1 (* HCoop
Domtool (http
://hcoop
.sourceforge
.net
/)
2 * Copyright (c
) 2006-2007, Adam Chlipala
4 * This program is free software
; you can redistribute it
and/or
5 * modify it under the terms
of the GNU General Public License
6 * as published by the Free Software Foundation
; either version
2
7 * of the License
, or (at your option
) any later version
.
9 * This program is distributed
in the hope that it will be useful
,
10 * but WITHOUT ANY WARRANTY
; without even the implied warranty
of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE
. See the
12 * GNU General Public License for more details
.
14 * You should have received a copy
of the GNU General Public License
15 * along
with this program
; if not
, write to the Free Software
16 * Foundation
, Inc
., 51 Franklin Street
, Fifth Floor
, Boston
, MA
02110-1301, USA
.
21 structure Main
:> MAIN
= struct
23 open Ast MsgTypes Print
25 structure SM
= StringMap
27 fun init () = Acl
.read Config
.aclFile
31 val prog
= Parse
.parse fname
33 if !ErrorMsg
.anyErrors
then
36 Tycheck
.checkFile
G (Defaults
.tInit ()) prog
41 val dir
= Posix
.FileSys
.opendir Config
.libRoot
44 case Posix
.FileSys
.readdir dir
of
45 NONE
=> (Posix
.FileSys
.closedir dir
;
48 if String.isSuffix
".dtl" fname
then
49 loop (OS
.Path
.joinDirFile
{dir
= Config
.libRoot
,
56 val (_
, files
) = Order
.order NONE files
58 if !ErrorMsg
.anyErrors
then
61 (Tycheck
.allowExterns ();
62 foldl (fn (fname
, G
) => check
' G fname
) Env
.empty files
63 before Tycheck
.disallowExterns ())
68 val _
= ErrorMsg
.reset ()
69 val _
= Env
.preTycheck ()
73 if !ErrorMsg
.anyErrors
then
77 val _
= Tycheck
.disallowExterns ()
78 val _
= ErrorMsg
.reset ()
79 val prog
= Parse
.parse fname
81 if !ErrorMsg
.anyErrors
then
85 val G
' = Tycheck
.checkFile
b (Defaults
.tInit ()) prog
87 if !ErrorMsg
.anyErrors
then
95 val notTmp
= CharVector
.all (fn ch
=> Char.isAlphaNum ch
orelse ch
= #
"." orelse ch
= #
"_" orelse ch
= #
"-")
101 val dir
= Posix
.FileSys
.opendir dname
104 case Posix
.FileSys
.readdir dir
of
105 NONE
=> (Posix
.FileSys
.closedir dir
;
109 loop (OS
.Path
.joinDirFile
{dir
= dname
,
116 val (_
, files
) = Order
.order (SOME b
) files
118 if !ErrorMsg
.anyErrors
then
121 (foldl (fn (fname
, G
) => check
' G fname
) b files
;
122 if !ErrorMsg
.anyErrors
then
130 val (G
, body
) = check fname
132 if !ErrorMsg
.anyErrors
then
138 val body
' = Reduce
.reduceExp G body
140 (*printd (PD
.hovBox (PD
.PPS
.Rel
0,
141 [PD
.string "Result:",
152 if !ErrorMsg
.anyErrors
then
155 Eval
.exec (Defaults
.eInit ()) body
'
156 | NONE
=> raise ErrorMsg
.Error
161 if !ErrorMsg
.anyErrors
then
164 ignore (Eval
.exec
' (Defaults
.eInit ()) body
')
165 | NONE
=> raise ErrorMsg
.Error
168 Config
.dispatcher ^
":" ^
Int.toString Config
.dispatcherPort
171 "localhost:" ^
Int.toString Config
.slavePort
174 (OpenSSL
.context
false x
)
175 handle e
as OpenSSL
.OpenSSL _
=>
176 (print
"Couldn't find your certificate.\nYou probably haven't been given any Domtool privileges.\n";
179 fun requestContext f
=
182 case Posix
.ProcEnv
.getenv
"DOMTOOL_USER" of
185 val uid
= Posix
.ProcEnv
.getuid ()
187 Posix
.SysDB
.Passwd
.name (Posix
.SysDB
.getpwuid uid
)
191 val () = Acl
.read Config
.aclFile
192 val () = Domain
.setUser user
196 val context
= context (Config
.certDir ^
"/" ^ user ^
".pem",
197 Config
.keyDir ^
"/" ^ user ^
"/key.pem",
205 val (user
, context
) = requestContext f
207 (user
, OpenSSL
.connect (context
, dispatcher
))
210 fun requestSlaveBio () =
212 val (user
, context
) = requestContext (fn () => ())
214 (user
, OpenSSL
.connect (context
, self
))
219 val (user
, bio
) = requestBio (fn () => ignore (check fname
))
221 val inf
= TextIO.openIn fname
224 case TextIO.inputLine inf
of
225 NONE
=> String.concat (List.rev lines
)
226 | SOME line
=> loop (line
:: lines
)
231 Msg
.send (bio
, MsgConfig code
);
233 NONE
=> print
"Server closed connection unexpectedly.\n"
