1 (* HCoop
Domtool (http
://hcoop
.sourceforge
.net
/)
2 * Copyright (c
) 2006-2009, Adam Chlipala
3 * Copyright (c
) 2012,2013,2014 Clinton Ebadi
<clinton@unknownlamer
.org
>
5 * This program is free software
; you can redistribute it
and/or
6 * modify it under the terms
of the GNU General Public License
7 * as published by the Free Software Foundation
; either version
2
8 * of the License
, or (at your option
) any later version
.
10 * This program is distributed
in the hope that it will be useful
,
11 * but WITHOUT ANY WARRANTY
; without even the implied warranty
of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE
. See the
13 * GNU General Public License for more details
.
15 * You should have received a copy
of the GNU General Public License
16 * along
with this program
; if not
, write to the Free Software
17 * Foundation
, Inc
., 51 Franklin Street
, Fifth Floor
, Boston
, MA
02110-1301, USA
.
22 structure Main
:> MAIN
= struct
24 open Ast MsgTypes Print
26 structure SM
= StringMap
28 fun init () = Acl
.read Config
.aclFile
30 fun isLib fname
= OS
.Path
.file fname
= "lib.dtl"
32 fun wrapFile (fname
, file
) =
33 case (isLib fname
, file
) of
34 (true, (comment
, ds
, SOME e
)) =>
38 (comment
, ds
, SOME (ELocal (e
, (ESkip
, loc
)), loc
))
44 val prog
= Parse
.parse fname
45 val prog
= wrapFile (fname
, prog
)
47 if !ErrorMsg
.anyErrors
then
53 Option
.app (Unused
.check G
) (#
3 prog
);
54 Tycheck
.checkFile G prog
)
59 val _
= ErrorMsg
.reset ()
60 val dir
= Posix
.FileSys
.opendir Config
.libRoot
63 case Posix
.FileSys
.readdir dir
of
64 NONE
=> (Posix
.FileSys
.closedir dir
;
67 if String.isSuffix
".dtl" fname
then
68 loop (OS
.Path
.joinDirFile
{dir
= Config
.libRoot
,
75 val (_
, files
) = Order
.order NONE files
77 if !ErrorMsg
.anyErrors
then
80 (Tycheck
.allowExterns ();
81 foldl (fn (fname
, G
) => check
' G fname
) Env
.empty files
82 before Tycheck
.disallowExterns ())
85 (* val b
= basis () *)
89 val _
= ErrorMsg
.reset ()
90 val _
= Env
.preTycheck ()
92 if !ErrorMsg
.anyErrors
then
96 val _
= Tycheck
.disallowExterns ()
97 val _
= ErrorMsg
.reset ()
98 val prog
= Parse
.parse fname
99 val prog
= wrapFile (fname
, prog
)
101 if !ErrorMsg
.anyErrors
then
105 val G
' = Tycheck
.checkFile G prog
107 if !ErrorMsg
.anyErrors
then
113 Option
.app (Unused
.check G
) (#
3 prog
);
120 String.sub (s
, 0) <> #
"."
121 andalso s
<> "_darcs"
122 andalso CharVector
.all (fn ch
=> Char.isAlphaNum ch
orelse ch
= #
"." orelse ch
= #
"_" orelse ch
= #
"-") s
127 case Posix
.ProcEnv
.getenv
"DOMTOOL_USER" of
130 val uid
= Posix
.ProcEnv
.getuid ()
132 Posix
.SysDB
.Passwd
.name (Posix
.SysDB
.getpwuid uid
)
136 Acl
.read Config
.aclFile
;
141 fun checkDir
' dname
=
145 val dir
= Posix
.FileSys
.opendir dname
148 case Posix
.FileSys
.readdir dir
of
149 NONE
=> (Posix
.FileSys
.closedir dir
;
153 loop (OS
.Path
.joinDirFile
{dir
= dname
,
160 val (_
, files
) = Order
.order (SOME b
) files
162 if !ErrorMsg
.anyErrors
then
165 (foldl (fn (fname
, G
) => check
' G fname
) b files
;
166 if !ErrorMsg
.anyErrors
then
178 val (G
, body
) = check G fname
180 if !ErrorMsg
.anyErrors
then
186 val body
' = Reduce
