1 (* HCoop
Domtool (http
://hcoop
.sourceforge
.net
/)
2 * Copyright (c
) 2006-2007, Adam Chlipala
4 * This program is free software
; you can redistribute it
and/or
5 * modify it under the terms
of the GNU General Public License
6 * as published by the Free Software Foundation
; either version
2
7 * of the License
, or (at your option
) any later version
.
9 * This program is distributed
in the hope that it will be useful
,
10 * but WITHOUT ANY WARRANTY
; without even the implied warranty
of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE
. See the
12 * GNU General Public License for more details
.
14 * You should have received a copy
of the GNU General Public License
15 * along
with this program
; if not
, write to the Free Software
16 * Foundation
, Inc
., 51 Franklin Street
, Fifth Floor
, Boston
, MA
02110-1301, USA
.
21 structure Main
:> MAIN
= struct
23 open Ast MsgTypes Print
25 structure SM
= StringMap
27 fun init () = Acl
.read Config
.aclFile
31 val prog
= Parse
.parse fname
33 if !ErrorMsg
.anyErrors
then
36 Tycheck
.checkFile
G (Defaults
.tInit ()) prog
41 val dir
= Posix
.FileSys
.opendir Config
.libRoot
44 case Posix
.FileSys
.readdir dir
of
45 NONE
=> (Posix
.FileSys
.closedir dir
;
48 if String.isSuffix
".dtl" fname
then
49 loop (OS
.Path
.joinDirFile
{dir
= Config
.libRoot
,
56 val (_
, files
) = Order
.order NONE files
58 if !ErrorMsg
.anyErrors
then
61 (Tycheck
.allowExterns ();
62 foldl (fn (fname
, G
) => check
' G fname
) Env
.empty files
63 before Tycheck
.disallowExterns ())
68 val _
= ErrorMsg
.reset ()
69 val _
= Env
.preTycheck ()
73 if !ErrorMsg
.anyErrors
then
77 val _
= Tycheck
.disallowExterns ()
78 val _
= ErrorMsg
.reset ()
79 val prog
= Parse
.parse fname
81 if !ErrorMsg
.anyErrors
then
85 val G
' = Tycheck
.checkFile
b (Defaults
.tInit ()) prog
87 if !ErrorMsg
.anyErrors
then
95 val notTmp
= CharVector
.all (fn ch
=> Char.isAlphaNum ch
orelse ch
= #
"." orelse ch
= #
"_" orelse ch
= #
"-")
101 val dir
= Posix
.FileSys
.opendir dname
104 case Posix
.FileSys
.readdir dir
of
105 NONE
=> (Posix
.FileSys
.closedir dir
;
109 loop (OS
.Path
.joinDirFile
{dir
= dname
,
116 val (_
, files
) = Order
.order (SOME b
) files
118 if !ErrorMsg
.anyErrors
then
121 (foldl (fn (fname
, G
) => check
' G fname
) b files
;
122 if !ErrorMsg
.anyErrors
then
130 val (G
, body
) = check fname
132 if !ErrorMsg
.anyErrors
then
138 val body
' = Reduce
.reduceExp G body
140 (*printd (PD
.hovBox (PD
.PPS
.Rel
0,
141 [PD
.string "Result:",
152 if !ErrorMsg
.anyErrors
then
155 Eval
.exec (Defaults
.eInit ()) body
'
156 | NONE
=> raise ErrorMsg
.Error
161 if !ErrorMsg
.anyErrors
then
164 ignore (Eval
.exec
' (Defaults
.eInit ()) body
')
165 | NONE
=> raise ErrorMsg
.Error
168 Config
.dispatcher ^
":" ^
Int.toString Config
.dispatcherPort
171 "localhost:" ^
Int.toString Config
.slavePort
174 (OpenSSL
.context
false x
)
175 handle e
as OpenSSL
.OpenSSL _
=>
176 (print
"Couldn't find your certificate.\nYou probably haven't been given any Domtool privileges.\n";
182 case Posix
.ProcEnv
.getenv
"DOMTOOL_USER" of
185 val uid
= Posix
.ProcEnv
.getuid ()
187 Posix
.SysDB
.Passwd
.name (Posix
.SysDB
.getpwuid uid
)
191 Acl
.read Config
.aclFile
;
196 fun requestContext f
=
198 val user
= setupUser ()
202 val context
= context (Config
.certDir ^
"/" ^ user ^
".pem",
203 Config
.keyDir ^
"/" ^ user ^
"/key.pem",
211 val (user
, context
) = requestContext f
213 (user
, OpenSSL
.connect (context
, dispatcher
))
216 fun requestSlaveBio () =
218 val (user
, context
) = requestContext (fn () => ())
220 (user
, OpenSSL
.connect (context
, self
))
225 val (user
, bio
) = requestBio (fn () => ignore (check fname
))
227 val inf
= TextIO.openIn fname
230 case TextIO.inputLine inf
of
231 NONE
=> String.concat (List.rev lines
)
232 | SOME line
=> loop (line
:: lines
)
237 Msg
.send (bio
, MsgConfig code
);
239 NONE
=> print
"Server closed connection unexpectedly.\n"
242 MsgOk
=> print
"Configuration succeeded.\n"
243 | MsgError s