236 MsgOk
=> print
"Configuration succeeded.\n"
237 | MsgError s
=> print ("Configuration failed: " ^ s ^
"\n")
238 | _
=> print
"Unexpected server reply.\n";
241 handle ErrorMsg
.Error
=> ()
243 fun requestDir dname
=
245 val _
= ErrorMsg
.reset ()
247 val (user
, bio
) = requestBio (fn () => checkDir dname
)
251 val dir
= Posix
.FileSys
.opendir dname
254 case Posix
.FileSys
.readdir dir
of
255 NONE
=> (Posix
.FileSys
.closedir dir
;
259 loop (OS
.Path
.joinDirFile
{dir
= dname
,
266 val (_
, files
) = Order
.order (SOME b
) files
268 val _
= if !ErrorMsg
.anyErrors
then
273 val codes
= map (fn fname
=>
275 val inf
= TextIO.openIn fname
278 case TextIO.inputLine inf
of
279 NONE
=> String.concat (rev lines
)
280 | SOME line
=> loop (line
:: lines
)
283 before TextIO.closeIn inf
286 if !ErrorMsg
.anyErrors
then
289 (Msg
.send (bio
, MsgMultiConfig codes
);
291 NONE
=> print
"Server closed connection unexpectedly.\n"
294 MsgOk
=> print
"Configuration succeeded.\n"
295 | MsgError s
=> print ("Configuration failed: " ^ s ^
"\n")
296 | _
=> print
"Unexpected server reply.\n";
299 handle ErrorMsg
.Error
=> ()
303 val (_
, bio
) = requestBio (fn () => ())
308 handle _
=> OS
.Process
.failure
310 fun requestShutdown () =
312 val (_
, bio
) = requestBio (fn () => ())
314 Msg
.send (bio
, MsgShutdown
);
316 NONE
=> print
"Server closed connection unexpectedly.\n"
319 MsgOk
=> print
"Shutdown begun.\n"
320 | MsgError s
=> print ("Shutdown failed: " ^ s ^
"\n")
321 | _
=> print
"Unexpected server reply.\n";
325 fun requestSlavePing () =
327 val (_
, bio
) = requestSlaveBio ()
332 handle _
=> OS
.Process
.failure
334 fun requestSlaveShutdown () =
336 val (_
, bio
) = requestSlaveBio ()
338 Msg
.send (bio
, MsgShutdown
);
340 NONE
=> print
"Server closed connection unexpectedly.\n"
343 MsgOk
=> print
"Shutdown begun.\n"
344 | MsgError s
=> print ("Shutdown failed: " ^ s ^
"\n")
345 | _
=> print
"Unexpected server reply.\n";
349 fun requestGrant acl
=
351 val (user
, bio
) = requestBio (fn () => ())
353 Msg
.send (bio
, MsgGrant acl
);
355 NONE
=> print
"Server closed connection unexpectedly.\n"
358 MsgOk
=> print
"Grant succeeded.\n"
359 | MsgError s
=> print ("Grant failed: " ^ s ^
"\n")
360 | _
=> print
"Unexpected server reply.\n";
364 fun requestRevoke acl
=
366 val (user
, bio
) = requestBio (fn () => ())
368 Msg
.send (bio
, MsgRevoke acl
);
370 NONE
=> print
"Server closed connection unexpectedly.\n"
373 MsgOk
=> print
"Revoke succeeded.\n"
374 | MsgError s
=> print ("Revoke failed: " ^ s ^
"\n")
375 | _
=> print
"Unexpected server reply.\n";
379 fun requestListPerms user
=
381 val (_
, bio
) = requestBio (fn () => ())
383 Msg
.send (bio
, MsgListPerms user
);
384 (case Msg
.recv bio
of
385 NONE
=> (print
"Server closed connection unexpectedly.\n";
389 MsgPerms perms
=> SOME perms
390 | MsgError s
=> (print ("Listing failed: " ^ s ^
"\n");
392 | _
=> (print
"Unexpected server reply.\n";
394 before OpenSSL
.close bio
397 fun requestWhoHas perm
=
399 val (_
, bio
) = requestBio (fn () => ())
401 Msg
.send (bio
, MsgWhoHas perm
);
402 (case Msg
.recv bio
of
403 NONE
=> (print
"Server closed connection unexpectedly.\n";
407 MsgWhoHasResponse users
=> SOME users
408 | MsgError s
=> (print ("whohas failed: " ^ s ^
"\n");
410 | _
=> (print
"Unexpected server reply.\n";
412 before OpenSSL
.close bio
415 fun requestRegen () =
417 val (_
, bio
) = requestBio (fn () => ())
419 Msg
.send (bio
, MsgRegenerate
);
421 NONE
=> print
"Server closed connection unexpectedly.\n"
424 MsgOk
=> print
"Regeneration succeeded.\n"
425 | MsgError s
=> print ("Regeneration failed: " ^ s ^
"\n")
426 | _
=> print
"Unexpected server reply.\n";
430 fun requestRmdom dom
=
432 val (_
, bio
) = requestBio (fn () => ())
434 Msg
.send (bio
, MsgRmdom dom
);
436 NONE
=> print
"Server closed connection unexpectedly.\n"
439 MsgOk
=> print
"Removal succeeded.\n"
440 | MsgError s
=> print ("Removal failed: " ^ s ^
