socket}                     \NC enable the \LUA\ socket library \NC\NR
 \NC \type{--output-comment=STRING}      \NC use \type {STRING} for \DVI\ file comment instead of date (no
                                            effect for \PDF) \NC \NR
 \NC \type{--output-directory=DIR}       \NC use \type {DIR} as the directory to write files to \NC \NR
@@ -147,7 +148,7 @@ in the following order:
 \startitem
    First, it will parse the command line as usual, but it will only interpret a
    small subset of the options immediately: \type {--safer}, \type {--nosocket},
-    \type {--[no-]shell-escape}, \type {--enable-write18}, \type
+    \type {--socket}, \type {--[no-]shell-escape}, \type {--enable-write18}, \type
    {--disable-write18}, \type {--shell-restricted}, \type {--help}, \type
    {--version}, and \type {--credits}.
 \stopitem
@@ -182,6 +183,8 @@ in the following order:

    Furthermore, it disables loading of compiled \LUA\ libraries and it makes
    \type {io.open()} fail on files that are opened for anything besides reading.
+
+    Finally, it disables the socket library unconditionally.
 \stopitem

 \startitem
@@ -195,14 +198,20 @@ in the following order:
    \stoptyping

    The \type {--nosocket} option makes the socket library unavailable, so that \LUA\
-    cannot use networking. 
+    cannot use networking;  
+    \type {--socket} option makes the socket library available.

    The switches \type {--[no-]shell-escape}, \type {--[enable|disable]-write18}, and
    \type {--shell-restricted} have the same effects as in \PDFTEX, and additionally
    make \type {io.popen()}, \type {os.execute}, \type {os.exec}, \type {os.kpsepopen}
-    and \type {os.spawn} adhere to the requested option. Also, by default
-    the socket library is not enabled: one can enable it with  \type {--shell-escape}
-    without  \type {--shell-restricted}.
+    and \type {os.spawn} adhere to the requested option.
+
+    By default
+    the socket library is not enabled: one can enable it with with \type {--socket}
+     or with \type {--shell-escape}  (but without  \type {--shell-restricted})
+    and disable it with \type {--nosocket} or unconditionally with \type {--safer}.
+
+    In case of conflictual options, the most restrictive wins.
 \stopitem

 \startitem

--- a/manual/luatex.pdf
+++ b/manual/luatex.pdf
--- a/source/texk/web2c/luatexdir/ChangeLog
+++ b/source/texk/web2c/luatexdir/ChangeLog
+2023-04-27  Luigi Scarso <luigi.scarso@gmail.com> 
+    * new option --socket to split socket and shell escape;
+    * Fixed ChangeLog
+
 2023-04-25  Luigi Scarso <luigi.scarso@gmail.com> 
    * socket library by default not enabled; 
       it is enabled with --shell-escape but not with --shell-restricted.
       The option ---nosocket remains unchanged.
       The two new functions os.socketgettime and os.socketsleep are 
       like socket.gettime and socket.sleep, but they are always available.
-    * Luatex 1.17.2
+    * Luatex 1.17.0

 2023-04-24  Luigi Scarso <luigi.scarso@gmail.com> 
    * static kpse.check_permissions in os.kpsepopen

--- a/source/texk/web2c/luatexdir/lua/luainit.c
+++ b/source/texk/web2c/luatexdir/lua/luainit.c
@@ -85,6 +85,7 @@ const_string LUATEX_IHELP[] = {
    "   --lua=FILE                    load and execute a lua initialization script",
    "   --[no-]mktex=FMT              disable/enable mktexFMT generation (FMT=tex/tfm)",
    "   --nosocket                    disable the lua socket library",
+    "   --socket                      enable the lua socket library",
    "   --output-comment=STRING       use STRING for DVI file comment instead of date (no effect for PDF)",
    "   --output-directory=DIR        use existing DIR as the directory to write files in",
    "   --output-format=FORMAT        use FORMAT for job output; FORMAT is 'dvi' or 'pdf'",
@@ -213,8 +214,29 @@ char *jithash_hashname = NULL;

 int safer_option = 0;
 int nosocket_option = 1; 
+int nosocket_cli_option = 0; 
+int yessocket_cli_option = 0; 
+int socket_bitmask = 0; 
 int utc_option = 0;

+/*tex We use a bitmask for the socket library: |0000| and |1xxx| implies |--nosocket|,
+  otherwise the socket library is enabled. Default value is |0000|, i.e. |--nosocket|.
+*/
+#define UPDATE_SOCKET_STATUS() do {                                                              \
+ socket_bitmask = 0;                                                                             \   
+ socket_bitmask = safer_option==1?                             (8+socket_bitmask):socket_bitmask;\
+ socket_bitmask = nosocket_cli_option==1?                      (4+socket_bitmask):socket_bitmask;\
+ socket_bitmask = (shellenabledp == 1 && restrictedshell == 0)?(2+socket_bitmask):socket_bitmask;\
+ socket_bitmask = yessocket_cli_option==1?                     (1+socket_bitmask):socket_bitmask;\
+ if( socket_bitmask==0) {                                                                        \
+   nosocket_option = 1;                                                                          \
+ } else if ( socket_bitmask<4) {                                                                 \
+   nosocket_option = 0;                                                                          \
+ } else {                                                                                        \
+   nosocket_option = 1;                                                                          \
+ }                                                                                               \   
+} while (0)
+
 /*tex

 Test whether getopt found an option ``A''. Assumes the option index is in the
@@ -242,7 +264,8 @@ static struct option long_options[] = {
 #endif
    {"safer", 0, &safer_option, 1},
    {"utc", 0, &utc_option, 1},
-    {"nosocket", 0, &nosocket_option, 1},
+    {"nosocket", 0, &nosocket_cli_option, 1},
+    {"socket", 0, &yessocket_cli_option, 1},
    {"help", 0, 0, 0},
    {"ini", 0, &ini_version, 1},
    {"interaction", 1, 0, 0},
@@ -524,21 +547,11 @@ static void parse_options(int ac, char **av)
                input_name = xstrdup(sargv[sargc-1]);
            sargv[sargc-1] = normalize_quotes(input_name, "argument");
        }
-        /* --safer implies --nosocket */
-        if (safer_option) {
-	    nosocket_option = 1;
-	} else if (shellenabledp == 1 && restrictedshell == 0) {
-            nosocket_option = 0;
-	}
+	UPDATE_SOCKET_STATUS();
        return;
 #endif
    }
-    /*tex |--safer| implies |--nosocket| */
-    if (safer_option) {
-       nosocket_option = 1;
-    } else if (shellenabledp==1 && restrictedshell==0) {
-       nosocket_option = 0;
-    }
+    UPDATE_SOCKET_STATUS();
    /*tex Finalize the input filename. */
    if (input_name != NULL) {
        argv[optind] = normalize_quotes(input_name, "argument");
@@ -1157,6 +1170,7 @@ void lua_initialize(int ac, char **av)
            }
            free(v1);
        }
+	UPDATE_SOCKET_STATUS();
        /*tex If shell escapes are restricted, get allowed cmds from cnf.  */
        if (shellenabledp && restrictedshell == 1) {
            v1 = NULL;

--- a/source/texk/web2c/luatexdir/luatex_svnversion.h
+++ b/source/texk/web2c/luatexdir/luatex_svnversion.h
 #ifndef luatex_svn_revision_h
 #define luatex_svn_revision_h
-#define luatex_svn_revision 7577
+#define luatex_svn_revision 7578
 #endif