=> print ("Configuration failed: " ^ s ^
"\n")
244 | _
=> print
"Unexpected server reply.\n";
247 handle ErrorMsg
.Error
=> ()
249 fun requestDir dname
=
251 val _
= if Posix
.FileSys
.access (dname
, []) then
254 (print ("Can't access " ^ dname ^
".\n");
255 print
"Did you mean to run domtool on a specific file, instead of asking for all\n";
256 print
"files in your ~/domtool directory?\n";
257 OS
.Process
.exit OS
.Process
.failure
)
259 val _
= ErrorMsg
.reset ()
261 val (user
, bio
) = requestBio (fn () => checkDir dname
)
265 val dir
= Posix
.FileSys
.opendir dname
268 case Posix
.FileSys
.readdir dir
of
269 NONE
=> (Posix
.FileSys
.closedir dir
;
273 loop (OS
.Path
.joinDirFile
{dir
= dname
,
280 val (_
, files
) = Order
.order (SOME b
) files
282 val _
= if !ErrorMsg
.anyErrors
then
287 val codes
= map (fn fname
=>
289 val inf
= TextIO.openIn fname
292 case TextIO.inputLine inf
of
293 NONE
=> String.concat (rev lines
)
294 | SOME line
=> loop (line
:: lines
)
297 before TextIO.closeIn inf
300 if !ErrorMsg
.anyErrors
then
303 (Msg
.send (bio
, MsgMultiConfig codes
);
305 NONE
=> print
"Server closed connection unexpectedly.\n"
308 MsgOk
=> print
"Configuration succeeded.\n"
309 | MsgError s
=> print ("Configuration failed: " ^ s ^
"\n")
310 | _
=> print
"Unexpected server reply.\n";
313 handle ErrorMsg
.Error
=> ()
317 val (_
, bio
) = requestBio (fn () => ())
322 handle _
=> OS
.Process
.failure
324 fun requestShutdown () =
326 val (_
, bio
) = requestBio (fn () => ())
328 Msg
.send (bio
, MsgShutdown
);
330 NONE
=> print
"Server closed connection unexpectedly.\n"
333 MsgOk
=> print
"Shutdown begun.\n"
334 | MsgError s
=> print ("Shutdown failed: " ^ s ^
"\n")
335 | _
=> print
"Unexpected server reply.\n";
339 fun requestSlavePing () =
341 val (_
, bio
) = requestSlaveBio ()
346 handle _
=> OS
.Process
.failure
348 fun requestSlaveShutdown () =
350 val (_
, bio
) = requestSlaveBio ()
352 Msg
.send (bio
, MsgShutdown
);
354 NONE
=> print
"Server closed connection unexpectedly.\n"
357 MsgOk
=> print
"Shutdown begun.\n"
358 | MsgError s
=> print ("Shutdown failed: " ^ s ^
"\n")
359 | _
=> print
"Unexpected server reply.\n";
363 fun requestGrant acl
=
365 val (user
, bio
) = requestBio (fn () => ())
367 Msg
.send (bio
, MsgGrant acl
);
369 NONE
=> print
"Server closed connection unexpectedly.\n"
372 MsgOk
=> print
"Grant succeeded.\n"
373 | MsgError s
=> print ("Grant failed: " ^ s ^
"\n")
374 | _
=> print
"Unexpected server reply.\n";
378 fun requestRevoke acl
=
380 val (user
, bio
) = requestBio (fn () => ())
382 Msg
.send (bio
, MsgRevoke acl
);
384 NONE
=> print
"Server closed connection unexpectedly.\n"
387 MsgOk
=> print
"Revoke succeeded.\n"
388 | MsgError s
=> print ("Revoke failed: " ^ s ^
"\n")
389 | _
=> print
"Unexpected server reply.\n";
393 fun requestListPerms user
=
395 val (_
, bio
) = requestBio (fn () => ())
397 Msg
.send (bio
, MsgListPerms user
);
398 (case Msg
.recv bio
of
399 NONE
=> (print
"Server closed connection unexpectedly.\n";
403 MsgPerms perms
=> SOME perms
404 | MsgError s
=> (print ("Listing failed: " ^ s ^
"\n");
406 | _
=> (print
"Unexpected server reply.\n";
408 before OpenSSL
.close bio
411 fun requestWhoHas perm
=
413 val (_
, bio
) = requestBio (fn () => ())
415 Msg
.send (bio
, MsgWhoHas perm
);
416 (case Msg
.recv bio
of
417 NONE
=> (print
"Server closed connection unexpectedly.\n";
421 MsgWhoHasResponse users
=> SOME users
422 | MsgError s
=> (print ("whohas failed: " ^ s ^
"\n");
424 | _
=> (print
"Unexpected server reply.\n";
426 before OpenSSL
.close bio
429 fun requestRegen () =
431 val (_
, bio
) = requestBio (fn () => ())
433 Msg
.send (bio
, MsgRegenerate
);
435 NONE
=> print
"Server closed connection unexpectedly.\n"
438 MsgOk
=> print
"Regeneration succeeded.\n"
439 | MsgError s
=> print ("Regeneration failed: " ^ s ^
"\n")
440 | _
=> print
"Unexpected server reply.\n";
444 fun requestRmdom dom
=
446 val (_
, bio
) = requestBio (fn () => ())
448 Msg
.send (bio