.reduceExp G body
188 (*printd (PD
.hovBox (PD
.PPS
.Rel
0,
189 [PD
.string "Result:",
197 (*(Defaults
.eInit ())*)
199 val toplevel
= Env
.initialDynEnvVals Reduce
.reduceExp
201 fun eval G evs fname
=
202 case reduce G fname
of
204 if !ErrorMsg
.anyErrors
then
208 val evs
' = Eval
.exec
' (toplevel G
, evs
) body
'
212 |
(G
, NONE
) => (G
, evs
)
215 Domain
.nodeIp Config
.dispatcherName ^
":" ^
Int.toString Config
.dispatcherPort
218 "localhost:" ^
Int.toString Config
.slavePort
221 (OpenSSL
.context
false x
)
222 handle e
as OpenSSL
.OpenSSL s
=>
223 (print
"Couldn't find your certificate.\nYou probably haven't been given any Domtool privileges.\n";
224 print ("I looked in: " ^ #
1 x ^
"\n");
225 print ("Additional information: " ^ s ^
"\n");
228 fun requestContext f
=
230 val user
= setupUser ()
234 val context
= context (Config
.certDir ^
"/" ^ user ^
".pem",
235 Config
.keyDir ^
"/" ^ user ^
"/key.pem",
241 fun requestBio
' printErr f
=
243 val (user
, context
) = requestContext f
245 (user
, OpenSSL
.connect
printErr (context
, dispatcher
))
248 val requestBio
= requestBio
' true
250 fun requestSlaveBio
' printErr
=
252 val (user
, context
) = requestContext (fn () => ())
254 (user
, OpenSSL
.connect
printErr (context
, self
))
257 fun requestSlaveBio () = requestSlaveBio
' true
259 fun request (fname
, libOpt
) =
261 val (user
, bio
) = requestBio (fn () =>
264 val env
= case libOpt
of
266 | SOME lib
=> #
1 (check env lib
)
268 ignore (check env fname
)
273 val inf
= TextIO.openIn fname
276 case TextIO.inputLine inf
of
277 NONE
=> String.concat (rev lines
)
278 | SOME line
=> loop (line
:: lines
)
281 before TextIO.closeIn inf
284 val code
= readFile fname
285 val msg
= case libOpt
of
286 NONE
=> MsgConfig code
287 | SOME fname
' => MsgMultiConfig
[readFile fname
', code
]
291 NONE
=> print
"Server closed connection unexpectedly.\n"
294 MsgOk
=> print
"Configuration succeeded.\n"
295 | MsgError s
=> print ("Configuration failed: " ^ s ^
"\n")
296 | _
=> print
"Unexpected server reply.\n";
299 handle ErrorMsg
.Error
=> ()
301 fun requestDir dname
=
303 val _
= if Posix
.FileSys
.access (dname
, []) then
306 (print ("Can't access " ^ dname ^
".\n");
307 print
"Did you mean to run domtool on a specific file, instead of asking for all\n";
308 print
"files in your ~/.domtool directory?\n";
309 OS
.Process
.exit OS
.Process
.failure
)
311 val _
= ErrorMsg
.reset ()
313 val (user
, bio
) = requestBio (fn () => checkDir
' dname
)
317 val dir
= Posix
.FileSys
.opendir dname
320 case Posix
.FileSys
.readdir dir
of
321 NONE
=> (Posix
.FileSys
.closedir dir
;
325 loop (OS
.Path
.joinDirFile
{dir
= dname
,
332 val (_
, files
) = Order
.order (SOME b
) files
334 val _
= if !ErrorMsg
.anyErrors
then
339 val codes
= map (fn fname
=>
341 val inf
= TextIO.openIn fname
344 case TextIO.inputLine inf
of
345 NONE
=> String.concat (rev lines
)
346 | SOME line
=> loop (line
:: lines
)
349 before TextIO.closeIn inf
352 if !ErrorMsg
.anyErrors
then
355 (Msg
.send (bio
, MsgMultiConfig codes
);
357 NONE
=> print
"Server closed connection unexpectedly.\n"
360 MsgOk
=> print
"Configuration succeeded.\n"
361 | MsgError s
=> print ("Configuration failed: " ^ s ^