"\n")
441 | _
=> print
"Unexpected server reply.\n";
445 fun requestRmuser user
=
447 val (_
, bio
) = requestBio (fn () => ())
449 Msg
.send (bio
, MsgRmuser user
);
451 NONE
=> print
"Server closed connection unexpectedly.\n"
454 MsgOk
=> print
"Removal succeeded.\n"
455 | MsgError s
=> print ("Removal failed: " ^ s ^
"\n")
456 | _
=> print
"Unexpected server reply.\n";
460 fun requestDbUser dbtype
=
462 val (_
, bio
) = requestBio (fn () => ())
464 Msg
.send (bio
, MsgCreateDbUser dbtype
);
466 NONE
=> print
"Server closed connection unexpectedly.\n"
469 MsgOk
=> print
"Your user has been created.\n"
470 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
471 | _
=> print
"Unexpected server reply.\n";
475 fun requestDbPasswd rc
=
477 val (_
, bio
) = requestBio (fn () => ())
479 Msg
.send (bio
, MsgDbPasswd rc
);
481 NONE
=> print
"Server closed connection unexpectedly.\n"
484 MsgOk
=> print
"Your password has been changed.\n"
485 | MsgError s
=> print ("Password set failed: " ^ s ^
"\n")
486 | _
=> print
"Unexpected server reply.\n";
490 fun requestDbTable p
=
492 val (user
, bio
) = requestBio (fn () => ())
494 Msg
.send (bio
, MsgCreateDbTable p
);
496 NONE
=> print
"Server closed connection unexpectedly.\n"
499 MsgOk
=> print ("Your database " ^ user ^
"_" ^ #dbname p ^
" has been created.\n")
500 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
501 | _
=> print
"Unexpected server reply.\n";
505 fun requestListMailboxes domain
=
507 val (_
, bio
) = requestBio (fn () => ())
509 Msg
.send (bio
, MsgListMailboxes domain
);
510 (case Msg
.recv bio
of
511 NONE
=> Vmail
.Error
"Server closed connection unexpectedly."
514 MsgMailboxes users
=> (Msg
.send (bio
, MsgOk
);
516 | MsgError s
=> Vmail
.Error ("Creation failed: " ^ s
)
517 | _
=> Vmail
.Error
"Unexpected server reply.")
518 before OpenSSL
.close bio
521 fun requestNewMailbox p
=
523 val (_
, bio
) = requestBio (fn () => ())
525 Msg
.send (bio
, MsgNewMailbox p
);
527 NONE
=> print
"Server closed connection unexpectedly.\n"
530 MsgOk
=> print ("A mapping for " ^ #user p ^
"@" ^ #domain p ^
" has been created.\n")
531 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
532 | _
=> print
"Unexpected server reply.\n";
536 fun requestPasswdMailbox p
=
538 val (_
, bio
) = requestBio (fn () => ())
540 Msg
.send (bio
, MsgPasswdMailbox p
);
542 NONE
=> print
"Server closed connection unexpectedly.\n"
545 MsgOk
=> print ("The password for " ^ #user p ^
"@" ^ #domain p ^
" has been changed.\n")
546 | MsgError s
=> print ("Set failed: " ^ s ^
"\n")
547 | _
=> print
"Unexpected server reply.\n";
551 fun requestRmMailbox p
=
553 val (_
, bio
) = requestBio (fn () => ())
555 Msg
.send (bio
, MsgRmMailbox p
);
557 NONE
=> print
"Server closed connection unexpectedly.\n"
560 MsgOk
=> print ("The mapping for mailbox " ^ #user p ^
"@" ^ #domain p ^
" has been deleted.\n")
561 | MsgError s
=> print ("Remove failed: " ^ s ^
"\n")
562 | _
=> print
"Unexpected server reply.\n";
566 fun requestSaQuery addr
=
568 val (_
, bio
) = requestBio (fn () => ())
570 Msg
.send (bio
, MsgSaQuery addr
);
571 (case Msg
.recv bio
of
572 NONE
=> print
"Server closed connection unexpectedly.\n"
575 MsgSaStatus b
=> (print ("SpamAssassin filtering for " ^ addr ^
" is "
576 ^
(if b
then "ON" else "OFF") ^
".\n");
577 Msg
.send (bio
, MsgOk
))
578 | MsgError s
=> print ("Query failed: " ^ s ^
"\n")
579 | _
=> print
"Unexpected server reply.\n")
580 before OpenSSL
.close bio
585 val (_
, bio
) = requestBio (fn () => ())
587 Msg
.send (bio
, MsgSaSet p
);
589 NONE
=> print
"Server closed connection unexpectedly.\n"
592 MsgOk
=> print ("SpamAssassin filtering for " ^ #
1 p ^
" is now "
593 ^
(if #
2 p
then "ON" else "OFF") ^
".\n")
594 | MsgError s
=> print ("Set failed: " ^ s ^
"\n")
595 | _
=> print
"Unexpected server reply.\n";
599 fun requestSmtpLog domain
=
601 val (_
, bio
) = requestBio (fn () => ())
603 val _
= Msg
.send (bio