, MsgRmdom dom
);
450 NONE
=> print
"Server closed connection unexpectedly.\n"
453 MsgOk
=> print
"Removal succeeded.\n"
454 | MsgError s
=> print ("Removal failed: " ^ s ^
"\n")
455 | _
=> print
"Unexpected server reply.\n";
459 fun requestRmuser user
=
461 val (_
, bio
) = requestBio (fn () => ())
463 Msg
.send (bio
, MsgRmuser user
);
465 NONE
=> print
"Server closed connection unexpectedly.\n"
468 MsgOk
=> print
"Removal succeeded.\n"
469 | MsgError s
=> print ("Removal failed: " ^ s ^
"\n")
470 | _
=> print
"Unexpected server reply.\n";
474 fun requestDbUser dbtype
=
476 val (_
, bio
) = requestBio (fn () => ())
478 Msg
.send (bio
, MsgCreateDbUser dbtype
);
480 NONE
=> print
"Server closed connection unexpectedly.\n"
483 MsgOk
=> print
"Your user has been created.\n"
484 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
485 | _
=> print
"Unexpected server reply.\n";
489 fun requestDbPasswd rc
=
491 val (_
, bio
) = requestBio (fn () => ())
493 Msg
.send (bio
, MsgDbPasswd rc
);
495 NONE
=> print
"Server closed connection unexpectedly.\n"
498 MsgOk
=> print
"Your password has been changed.\n"
499 | MsgError s
=> print ("Password set failed: " ^ s ^
"\n")
500 | _
=> print
"Unexpected server reply.\n";
504 fun requestDbTable p
=
506 val (user
, bio
) = requestBio (fn () => ())
508 Msg
.send (bio
, MsgCreateDbTable p
);
510 NONE
=> print
"Server closed connection unexpectedly.\n"
513 MsgOk
=> print ("Your database " ^ user ^
"_" ^ #dbname p ^
" has been created.\n")
514 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
515 | _
=> print
"Unexpected server reply.\n";
519 fun requestListMailboxes domain
=
521 val (_
, bio
) = requestBio (fn () => ())
523 Msg
.send (bio
, MsgListMailboxes domain
);
524 (case Msg
.recv bio
of
525 NONE
=> Vmail
.Error
"Server closed connection unexpectedly."
528 MsgMailboxes users
=> (Msg
.send (bio
, MsgOk
);
530 | MsgError s
=> Vmail
.Error ("Creation failed: " ^ s
)
531 | _
=> Vmail
.Error
"Unexpected server reply.")
532 before OpenSSL
.close bio
535 fun requestNewMailbox p
=
537 val (_
, bio
) = requestBio (fn () => ())
539 Msg
.send (bio
, MsgNewMailbox p
);
541 NONE
=> print
"Server closed connection unexpectedly.\n"
544 MsgOk
=> print ("A mapping for " ^ #user p ^
"@" ^ #domain p ^
" has been created.\n")
545 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
546 | _
=> print
"Unexpected server reply.\n";
550 fun requestPasswdMailbox p
=
552 val (_
, bio
) = requestBio (fn () => ())
554 Msg
.send (bio
, MsgPasswdMailbox p
);
556 NONE
=> print
"Server closed connection unexpectedly.\n"
559 MsgOk
=> print ("The password for " ^ #user p ^
"@" ^ #domain p ^
" has been changed.\n")
560 | MsgError s
=> print ("Set failed: " ^ s ^
"\n")
561 | _
=> print
"Unexpected server reply.\n";
565 fun requestRmMailbox p
=
567 val (_
, bio
) = requestBio (fn () => ())
569 Msg
.send (bio
, MsgRmMailbox p
);
571 NONE
=> print
"Server closed connection unexpectedly.\n"
574 MsgOk
=> print ("The mapping for mailbox " ^ #user p ^
"@" ^ #domain p ^
" has been deleted.\n")
575 | MsgError s
=> print ("Remove failed: " ^ s ^
"\n")
576 | _
=> print
"Unexpected server reply.\n";
580 fun requestSaQuery addr
=
582 val (_
, bio
) = requestBio (fn () => ())
584 Msg
.send (bio
, MsgSaQuery addr
);
585 (case Msg
.recv bio
of
586 NONE
=> print
"Server closed connection unexpectedly.\n"
589 MsgSaStatus b
=> (print ("SpamAssassin filtering for " ^ addr ^
" is "
590 ^
(if b
then "ON" else "OFF") ^
".\n");
591 Msg
.send (bio
, MsgOk
))
592 | MsgError s
=> print ("Query failed: " ^ s ^
"\n")
593 | _
=> print
"Unexpected server reply.\n")
594 before OpenSSL
.close bio
599 val (_
, bio
) = requestBio (fn () => ())
601 Msg
.send (bio
, MsgSaSet p
);
603 NONE
=> print
"Server closed connection unexpectedly.\n"
606 MsgOk
=> print ("SpamAssassin filtering for " ^ #
1 p ^
" is now "
607 ^
(if #
2 p
then "ON" else "OFF") ^
".\n")
608 | MsgError s
=> print ("Set failed: " ^ s ^
"\n")
609 | _
=> print
"Unexpected server reply.\n";