"\n")
362 | _
=> print
"Unexpected server reply.\n";
365 handle ErrorMsg
.Error
=> ()
369 val (_
, bio
) = requestBio
' false (fn () => ())
374 handle _
=> OS
.Process
.failure
376 fun requestShutdown () =
378 val (_
, bio
) = requestBio (fn () => ())
380 Msg
.send (bio
, MsgShutdown
);
385 MsgOk
=> print
"Shutdown begun.\n"
386 | MsgError s
=> print ("Shutdown failed: " ^ s ^
"\n")
387 | _
=> print
"Unexpected server reply.\n";
391 fun requestSlavePing () =
393 val (_
, bio
) = requestSlaveBio
' false
398 handle _
=> OS
.Process
.failure
400 fun requestSlaveShutdown () =
402 val (_
, bio
) = requestSlaveBio ()
404 Msg
.send (bio
, MsgShutdown
);
409 MsgOk
=> print
"Shutdown begun.\n"
410 | MsgError s
=> print ("Shutdown failed: " ^ s ^
"\n")
411 | _
=> print
"Unexpected server reply.\n";
415 fun requestGrant acl
=
417 val (user
, bio
) = requestBio (fn () => ())
419 Msg
.send (bio
, MsgGrant acl
);
421 NONE
=> print
"Server closed connection unexpectedly.\n"
424 MsgOk
=> print
"Grant succeeded.\n"
425 | MsgError s
=> print ("Grant failed: " ^ s ^
"\n")
426 | _
=> print
"Unexpected server reply.\n";
430 fun requestRevoke acl
=
432 val (user
, bio
) = requestBio (fn () => ())
434 Msg
.send (bio
, MsgRevoke acl
);
436 NONE
=> print
"Server closed connection unexpectedly.\n"
439 MsgOk
=> print
"Revoke succeeded.\n"
440 | MsgError s
=> print ("Revoke failed: " ^ s ^
"\n")
441 | _
=> print
"Unexpected server reply.\n";
445 fun requestListPerms user
=
447 val (_
, bio
) = requestBio (fn () => ())
449 Msg
.send (bio
, MsgListPerms user
);
450 (case Msg
.recv bio
of
451 NONE
=> (print
"Server closed connection unexpectedly.\n";
455 MsgPerms perms
=> SOME perms
456 | MsgError s
=> (print ("Listing failed: " ^ s ^
"\n");
458 | _
=> (print
"Unexpected server reply.\n";
460 before OpenSSL
.close bio
463 fun requestWhoHas perm
=
465 val (_
, bio
) = requestBio (fn () => ())
467 Msg
.send (bio
, MsgWhoHas perm
);
468 (case Msg
.recv bio
of
469 NONE
=> (print
"Server closed connection unexpectedly.\n";
473 MsgWhoHasResponse users
=> SOME users
474 | MsgError s
=> (print ("whohas failed: " ^ s ^
"\n");
476 | _
=> (print
"Unexpected server reply.\n";
478 before OpenSSL
.close bio
481 fun requestRegen () =
483 val (_
, bio
) = requestBio (fn () => ())
485 Msg
.send (bio
, MsgRegenerate
);
487 NONE
=> print
"Server closed connection unexpectedly.\n"
490 MsgOk
=> print
"Regeneration succeeded.\n"
491 | MsgError s
=> print ("Regeneration failed: " ^ s ^
"\n")
492 | _
=> print
"Unexpected server reply.\n";
496 fun requestRegenTc () =
498 val (_
, bio
) = requestBio (fn () => ())
500 Msg
.send (bio
, MsgRegenerateTc
);
502 NONE
=> print
"Server closed connection unexpectedly.\n"
505 MsgOk
=> print
"All configuration validated.\n"
506 | MsgError s
=> print ("Configuration validation failed: " ^ s ^
"\n")
507 | _
=> print
"Unexpected server reply.\n";
511 fun requestRmdom dom
=
513 val (_
, bio
) = requestBio (fn () => ())
515 Msg
.send (bio
, MsgRmdom dom
);
517 NONE
=> print
"Server closed connection unexpectedly.\n"
520 MsgOk
=> print
"Removal succeeded.\n"
521 | MsgError s
=> print ("Removal failed: " ^ s ^
"\n")
522 | _
