lua: minimal support for Unix socket incoming connections

[vuori]

This adds minimal support to the Lua plugin for cases where the incoming connection is through a Unix socket. Crashing issues are unlikely, but there are two type confusions where an AF_UNIX sockaddr will get treated as AF_INET6. (Technically if the source socket is unnamed, the result getpeername() could be no larger than sizeof(sa_family_t) as unix(7) states. The reality will likely be highly platform-dependent.)

Basically same deal as #12504

[shukitchan]

I will take a look at it this week

[Copilot]

Pull Request Overview

This PR adds minimal support for Unix socket connections in the Lua plugin to prevent crashes when handling AF_UNIX socket addresses. The changes address type confusion issues where AF_UNIX sockaddr structures were being incorrectly treated as AF_INET6 addresses.

Key changes:

• Adds AF_UNIX constant definition for Lua scripts
• Implements proper handling of Unix socket addresses in client and server request functions
• Initializes port variables to prevent undefined behavior when dealing with Unix sockets

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File	Description
plugins/lua/ts_lua_server_request.cc	Adds TS_LUA_AF_UNIX global constant definition
plugins/lua/ts_lua_http.cc	Adds AF_UNIX case handling in client address retrieval
plugins/lua/ts_lua_client_request.cc	Adds AF_UNIX handling and fixes port initialization for Unix sockets
doc/admin-guide/plugins/lua.en.rst	Documents the new TS_LUA_AF_UNIX constant

Comments suppressed due to low confidence (1)

plugins/lua/ts_lua_client_request.cc:807

• This else clause will incorrectly treat AF_UNIX addresses as AF_INET6, potentially causing undefined behavior when casting sockaddr_un to sockaddr_in6. Add an explicit AF_INET6 check and handle AF_UNIX case separately.

    if (client_ip->sa_family == AF_INET) {
      port = ((struct sockaddr_in *)client_ip)->sin_port;
    } else {
      port = ((struct sockaddr_in6 *)client_ip)->sin6_port;
    }

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[shukitchan]

I also think that we need to make changes in ts_lua_vconn.cc
ts_lua_vconn_get_remote_addr() is also not taking care of the situation correctly.

Thanks.

[shukitchan]

I think these variables are really used when we are making changes to the outgoing address. So there is no need to support AF_UNIX here

[shukitchan]

I think these variables are really used when we are making changes to the outgoing address. So there is no need to support AF_UNIX here

[vuori]

ts_lua_vconn_get_remote_addr support was added.

(TS_LUA_)AF_UNIX is now returned as the third value from ts_lua_client_request_client_addr_get_addr ts_lua_vconn_get_remote_addr so the new constant is needed for comparisons in Lua code.

[shukitchan]

Thanks.
I am still not seeing your changes on ts_lua_vconn_get_remote_addr
Perhaps there is some error with the branch?

[vuori]

Sorry, git error.

[shukitchan]

On second thought, perhaps we should just take care of the rest consistently.

may be we should fix up ts_lua_server_request.cc as well.

• There are places where we are retrieving the ip address or port of the next destination. Even though they are not going to be AF_UNIX, for completeness sake, we should just take care of handling only for AF_INET/AF_INET6 and use the default for anything else.
• There are also places where we can set address in this file. It makes no sense for anything other than INET/INET6. So we can just error out gracefully in those places as well if invalid values are passed.

Thanks so much for your patience and help.

[shukitchan]

Please also consider my latest notes and perhaps to make further changes to ts_lua_server_request.cc

Thanks.

[vuori]

I'll try to look at this during the next week.

[shukitchan]

@vuori are you still working on this? Thanks.

[vuori]

Hopefully yes sometime soonish, but the last weeks have been non-stop firefighting on other fronts and there are still a few blazes to put out this week.