613 fun requestSmtpLog domain
=
615 val (_
, bio
) = requestBio (fn () => ())
617 val _
= Msg
.send (bio
, MsgSmtpLogReq domain
)
621 NONE
=> print
"Server closed connection unexpectedly.\n"
625 | MsgSmtpLogRes line
=> (print line
;
627 | MsgError s
=> print ("Log search failed: " ^ s ^
"\n")
628 | _
=> print
"Unexpected server reply.\n"
634 fun requestApt
{node
, pkg
} =
636 val (user
, context
) = requestContext (fn () => ())
637 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
640 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
642 val _
= Msg
.send (bio
, MsgQuery (QApt pkg
))
646 NONE
=> (print
"Server closed connection unexpectedly.\n";
650 MsgYes
=> (print
"Package is installed.\n";
652 | MsgNo
=> (print
"Package is not installed.\n";
654 | MsgError s
=> (print ("APT query failed: " ^ s ^
"\n");
656 | _
=> (print
"Unexpected server reply.\n";
660 before OpenSSL
.close bio
663 fun requestCron
{node
, uname
} =
665 val (user
, context
) = requestContext (fn () => ())
666 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
669 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
671 val _
= Msg
.send (bio
, MsgQuery (QCron uname
))
675 NONE
=> (print
"Server closed connection unexpectedly.\n";
679 MsgYes
=> (print
"User has cron permissions.\n";
681 | MsgNo
=> (print
"User does not have cron permissions.\n";
683 | MsgError s
=> (print ("Cron query failed: " ^ s ^
"\n");
685 | _
=> (print
"Unexpected server reply.\n";
689 before OpenSSL
.close bio
692 fun requestFtp
{node
, uname
} =
694 val (user
, context
) = requestContext (fn () => ())
695 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
698 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
700 val _
= Msg
.send (bio
, MsgQuery (QFtp uname
))
704 NONE
=> (print
"Server closed connection unexpectedly.\n";
708 MsgYes
=> (print
"User has FTP permissions.\n";
710 | MsgNo
=> (print
"User does not have FTP permissions.\n";
712 | MsgError s
=> (print ("FTP query failed: " ^ s ^
"\n");
714 | _
=> (print
"Unexpected server reply.\n";
718 before OpenSSL
.close bio
721 fun requestTrustedPath
{node
, uname
} =
723 val (user
, context
) = requestContext (fn () => ())
724 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
727 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
729 val _
= Msg
.send (bio
, MsgQuery (QTrustedPath uname
))
733 NONE
=> (print
"Server closed connection unexpectedly.\n";
737 MsgYes
=> (print
"User has trusted path restriction.\n";
739 | MsgNo
=> (print
"User does not have trusted path restriction.\n";
741 | MsgError s
=> (print ("Trusted path query failed: " ^ s ^
"\n");
743 | _
=> (print
"Unexpected server reply.\n";
747 before OpenSSL
.close bio
750 fun requestSocketPerm
{node
, uname
} =
752 val (user
, context
) = requestContext (fn () => ())
753 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
756 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
758 val _
= Msg
.send (bio
, MsgQuery (QSocket uname
))
762 NONE
=> (print
"Server closed connection unexpectedly.\n";
766 MsgSocket p
=> (case p
of
768 | Client
=> print
"Client\n"
769 | Server
=> print
"Server\n"
770 | Nada
=> print
"Nada\n";
772 | MsgError s
=> (print ("Socket permission query failed: " ^ s ^
"\n");
774 | _
=> (print
"Unexpected server reply.\n";
778 before OpenSSL
.close bio
781 fun requestFirewall
{node
, uname
} =
783 val (user
, context
) = requestContext (fn () => ())
784 val bio
= OpenSSL
.connect (context
, if node
= Config
.masterNode
then
787 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
789 val _
= Msg
.send (bio
, MsgQuery (QFirewall uname
))
793 NONE
=> (print
"Server closed connection unexpectedly.\n";
797 MsgFirewall ls
=> (app (fn s
=> (print s
; print
"\n")) ls
;
799 | MsgError s
=> (print ("Firewall query failed: " ^ s ^
"\n");
801 | _
=> (print
"Unexpected server reply.\n";
805 before OpenSSL
.close bio
808 fun regenerate context
=
810 val _
= ErrorMsg
.reset ()
813 val () = Tycheck
.disallowExterns ()