=> print
"Unexpected server reply.\n";
526 fun requestRmuser user
=
528 val (_
, bio
) = requestBio (fn () => ())
530 Msg
.send (bio
, MsgRmuser user
);
532 NONE
=> print
"Server closed connection unexpectedly.\n"
535 MsgOk
=> print
"Removal succeeded.\n"
536 | MsgError s
=> print ("Removal failed: " ^ s ^
"\n")
537 | _
=> print
"Unexpected server reply.\n";
541 fun requestDbUser dbtype
=
543 val (_
, context
) = requestContext (fn () => ())
544 val bio
= OpenSSL
.connect
true (context
,
545 Domain
.nodeIp Config
.Dbms
.dbmsNode ^
":" ^
Int.toString Config
.slavePort
)
547 Msg
.send (bio
, MsgCreateDbUser dbtype
);
549 NONE
=> print
"Server closed connection unexpectedly.\n"
552 MsgOk
=> print
"Your user has been created.\n"
553 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
554 | _
=> print
"Unexpected server reply.\n";
558 fun requestDbPasswd rc
=
560 val (_
, context
) = requestContext (fn () => ())
561 val bio
= OpenSSL
.connect
true (context
,
562 Config
.Dbms
.dbmsNode ^
":" ^
Int.toString Config
.slavePort
)
564 Msg
.send (bio
, MsgDbPasswd rc
);
566 NONE
=> print
"Server closed connection unexpectedly.\n"
569 MsgOk
=> print
"Your password has been changed.\n"
570 | MsgError s
=> print ("Password set failed: " ^ s ^
"\n")
571 | _
=> print
"Unexpected server reply.\n";
575 fun requestDbTable p
=
577 val (user
, context
) = requestContext (fn () => ())
578 val bio
= OpenSSL
.connect
true (context
,
579 Config
.Dbms
.dbmsNode ^
":" ^
Int.toString Config
.slavePort
)
581 Msg
.send (bio
, MsgCreateDb p
);
583 NONE
=> print
"Server closed connection unexpectedly.\n"
586 MsgOk
=> print ("Your database " ^ user ^
"_" ^ #dbname p ^
" has been created.\n")
587 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
588 | _
=> print
"Unexpected server reply.\n";
592 fun requestDbDrop p
=
594 val (user
, context
) = requestContext (fn () => ())
595 val bio
= OpenSSL
.connect
true (context
,
596 Config
.Dbms
.dbmsNode ^
":" ^
Int.toString Config
.slavePort
)
598 Msg
.send (bio
, MsgDropDb p
);
600 NONE
=> print
"Server closed connection unexpectedly.\n"
603 MsgOk
=> print ("Your database " ^ user ^
"_" ^ #dbname p ^
" has been dropped.\n")
604 | MsgError s
=> print ("Drop failed: " ^ s ^
"\n")
605 | _
=> print
"Unexpected server reply.\n";
609 fun requestDbGrant p
=
611 val (user
, context
) = requestContext (fn () => ())
612 val bio
= OpenSSL
.connect
true (context
,
613 Config
.Dbms
.dbmsNode ^
":" ^
Int.toString Config
.slavePort
)
615 Msg
.send (bio
, MsgGrantDb p
);
617 NONE
=> print
"Server closed connection unexpectedly.\n"
620 MsgOk
=> print ("You've been granted all allowed privileges to database " ^ user ^
"_" ^ #dbname p ^
".\n")
621 | MsgError s
=> print ("Grant failed: " ^ s ^
"\n")
622 | _
=> print
"Unexpected server reply.\n";
626 fun requestListMailboxes domain
=
628 val (_
, bio
) = requestBio (fn () => ())
630 Msg
.send (bio
, MsgListMailboxes domain
);
631 (case Msg
.recv bio
of
632 NONE
=> Vmail
.Error
"Server closed connection unexpectedly."
635 MsgMailboxes users
=> (Msg
.send (bio
, MsgOk
);
637 | MsgError s
=> Vmail
.Error ("Listing failed: " ^ s
)
638 | _
=> Vmail
.Error
"Unexpected server reply.")