, MsgSmtpLogReq domain
)
607 NONE
=> print
"Server closed connection unexpectedly.\n"
611 | MsgSmtpLogRes line
=> (print line
;
613 | MsgError s
=> print ("Log search failed: " ^ s ^
"\n")
614 | _
=> print
"Unexpected server reply.\n"
620 fun requestApt
{node
, pkg
} =
622 val (user
, context
) = requestContext (fn () => ())
623 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
626 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
628 val _
= Msg
.send (bio
, MsgQuery (QApt pkg
))
632 NONE
=> (print
"Server closed connection unexpectedly.\n";
636 MsgYes
=> (print
"Package is installed.\n";
638 | MsgNo
=> (print
"Package is not installed.\n";
640 | MsgError s
=> (print ("APT query failed: " ^ s ^
"\n");
642 | _
=> (print
"Unexpected server reply.\n";
646 before OpenSSL
.close bio
649 fun requestCron
{node
, uname
} =
651 val (user
, context
) = requestContext (fn () => ())
652 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
655 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
657 val _
= Msg
.send (bio
, MsgQuery (QCron uname
))
661 NONE
=> (print
"Server closed connection unexpectedly.\n";
665 MsgYes
=> (print
"User has cron permissions.\n";
667 | MsgNo
=> (print
"User does not have cron permissions.\n";
669 | MsgError s
=> (print ("Cron query failed: " ^ s ^
"\n");
671 | _
=> (print
"Unexpected server reply.\n";
675 before OpenSSL
.close bio
678 fun requestFtp
{node
, uname
} =
680 val (user
, context
) = requestContext (fn () => ())
681 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
684 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
686 val _
= Msg
.send (bio
, MsgQuery (QFtp uname
))
690 NONE
=> (print
"Server closed connection unexpectedly.\n";
694 MsgYes
=> (print
"User has FTP permissions.\n";
696 | MsgNo
=> (print
"User does not have FTP permissions.\n";
698 | MsgError s
=> (print ("FTP query failed: " ^ s ^
"\n");
700 | _
=> (print
"Unexpected server reply.\n";
704 before OpenSSL
.close bio
707 fun requestTrustedPath
{node
, uname
} =
709 val (user
, context
) = requestContext (fn () => ())
710 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
713 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
715 val _
= Msg
.send (bio
, MsgQuery (QTrustedPath uname
))
719 NONE
=> (print
"Server closed connection unexpectedly.\n";
723 MsgYes
=> (print
"User has trusted path restriction.\n";
725 | MsgNo
=> (print
"User does not have trusted path restriction.\n";
727 | MsgError s
=> (print ("Trusted path query failed: " ^ s ^
"\n");
729 | _
=> (print
"Unexpected server reply.\n";
733 before OpenSSL
.close bio
736 fun requestSocketPerm
{node
, uname
} =
738 val (user
, context
) = requestContext (fn () => ())
739 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
742 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
744 val _
= Msg
.send (bio
, MsgQuery (QSocket uname
))
748 NONE
=> (print
"Server closed connection unexpectedly.\n";
752 MsgSocket p
=> (case p
of
754 | Client
=> print
"Client\n"
755 | Server
=> print
"Server\n"
756 | Nada
=> print
"Nada\n";
758 | MsgError s
=> (print ("Socket permission query failed: " ^ s ^
"\n");
760 | _
=> (print
"Unexpected server reply.\n";
764 before OpenSSL
.close bio
767 fun requestFirewall
{node
, uname
} =
769 val (user
, context
) = requestContext (fn () => ())
770 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
773 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
775 val _
= Msg
.send (bio
, MsgQuery (QFirewall uname
))
779 NONE
=> (print
"Server closed connection unexpectedly.\n";
783 MsgFirewall ls
=> (app (fn s
=> (print s
; print
"\n")) ls
;
785 | MsgError s
=> (print ("Firewall query failed: " ^ s ^
"\n");
787 | _
=> (print
"Unexpected server reply.\n";
791 before OpenSSL
.close bio
794 fun regenerate context
=
796 val _
= ErrorMsg
.reset ()
799 val _
= if Env
.lookupType b
"string" then
800 print
"Still got it\n"
802 print
"Don't got it\n"
803 val () = Tycheck
.disallowExterns ()