815 val () = Domain
.resetGlobal ()
817 fun contactNode (node
, ip
) =
818 if node
= Config
.defaultNode
then
821 val bio
= OpenSSL
.connect (context
,
824 ^
Int.toString Config
.slavePort
)
826 Msg
.send (bio
, MsgRegenerate
);
828 NONE
=> print
"Slave closed connection unexpectedly\n"
831 MsgOk
=> print ("Slave " ^ node ^
" pre-regeneration finished\n")
832 | MsgError s
=> print ("Slave " ^ node
833 ^
" returned error: " ^
835 | _
=> print ("Slave " ^ node
836 ^
" returned unexpected command\n");
842 val _
= Domain
.setUser user
843 val _
= ErrorMsg
.reset ()
845 val dname
= Config
.domtoolDir user
847 val dir
= Posix
.FileSys
.opendir dname
850 case Posix
.FileSys
.readdir dir
of
851 NONE
=> (Posix
.FileSys
.closedir dir
;
855 loop (OS
.Path
.joinDirFile
{dir
= dname
,
862 val (_
, files
) = Order
.order (SOME b
) files
864 if !ErrorMsg
.anyErrors
then
866 print ("User " ^ user ^
"'s configuration has errors!\n"))
871 | OS
.SysErr (s
, _
) => print ("System error processing user " ^ user ^
": " ^ s ^
"\n")
872 | ErrorMsg
.Error
=> (ErrorMsg
.reset ();
873 print ("User " ^ user ^
" had a compilation error.\n"))
874 | _
=> print
"Unknown exception during regeneration!\n"
876 app contactNode Config
.nodeIps
;
878 app
doUser (Acl
.users ());
884 val doms
= Acl
.class
{user
= user
, class
= "domain"}
885 val doms
= List.filter (fn dom
=>
886 case Acl
.whoHas
{class
= "domain", value
= dom
} of
888 | _
=> false) (StringSet
.listItems doms
)
894 fun now () = Date
.toString (Date
.fromTimeUniv (Time
.now ()))
898 QApt pkg
=> if Apt
.installed pkg
then MsgYes
else MsgNo
899 | QCron user
=> if Cron
.allowed user
then MsgYes
else MsgNo
900 | QFtp user
=> if Ftp
.allowed user
then MsgYes
else MsgNo
901 | QTrustedPath user
=> if TrustedPath
.query user
then MsgYes
else MsgNo
902 | QSocket user
=> MsgSocket (SocketPerm
.query user
)
903 | QFirewall user
=> MsgFirewall (Firewall
.query user
)
905 fun describeQuery q
=
907 QApt pkg
=> "Requested installation status of package " ^ pkg
908 | QCron user
=> "Asked about cron permissions for user " ^ user
909 | QFtp user
=> "Asked about FTP permissions for user " ^ user
910 | QTrustedPath user
=> "Asked about trusted path settings for user " ^ user
911 | QSocket user
=> "Asked about socket permissions for user " ^ user
912 | QFirewall user
=> "Asked about firewall rules for user " ^ user
916 val () = Acl
.read Config
.aclFile
918 val context
= context (Config
.serverCert
,
921 val _
= Domain
.set_context context
923 val sock
= OpenSSL
.listen (context
, Config
.dispatcherPort
)
926 case OpenSSL
.accept sock
of
930 val user
= OpenSSL
.peerCN bio
931 val () = print ("\nConnection from " ^ user ^
" at " ^
now () ^
"\n")
932 val () = Domain
.setUser user
936 (msgLocal
, SOME msgRemote
) =>
939 Msg
.send (bio
, MsgError msgRemote
))
940 |
(msgLocal
, NONE
) =>
943 Msg
.send (bio
, MsgOk
)))
944 handle OpenSSL
.OpenSSL _
=>
945 print
"OpenSSL error\n"
946 | OS
.SysErr (s
, _
) =>
947 (print
"System error: ";
950 Msg
.send (bio
, MsgError ("System error: " ^ s
))
951 handle OpenSSL
.OpenSSL _
=> ())
956 Msg
.send (bio
, MsgError ("Failure: " ^ s
))
957 handle OpenSSL
.OpenSSL _
=> ())
959 (print
"Compilation error\n";
960 Msg
.send (bio
, MsgError
"Error during configuration evaluation")
961 handle OpenSSL
.OpenSSL _
=> ());
963 ignore (OpenSSL
.readChar bio
);
965 handle OpenSSL
.OpenSSL _
=> ();
970 val _
= print
"Configuration:\n"
971 val _
= app (fn s
=> (print s
; print
"\n")) codes
974 val outname
= OS
.FileSys
.tmpName ()
978 val outf
= TextIO.openOut outname
980 TextIO.output (outf
, code
);
981 TextIO.closeOut outf
;
985 doIt (fn () => (Env
.pre ();
988 Msg
.send (bio
, MsgOk
);
989 ("Configuration complete.", NONE
)))
990 (fn () => OS
.FileSys
.remove outname
)
994 case String.fields (fn ch
=> ch
= #
"@") s
of
1000 |
[user
', domain
] =>
1001 if Domain
.validEmailUser user
' andalso Domain
.yourDomain domain
then
1002 SOME (SetSA
.Email s
)
1008 case Msg
.recv bio
of
1009 NONE
=> (OpenSSL