639 before OpenSSL
.close bio
642 fun requestNewMailbox p
=
644 val (_
, bio
) = requestBio (fn () => ())
646 Msg
.send (bio
, MsgNewMailbox p
);
648 NONE
=> print
"Server closed connection unexpectedly.\n"
651 MsgOk
=> print ("A mapping for " ^ #user p ^
"@" ^ #domain p ^
" has been created.\n")
652 | MsgError s
=> print ("Creation failed: " ^ s ^
"\n")
653 | _
=> print
"Unexpected server reply.\n";
657 fun requestPasswdMailbox p
=
659 val (_
, bio
) = requestBio (fn () => ())
661 Msg
.send (bio
, MsgPasswdMailbox p
);
663 NONE
=> print
"Server closed connection unexpectedly.\n"
666 MsgOk
=> print ("The password for " ^ #user p ^
"@" ^ #domain p ^
" has been changed.\n")
667 | MsgError s
=> print ("Set failed: " ^ s ^
"\n")
668 | _
=> print
"Unexpected server reply.\n";
672 fun requestPortalPasswdMailbox p
=
674 val (_
, bio
) = requestBio (fn () => ())
676 (Msg
.send (bio
, MsgPortalPasswdMailbox p
);
678 NONE
=> (print
"Server closed connection unexpectedly.\n"; OS
.Process
.failure
)
681 MsgOk
=> (print ("The password for " ^ #user p ^
"@" ^ #domain p ^
" has been changed.\n");
683 | MsgError s
=> (print ("Set failed: " ^ s ^
"\n"); OS
.Process
.failure
)
684 | _
=> (print
"Unexpected server reply.\n"; OS
.Process
.failure
))
685 before OpenSSL
.close bio
688 fun requestRmMailbox p
=
690 val (_
, bio
) = requestBio (fn () => ())
692 Msg
.send (bio
, MsgRmMailbox p
);
694 NONE
=> print
"Server closed connection unexpectedly.\n"
697 MsgOk
=> print ("The mapping for mailbox " ^ #user p ^
"@" ^ #domain p ^
" has been deleted.\n")
698 | MsgError s
=> print ("Remove failed: " ^ s ^
"\n")
699 | _
=> print
"Unexpected server reply.\n";
703 fun requestSaQuery addr
=
705 val (_
, bio
) = requestBio (fn () => ())
707 Msg
.send (bio
, MsgSaQuery addr
);
708 (case Msg
.recv bio
of
709 NONE
=> print
"Server closed connection unexpectedly.\n"
712 MsgSaStatus b
=> (print ("SpamAssassin filtering for " ^ addr ^
" is "
713 ^
(if b
then "ON" else "OFF") ^
".\n");
714 Msg
.send (bio
, MsgOk
))
715 | MsgError s
=> print ("Query failed: " ^ s ^
"\n")
716 | _
=> print
"Unexpected server reply.\n")
717 before OpenSSL
.close bio
722 val (_
, bio
) = requestBio (fn () => ())
724 Msg
.send (bio
, MsgSaSet p
);
726 NONE
=> print
"Server closed connection unexpectedly.\n"
729 MsgOk
=> print ("SpamAssassin filtering for " ^ #
1 p ^
" is now "
730 ^
(if #
2 p
then "ON" else "OFF") ^
".\n")
731 | MsgError s
=> print ("Set failed: " ^ s ^
"\n")
732 | _
=> print
"Unexpected server reply.\n";
736 fun requestSmtpLog domain
=
738 val (_
, bio
) = requestBio (fn () => ())
740 val _
= Msg
.send (bio
, MsgSmtpLogReq domain
)
744 NONE
=> print
"Server closed connection unexpectedly.\n"
748 | MsgSmtpLogRes line
=> (print line
;
750 | MsgError s
=> print ("Log search failed: " ^ s ^
"\n")
751 | _
=> print
"Unexpected server reply.\n"
757 fun requestApt
{node
, pkg
} =
759 val (user
, context
) = requestContext (fn () => ())
760 val bio
= OpenSSL
.connect
true (context
, if node
= Config
.dispatcherName
then
763 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
765 val _
= Msg
.send (bio
, MsgQuery (QApt pkg
))
769 NONE
=> (print
"Server closed connection unexpectedly.\n";
773 MsgYes
=> (print
"Package is installed.\n";
775 | MsgNo
=> (print
"Package is not installed.\n";
777 | MsgError s
=> (print ("APT query failed: " ^ s ^
"\n");
779 | _
=> (print
"Unexpected server reply.\n";
783 before OpenSSL
.close bio
786 fun requestAptExists
{node
, pkg
} =
788 val (user
, context
) = requestContext (fn () => ())
789 val bio
= OpenSSL
.connect
true (context
, if node
= Config
.dispatcherName
then
792 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
794 val _
= Msg
.send (bio
, MsgQuery (QAptExists pkg
))
798 NONE
=> (print
"Server closed connection unexpectedly.\n";
802 MsgAptQuery
{section
,description
} => (print