805 val () = Domain
.resetGlobal ()
807 fun contactNode (node
, ip
) =
808 if node
= Config
.defaultNode
then
811 val bio
= OpenSSL
.connect (context
,
814 ^
Int.toString Config
.slavePort
)
816 Msg
.send (bio
, MsgRegenerate
);
818 NONE
=> print
"Slave closed connection unexpectedly\n"
821 MsgOk
=> print ("Slave " ^ node ^
" pre-regeneration finished\n")
822 | MsgError s
=> print ("Slave " ^ node
823 ^
" returned error: " ^
825 | _
=> print ("Slave " ^ node
826 ^
" returned unexpected command\n");
832 val _
= Domain
.setUser user
833 val _
= ErrorMsg
.reset ()
835 val dname
= Config
.domtoolDir user
837 val dir
= Posix
.FileSys
.opendir dname
840 case Posix
.FileSys
.readdir dir
of
841 NONE
=> (Posix
.FileSys
.closedir dir
;
845 loop (OS
.Path
.joinDirFile
{dir
= dname
,
852 val (_
, files
) = Order
.order (SOME b
) files
854 if !ErrorMsg
.anyErrors
then
855 print ("User " ^ user ^
"'s configuration has errors!\n")
860 | OS
.SysErr (s
, _
) => print ("System error processing user " ^ user ^
": " ^ s ^
"\n")
861 | ErrorMsg
.Error
=> print ("User " ^ user ^
" had a compilation error.\n")
862 | _
=> print
"Unknown exception during regeneration!\n"
864 app contactNode Config
.nodeIps
;
866 app
doUser (Acl
.users ());
872 val doms
= Acl
.class
{user
= user
, class
= "domain"}
873 val doms
= List.filter (fn dom
=>
874 case Acl
.whoHas
{class
= "domain", value
= dom
} of
876 | _
=> false) (StringSet
.listItems doms
)
882 fun now () = Date
.toString (Date
.fromTimeUniv (Time
.now ()))
886 QApt pkg
=> if Apt
.installed pkg
then MsgYes
else MsgNo
887 | QCron user
=> if Cron
.allowed user
then MsgYes
else MsgNo
888 | QFtp user
=> if Ftp
.allowed user
then MsgYes
else MsgNo
889 | QTrustedPath user
=> if TrustedPath
.query user
then MsgYes
else MsgNo
890 | QSocket user
=> MsgSocket (SocketPerm
.query user
)
891 | QFirewall user
=> MsgFirewall (Firewall
.query user
)
893 fun describeQuery q
=
895 QApt pkg
=> "Requested installation status of package " ^ pkg
896 | QCron user
=> "Asked about cron permissions for user " ^ user
897 | QFtp user
=> "Asked about FTP permissions for user " ^ user
898 | QTrustedPath user
=> "Asked about trusted path settings for user " ^ user
899 | QSocket user
=> "Asked about socket permissions for user " ^ user
900 | QFirewall user
=> "Asked about firewall rules for user " ^ user
904 val () = Acl
.read Config
.aclFile
906 val context
= context (Config
.serverCert
,
909 val _
= Domain
.set_context context
911 val sock
= OpenSSL
.listen (context
, Config
.dispatcherPort
)
914 case OpenSSL
.accept sock
of
918 val user
= OpenSSL
.peerCN bio
919 val () = print ("\nConnection from " ^ user ^
" at " ^
now () ^
"\n")
920 val () = Domain
.setUser user
924 (msgLocal
, SOME msgRemote
) =>
927 Msg
.send (bio
, MsgError msgRemote
))
928 |
(msgLocal
, NONE
) =>
931 Msg
.send (bio
, MsgOk
)))
932 handle OpenSSL
.OpenSSL _
=>
933 print
"OpenSSL error\n"
934 | OS
.SysErr (s
, _
) =>
935 (print
"System error: ";
938 Msg
.send (bio
, MsgError ("System error: " ^ s
))
939 handle OpenSSL
.OpenSSL _
=> ())
944 Msg
.send (bio
, MsgError ("Failure: " ^ s
))
945 handle OpenSSL
.OpenSSL _
=> ())
947 (print
"Compilation error\n";
948 Msg
.send (bio
, MsgError
"Error during configuration evaluation")
949 handle OpenSSL
.OpenSSL _
=> ());
951 ignore (OpenSSL
.readChar bio
);
953 handle OpenSSL
.OpenSSL _
=> ();
958 val _
= print
"Configuration:\n"
959 val _
= app (fn s
=> (print s
; print
"\n")) codes
962 val outname
= OS
.FileSys
.tmpName ()
966 val outf
= TextIO.openOut outname
968 TextIO.output (outf
, code
);
969 TextIO.closeOut outf
;
973 doIt (fn () => (Env
.pre ();
976 Msg
.send (bio
, MsgOk
);
977 ("Configuration complete.", NONE
)))
978 (fn () => OS
.FileSys
.remove outname
)
982 case String.fields (fn ch
=> ch
= #
"@") s
of
989 if Domain
.validEmailUser user
' andalso Domain
.yourDomain domain
then
997 NONE
=> (OpenSSL
.close bio
998 handle OpenSSL
.OpenSSL _
=> ();