.close bio
1010 handle OpenSSL
.OpenSSL _
=> ();
1014 MsgConfig code
=> doConfig
[code
]
1015 | MsgMultiConfig codes
=> doConfig codes
1018 if Acl
.query
{user
= user
, class
= "priv", value
= "all"}
1019 orelse Acl
.query
{user
= user
, class
= "priv", value
= "shutdown"} then
1020 print ("Domtool dispatcher shutting down at " ^
now () ^
"\n\n")
1022 (print
"Unauthorized shutdown command!\n";
1024 handle OpenSSL
.OpenSSL _
=> ();
1029 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1031 Acl
.write Config
.aclFile
;
1032 ("Granted permission " ^ #value acl ^
" to " ^ #user acl ^
" in " ^ #class acl ^
".",
1035 ("Unauthorized user asked to grant a permission!",
1036 SOME
"Not authorized to grant privileges"))
1041 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1043 Acl
.write Config
.aclFile
;
1044 ("Revoked permission " ^ #value acl ^
" from " ^ #user acl ^
" in " ^ #class acl ^
".",
1047 ("Unauthorized user asked to revoke a permission!",
1048 SOME
"Not authorized to revoke privileges"))
1051 | MsgListPerms user
=>
1053 (Msg
.send (bio
, MsgPerms (Acl
.queryAll user
));
1054 ("Sent permission list for user " ^ user ^
".",
1060 (Msg
.send (bio
, MsgWhoHasResponse (Acl
.whoHas perm
));
1061 ("Sent whohas response for " ^ #class perm ^
" / " ^ #value perm ^
".",
1067 if Acl
.query
{user
= user
, class
= "priv", value
= "all"}
1068 orelse List.all (fn dom
=> Acl
.query
{user
= user
, class
= "domain", value
= dom
}) doms
then
1071 Acl
.revokeFromAll
{class
= "domain", value
= dom
}) doms
;
1072 Acl
.write Config
.aclFile
;
1073 ("Removed domains" ^
foldl (fn (d
, s
) => s ^
" " ^ d
) "" doms ^
".",
1076 ("Unauthorized user asked to remove a domain!",
1077 SOME
"Not authorized to remove that domain"))
1082 if Acl
.query
{user
= user
, class
= "priv", value
= "regen"}
1083 orelse Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1084 (regenerate context
;
1085 ("Regenerated all configuration.",
1088 ("Unauthorized user asked to regenerate!",
1089 SOME
"Not authorized to regenerate"))
1092 | MsgRmuser user
' =>
1094 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1096 Acl
.write Config
.aclFile
;
1097 ("Removed user " ^ user
' ^
".",
1100 ("Unauthorized user asked to remove a user!",
1101 SOME
"Not authorized to remove users"))
1104 | MsgCreateDbUser
{dbtype
, passwd
} =>
1106 case Dbms
.lookup dbtype
of
1107 NONE
=> ("Database user creation request with unknown datatype type " ^ dbtype
,
1108 SOME ("Unknown database type " ^ dbtype
))
1110 case #adduser handler
{user
= user
, passwd
= passwd
} of
1111 NONE
=> ("Added " ^ dbtype ^
" user " ^ user ^
".",
1114 ("Error adding a " ^ dbtype ^
" user " ^ user ^
": " ^ msg
,
1115 SOME ("Error adding user: " ^ msg
)))
1118 | MsgDbPasswd
{dbtype
, passwd
} =>
1120 case Dbms
.lookup dbtype
of
1121 NONE
=> ("Database passwd request with unknown datatype type " ^ dbtype
,
1122 SOME ("Unknown database type " ^ dbtype
))
1124 case #passwd handler
{user
= user
, passwd
= passwd
} of
1125 NONE
=> ("Changed " ^ dbtype ^
" password of user " ^ user ^
".",
1128 ("Error setting " ^ dbtype ^
" password of user " ^ user ^
": " ^ msg
,
1129 SOME ("Error adding user: " ^ msg
)))
1132 | MsgCreateDbTable
{dbtype
, dbname
} =>
1134 if Dbms
.validDbname dbname
then
1135 case Dbms
.lookup dbtype
of
1136 NONE
=> ("Database creation request with unknown datatype type " ^ dbtype
,
1137 SOME ("Unknown database type " ^ dbtype
))
1139 case #createdb handler
{user
= user
, dbname
= dbname
} of
1140 NONE
=> ("Created database " ^ user ^
"_" ^ dbname ^
".",
1142 | SOME msg
=> ("Error creating database " ^ user ^
"_" ^ dbname ^
": " ^ msg
,
1143 SOME ("Error creating database: " ^ msg
))
1145 ("Invalid database name " ^ user ^
"_" ^ dbname
,
1146 SOME ("Invalid database name " ^ dbname
)))
1149 | MsgListMailboxes domain
=>
1151 if not (Domain
.yourDomain domain
) then
1152 ("User wasn't authorized to list mailboxes for " ^ domain
,
1153 SOME
"You're not authorized to configure that domain.")
1155 case Vmail
.list domain
of
1156 Vmail
.Listing users
=> (Msg
.send (bio
, MsgMailboxes users
);
1157 ("Sent mailbox list for " ^ domain
,
1159 | Vmail
.Error msg
=> ("Error listing mailboxes for " ^ domain ^
": " ^ msg
,
1163 | MsgNewMailbox
{domain
, user
= emailUser
, passwd
, mailbox
} =>
1165 if not (Domain
.yourDomain domain
) then
1166 ("User wasn't authorized to add a mailbox to " ^ domain
,
1167 SOME
"You're not authorized to configure that domain.")
1168 else if not (Domain
.validEmailUser emailUser
) then
1169 ("Invalid e-mail username " ^ emailUser
,
1170 SOME
"Invalid e-mail username")
1171 else if not (CharVector
.all
Char.isGraph passwd
) then
1172 ("Invalid password",
1173 SOME
"Invalid password; may only contain printable, non-space characters")
1174 else if not (Domain
.yourPath mailbox
) then
1175 ("User wasn't authorized to add a mailbox at " ^ mailbox
,
1176 SOME
"You're not authorized to use that mailbox location.")
1178 case Vmail
.add
{requester
= user
,
1179 domain
= domain
, user
= emailUser
,
1180 passwd
= passwd
, mailbox
= mailbox
} of
1181 NONE
=> ("Added mailbox " ^ emailUser ^
"@" ^ domain ^
" at " ^ mailbox
,
1183 | SOME msg
=> ("Error adding mailbox " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1187 | MsgPasswdMailbox
{domain
, user
= emailUser
, passwd
} =>
1189 if not (Domain
.yourDomain domain
) then
1190 ("User wasn't authorized to change password of a mailbox for " ^ domain
,
1191 SOME
"You're not authorized to configure that domain.")
1192 else if not (Domain
.validEmailUser emailUser
) then
1193 ("Invalid e-mail username " ^ emailUser
,
1194 SOME
"Invalid e-mail username")
1195 else if not (CharVector
.all
Char.isGraph passwd
) then
1196 ("Invalid password",
1197 SOME
"Invalid password; may only contain printable, non-space characters")
1199 case Vmail
.passwd
{domain
= domain
, user
= emailUser
,
1201 NONE
=> ("Changed password of mailbox " ^ emailUser ^
"@" ^ domain
,
1203 | SOME msg
=> ("Error changing mailbox password for " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1207 | MsgRmMailbox
{domain
, user
= emailUser
} =>
1209 if not (Domain
.yourDomain domain
) then
1210 ("User wasn't authorized to change password of a mailbox for " ^ domain
,
1211 SOME
"You're not authorized to configure that domain.")
1212 else if not (Domain
.validEmailUser emailUser
) then
1213 ("Invalid e-mail username " ^ emailUser
,
1214 SOME
"Invalid e-mail username")
1216 case Vmail
.rm
{domain
= domain
, user
= emailUser
} of
1217 NONE
=> ("Deleted mailbox " ^ emailUser ^
"@" ^ domain
,
1219 | SOME msg
=> ("Error deleting mailbox " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1223 | MsgSaQuery addr
=>
1225 case checkAddr addr
of
1226 NONE
=> ("User tried to query SA filtering for " ^ addr
,
1227 SOME
"You aren't allowed to configure SA filtering for that recipient.")
1228 | SOME addr
' => (Msg
.send (bio
, MsgSaStatus (SetSA
.query addr
'));
1229 ("Queried SA filtering status for " ^ addr
,
1233 |
MsgSaSet (addr
, b
) =>
1235 case checkAddr addr
of
1236 NONE
=> ("User tried to set SA filtering for " ^ addr
,
1237 SOME
"You aren't allowed to configure SA filtering for that recipient.")