1002 MsgConfig code
=> doConfig
[code
]
1003 | MsgMultiConfig codes
=> doConfig codes
1006 if Acl
.query
{user
= user
, class
= "priv", value
= "all"}
1007 orelse Acl
.query
{user
= user
, class
= "priv", value
= "shutdown"} then
1008 print ("Domtool dispatcher shutting down at " ^
now () ^
"\n\n")
1010 (print
"Unauthorized shutdown command!\n";
1012 handle OpenSSL
.OpenSSL _
=> ();
1017 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1019 Acl
.write Config
.aclFile
;
1020 ("Granted permission " ^ #value acl ^
" to " ^ #user acl ^
" in " ^ #class acl ^
".",
1023 ("Unauthorized user asked to grant a permission!",
1024 SOME
"Not authorized to grant privileges"))
1029 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1031 Acl
.write Config
.aclFile
;
1032 ("Revoked permission " ^ #value acl ^
" from " ^ #user acl ^
" in " ^ #class acl ^
".",
1035 ("Unauthorized user asked to revoke a permission!",
1036 SOME
"Not authorized to revoke privileges"))
1039 | MsgListPerms user
=>
1041 (Msg
.send (bio
, MsgPerms (Acl
.queryAll user
));
1042 ("Sent permission list for user " ^ user ^
".",
1048 (Msg
.send (bio
, MsgWhoHasResponse (Acl
.whoHas perm
));
1049 ("Sent whohas response for " ^ #class perm ^
" / " ^ #value perm ^
".",
1055 if Acl
.query
{user
= user
, class
= "priv", value
= "all"}
1056 orelse List.all (fn dom
=> Acl
.query
{user
= user
, class
= "domain", value
= dom
}) doms
then
1059 Acl
.revokeFromAll
{class
= "domain", value
= dom
}) doms
;
1060 Acl
.write Config
.aclFile
;
1061 ("Removed domains" ^
foldl (fn (d
, s
) => s ^
" " ^ d
) "" doms ^
".",
1064 ("Unauthorized user asked to remove a domain!",
1065 SOME
"Not authorized to remove that domain"))
1070 if Acl
.query
{user
= user
, class
= "priv", value
= "regen"}
1071 orelse Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1072 (regenerate context
;
1073 ("Regenerated all configuration.",
1076 ("Unauthorized user asked to regenerate!",
1077 SOME
"Not authorized to regenerate"))
1080 | MsgRmuser user
' =>
1082 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1084 Acl
.write Config
.aclFile
;
1085 ("Removed user " ^ user
' ^
".",
1088 ("Unauthorized user asked to remove a user!",
1089 SOME
"Not authorized to remove users"))
1092 | MsgCreateDbUser
{dbtype
, passwd
} =>
1094 case Dbms
.lookup dbtype
of
1095 NONE
=> ("Database user creation request with unknown datatype type " ^ dbtype
,
1096 SOME ("Unknown database type " ^ dbtype
))
1098 case #adduser handler
{user
= user
, passwd
= passwd
} of
1099 NONE
=> ("Added " ^ dbtype ^
" user " ^ user ^
".",
1102 ("Error adding a " ^ dbtype ^
" user " ^ user ^
": " ^ msg
,
1103 SOME ("Error adding user: " ^ msg
)))
1106 | MsgDbPasswd
{dbtype
, passwd
} =>
1108 case Dbms
.lookup dbtype
of
1109 NONE
=> ("Database passwd request with unknown datatype type " ^ dbtype
,
1110 SOME ("Unknown database type " ^ dbtype
))
1112 case #passwd handler
{user
= user
, passwd
= passwd
} of
1113 NONE
=> ("Changed " ^ dbtype ^
" password of user " ^ user ^
".",
1116 ("Error setting " ^ dbtype ^
" password of user " ^ user ^
": " ^ msg
,
1117 SOME ("Error adding user: " ^ msg
)))
1120 | MsgCreateDbTable
{dbtype
, dbname
} =>
1122 if Dbms
.validDbname dbname
then
1123 case Dbms
.lookup dbtype
of
1124 NONE
=> ("Database creation request with unknown datatype type " ^ dbtype
,
1125 SOME ("Unknown database type " ^ dbtype
))
1127 case #createdb handler
{user
= user
, dbname
= dbname
} of
1128 NONE
=> ("Created database " ^ user ^
"_" ^ dbname ^
".",
1130 | SOME msg
=> ("Error creating database " ^ user ^
"_" ^ dbname ^
": " ^ msg
,
1131 SOME ("Error creating database: " ^ msg
))
1133 ("Invalid database name " ^ user ^
"_" ^ dbname
,
1134 SOME ("Invalid database name " ^ dbname
)))
1137 | MsgListMailboxes domain
=>
1139 if not (Domain
.yourDomain domain
) then
1140 ("User wasn't authorized to list mailboxes for " ^ domain
,
1141 SOME
"You're not authorized to configure that domain.")
1143 case Vmail
.list domain
of
1144 Vmail
.Listing users
=> (Msg
.send (bio
, MsgMailboxes users
);
1145 ("Sent mailbox list for " ^ domain
,
1147 | Vmail
.Error msg
=> ("Error listing mailboxes for " ^ domain ^
": " ^ msg
,
1151 | MsgNewMailbox
{domain
, user
= emailUser
, passwd
, mailbox
} =>
1153 if not (Domain
.yourDomain domain
) then
1154 ("User wasn't authorized to add a mailbox to " ^ domain
,
1155 SOME
"You're not authorized to configure that domain.")
1156 else if not (Domain
.validEmailUser emailUser
) then
1157 ("Invalid e-mail username " ^ emailUser
,
1158 SOME
"Invalid e-mail username")
1159 else if not (CharVector
.all
Char.isGraph passwd
) then
1160 ("Invalid password",
1161 SOME
"Invalid password; may only contain printable, non-space characters")
1162 else if not (Domain
.yourPath mailbox
) then
1163 ("User wasn't authorized to add a mailbox at " ^ mailbox
,
1164 SOME
"You're not authorized to use that mailbox location.")
1166 case Vmail
.add
{requester
= user
,
1167 domain
= domain
, user
= emailUser
,
1168 passwd
= passwd
, mailbox
= mailbox
} of
1169 NONE
=> ("Added mailbox " ^ emailUser ^
"@" ^ domain ^
" at " ^ mailbox
,
1171 | SOME msg
=> ("Error adding mailbox " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1175 | MsgPasswdMailbox
{domain
, user
= emailUser
, passwd
} =>
1177 if not (Domain
.yourDomain domain
) then
1178 ("User wasn't authorized to change password of a mailbox for " ^ domain
,
1179 SOME
"You're not authorized to configure that domain.")
1180 else if not (Domain
.validEmailUser emailUser
) then
1181 ("Invalid e-mail username " ^ emailUser
,
1182 SOME
"Invalid e-mail username")
1183 else if not (CharVector
.all
Char.isGraph passwd
) then
1184 ("Invalid password",
1185 SOME
"Invalid password; may only contain printable, non-space characters")
1187 case Vmail
.passwd
{domain
= domain
, user
= emailUser
,
1189 NONE
=> ("Changed password of mailbox " ^ emailUser ^
"@" ^ domain
,
1191 | SOME msg
=> ("Error changing mailbox password for " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1195 | MsgRmMailbox
{domain
, user
= emailUser
} =>
1197 if not (Domain
.yourDomain domain
) then
1198 ("User wasn't authorized to change password of a mailbox for " ^ domain
,
1199 SOME
"You're not authorized to configure that domain.")
1200 else if not (Domain
.validEmailUser emailUser
) then
1201 ("Invalid e-mail username " ^ emailUser
,
1202 SOME
"Invalid e-mail username")
1204 case Vmail
.rm
{domain
= domain
, user
= emailUser
} of
1205 NONE
=> ("Deleted mailbox " ^ emailUser ^
"@" ^ domain
,
1207 | SOME msg
=> ("Error deleting mailbox " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1211 | MsgSaQuery addr
=>
1213 case checkAddr addr
of
1214 NONE
=> ("User tried to query SA filtering for " ^ addr
,
1215 SOME
"You aren't allowed to configure SA filtering for that recipient.")
1216 | SOME addr
' => (Msg
.send (bio
, MsgSaStatus (SetSA
.query addr
'));
1217 ("Queried SA filtering status for " ^ addr
,
1221 |
MsgSaSet (addr
, b
) =>
1223 case checkAddr addr
of
1224 NONE
=> ("User tried to set SA filtering for " ^ addr
,
1225 SOME
"You aren't allowed to configure SA filtering for that recipient.")