1238 | SOME addr
' => (SetSA
.set (addr
', b
);
1239 Msg
.send (bio
, MsgOk
);
1240 ("Set SA filtering status for " ^ addr ^
" to "
1241 ^
(if b
then "ON" else "OFF"),
1245 | MsgSmtpLogReq domain
=>
1247 if not (Domain
.yourDomain domain
) then
1248 ("Unauthorized user tried to request SMTP logs for " ^ domain
,
1249 SOME
"You aren't authorized to configure that domain.")
1251 (SmtpLog
.search (fn line
=> Msg
.send (bio
, MsgSmtpLogRes line
))
1253 ("Requested SMTP logs for " ^ domain
,
1258 doIt (fn () => (Msg
.send (bio
, answerQuery q
);
1264 doIt (fn () => ("Unexpected command",
1265 SOME
"Unexpected command"))
1270 handle OpenSSL
.OpenSSL s
=>
1271 (print ("OpenSSL error: " ^ s ^
"\n");
1273 handle OpenSSL
.OpenSSL _
=> ();
1275 | OS
.SysErr (s
, _
) =>
1276 (print ("System error: " ^ s ^
"\n");
1278 handle OpenSSL
.OpenSSL _
=> ();
1280 | IO
.Io
{name
, function
, cause
} =>
1281 (print ("IO error: " ^ function ^
" for " ^ name ^
"\n");
1282 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory cause
);
1284 handle OpenSSL
.OpenSSL _
=> ();
1287 (print
"Unknown exception in main loop!\n";
1288 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory e
);
1290 handle OpenSSL
.OpenSSL _
=> ();
1293 print ("Domtool dispatcher starting up at " ^
now () ^
"\n");
1294 print
"Listening for connections....\n";
1296 OpenSSL
.shutdown sock
1301 val host
= Slave
.hostname ()
1303 val context
= context (Config
.certDir ^
"/" ^ host ^
".pem",
1304 Config
.keyDir ^
"/" ^ host ^
"/key.pem",
1307 val sock
= OpenSSL
.listen (context
, Config
.slavePort
)
1309 val _
= print ("Slave server starting at " ^
now () ^
"\n")
1312 case OpenSSL
.accept sock
of
1316 val peer
= OpenSSL
.peerCN bio
1317 val () = print ("\nConnection from " ^ peer ^
" at " ^
now () ^
"\n")
1319 if peer
= Config
.dispatcherName
then let
1321 case Msg
.recv bio
of
1322 NONE
=> print
"Dispatcher closed connection unexpectedly\n"
1325 MsgFile file
=> loop
' (file
:: files
)
1326 | MsgDoFiles
=> (Slave
.handleChanges files
;
1327 Msg
.send (bio
, MsgOk
))
1328 | MsgRegenerate
=> (Domain
.resetLocal ();
1329 Msg
.send (bio
, MsgOk
))
1330 | _
=> (print
"Dispatcher sent unexpected command\n";
1331 Msg
.send (bio
, MsgError
"Unexpected command"))
1334 ignore (OpenSSL
.readChar bio
);
1338 else if peer
= "domtool" then
1339 case Msg
.recv bio
of
1340 SOME MsgShutdown
=> (OpenSSL
.close bio
;
1341 print ("Shutting down at " ^
now () ^
"\n\n"))
1342 | _
=> (OpenSSL
.close bio
;
1345 case Msg
.recv bio
of
1346 SOME (MsgQuery q
) => (print (describeQuery q ^
"\n");
1347 Msg
.send (bio
, answerQuery q
);
1348 ignore (OpenSSL
.readChar bio
);
1351 | _
=> (OpenSSL
.close bio
;
1353 end handle OpenSSL
.OpenSSL s
=>
1354 (print ("OpenSSL error: "^ s ^
"\n");
1356 handle OpenSSL
.OpenSSL _
=> ();
1358 | e
as OS
.SysErr (s
, _
) =>
1359 (app (fn s
=> print (s ^
"\n")) (SMLofNJ
.exnHistory e
);
1360 print ("System error: "^ s ^
"\n");
1362 handle OpenSSL
.OpenSSL _
=> ();
1366 OpenSSL
.shutdown sock
1371 val dir
= Posix
.FileSys
.opendir Config
.libRoot
1374 case Posix
.FileSys
.readdir dir
of
1375 NONE
=> (Posix
.FileSys
.closedir dir
;
1378 if String.isSuffix
".dtl" fname
then
1379 loop (OS
.Path
.joinDirFile
{dir
= Config
.libRoot
,
1388 fun autodocBasis outdir
=
1389 Autodoc
.autodoc
{outdir
= outdir
, infiles
= listBasis ()}