1226 | SOME addr
' => (SetSA
.set (addr
', b
);
1227 Msg
.send (bio
, MsgOk
);
1228 ("Set SA filtering status for " ^ addr ^
" to "
1229 ^
(if b
then "ON" else "OFF"),
1233 | MsgSmtpLogReq domain
=>
1235 if not (Domain
.yourDomain domain
) then
1236 ("Unauthorized user tried to request SMTP logs for " ^ domain
,
1237 SOME
"You aren't authorized to configure that domain.")
1239 (SmtpLog
.search (fn line
=> Msg
.send (bio
, MsgSmtpLogRes line
))
1241 ("Requested SMTP logs for " ^ domain
,
1246 doIt (fn () => (Msg
.send (bio
, answerQuery q
);
1252 doIt (fn () => ("Unexpected command",
1253 SOME
"Unexpected command"))
1258 handle OpenSSL
.OpenSSL s
=>
1259 (print ("OpenSSL error: " ^ s ^
"\n");
1261 handle OpenSSL
.OpenSSL _
=> ();
1263 | OS
.SysErr (s
, _
) =>
1264 (print ("System error: " ^ s ^
"\n");
1266 handle OpenSSL
.OpenSSL _
=> ();
1268 | IO
.Io
{name
, function
, cause
} =>
1269 (print ("IO error: " ^ function ^
" for " ^ name ^
"\n");
1270 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory cause
);
1272 handle OpenSSL
.OpenSSL _
=> ();
1275 (print
"Unknown exception in main loop!\n";
1276 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory e
);
1278 handle OpenSSL
.OpenSSL _
=> ();
1281 print ("Domtool dispatcher starting up at " ^
now () ^
"\n");
1282 print
"Listening for connections....\n";
1284 OpenSSL
.shutdown sock
1289 val host
= Slave
.hostname ()
1291 val context
= context (Config
.certDir ^
"/" ^ host ^
".pem",
1292 Config
.keyDir ^
"/" ^ host ^
"/key.pem",
1295 val sock
= OpenSSL
.listen (context
, Config
.slavePort
)
1297 val _
= print ("Slave server starting at " ^
now () ^
"\n")
1300 case OpenSSL
.accept sock
of
1304 val peer
= OpenSSL
.peerCN bio
1305 val () = print ("\nConnection from " ^ peer ^
" at " ^
now () ^
"\n")
1307 if peer
= Config
.dispatcherName
then let
1309 case Msg
.recv bio
of
1310 NONE
=> print
"Dispatcher closed connection unexpectedly\n"
1313 MsgFile file
=> loop
' (file
:: files
)
1314 | MsgDoFiles
=> (Slave
.handleChanges files
;
1315 Msg
.send (bio
, MsgOk
))
1316 | MsgRegenerate
=> (Domain
.resetLocal ();
1317 Msg
.send (bio
, MsgOk
))
1318 | _
=> (print
"Dispatcher sent unexpected command\n";
1319 Msg
.send (bio
, MsgError
"Unexpected command"))
1322 ignore (OpenSSL
.readChar bio
);
1326 else if peer
= "domtool" then
1327 case Msg
.recv bio
of
1328 SOME MsgShutdown
=> (OpenSSL
.close bio
;
1329 print ("Shutting down at " ^
now () ^
"\n\n"))
1330 | _
=> (OpenSSL
.close bio
;
1333 case Msg
.recv bio
of
1334 SOME (MsgQuery q
) => (print (describeQuery q ^
"\n");
1335 Msg
.send (bio
, answerQuery q
);
1336 ignore (OpenSSL
.readChar bio
);
1339 | _
=> (OpenSSL
.close bio
;
1341 end handle OpenSSL
.OpenSSL s
=>
1342 (print ("OpenSSL error: "^ s ^
"\n");
1344 handle OpenSSL
.OpenSSL _
=> ();
1346 | e
as OS
.SysErr (s
, _
) =>
1347 (app (fn s
=> print (s ^
"\n")) (SMLofNJ
.exnHistory e
);
1348 print ("System error: "^ s ^
"\n");
1350 handle OpenSSL
.OpenSSL _
=> ();
1354 OpenSSL
.shutdown sock
1359 val dir
= Posix
.FileSys
.opendir Config
.libRoot
1362 case Posix
.FileSys
.readdir dir
of
1363 NONE
=> (Posix
.FileSys
.closedir dir
;
1366 if String.isSuffix
".dtl" fname
then
1367 loop (OS
.Path
.joinDirFile
{dir
= Config
.libRoot
,
1376 fun autodocBasis outdir
=
1377 Autodoc
.autodoc
{outdir
= outdir
, infiles
= listBasis ()}