"Package exists.\n";
803 print ("Section: " ^ section ^
"\n");
804 print ("Description: " ^ description ^
"\n");
806 | MsgNo
=> (print
"Package does not exist.\n";
808 (* It might be the Wrong
Thing (tm
) to use MsgNo like this
*))
809 | MsgError s
=> (print ("APT existence query failed: " ^ s ^
"\n");
811 | _
=> (print
"Unexpected server reply.\n";
815 before OpenSSL
.close bio
818 fun requestCron
{node
, uname
} =
820 val (user
, context
) = requestContext (fn () => ())
821 val bio
= OpenSSL
.connect
true (context
, if node
= Config
.dispatcherName
then
824 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
826 val _
= Msg
.send (bio
, MsgQuery (QCron uname
))
830 NONE
=> (print
"Server closed connection unexpectedly.\n";
834 MsgYes
=> (print
"User has cron permissions.\n";
836 | MsgNo
=> (print
"User does not have cron permissions.\n";
838 | MsgError s
=> (print ("Cron query failed: " ^ s ^
"\n");
840 | _
=> (print
"Unexpected server reply.\n";
844 before OpenSSL
.close bio
847 fun requestFtp
{node
, uname
} =
849 val (user
, context
) = requestContext (fn () => ())
850 val bio
= OpenSSL
.connect
true (context
, if node
= Config
.dispatcherName
then
853 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
855 val _
= Msg
.send (bio
, MsgQuery (QFtp uname
))
859 NONE
=> (print
"Server closed connection unexpectedly.\n";
863 MsgYes
=> (print
"User has FTP permissions.\n";
865 | MsgNo
=> (print
"User does not have FTP permissions.\n";
867 | MsgError s
=> (print ("FTP query failed: " ^ s ^
"\n");
869 | _
=> (print
"Unexpected server reply.\n";
873 before OpenSSL
.close bio
876 fun requestTrustedPath
{node
, uname
} =
878 val (user
, context
) = requestContext (fn () => ())
879 val bio
= OpenSSL
.connect
true (context
, if node
= Config
.dispatcherName
then
882 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
884 val _
= Msg
.send (bio
, MsgQuery (QTrustedPath uname
))
888 NONE
=> (print
"Server closed connection unexpectedly.\n";
892 MsgYes
=> (print
"User has trusted path restriction.\n";
894 | MsgNo
=> (print
"User does not have trusted path restriction.\n";
896 | MsgError s
=> (print ("Trusted path query failed: " ^ s ^
"\n");
898 | _
=> (print
"Unexpected server reply.\n";
902 before OpenSSL
.close bio
905 fun requestSocketPerm
{node
, uname
} =
907 val (user
, context
) = requestContext (fn () => ())
908 val bio
= OpenSSL
.connect
true (context
, if node
= Config
.dispatcherName
then
911 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
913 val _
= Msg
.send (bio
, MsgQuery (QSocket uname
))
917 NONE
=> (print
"Server closed connection unexpectedly.\n";
921 MsgSocket p
=> (case p
of
923 | Client
=> print
"Client\n"
924 | Server
=> print
"Server\n"
925 | Nada
=> print
"Nada\n";
927 | MsgError s
=> (print ("Socket permission query failed: " ^ s ^
"\n");
929 | _
=> (print
"Unexpected server reply.\n";
933 before OpenSSL
.close bio
936 fun requestFirewall
{node
, uname
} =
938 val (user
, context
) = requestContext (fn () => ())
939 val bio
= OpenSSL
.connect
true (context
, if node
= Config
.dispatcherName
then
942 Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
944 val _
= Msg
.send (bio
, MsgQuery (QFirewall
{node
= node
, user
= uname
}))
948 NONE
=> (print
"Server closed connection unexpectedly.\n";
952 MsgFirewall ls
=> (app (fn s
=> (print s
; print
"\n")) ls
;
954 | MsgError s
=> (print ("Firewall query failed: " ^ s ^
"\n");
956 | _
=> (print
"Unexpected server reply.\n";
960 before OpenSSL
.close bio
963 fun requestDescribe dom
=
965 val (_
, bio
) = requestBio (fn () => ())
967 Msg
.send (bio
, MsgDescribe dom
);
969 NONE
=> print
"Server closed connection unexpectedly.\n"
972 MsgDescription s
=> print s
973 | MsgError s
=> print ("Description failed: " ^ s ^
"\n")
974 | _
=> print
"Unexpected server reply.\n";
978 fun requestReUsers () =
980 val (_
, bio
) = requestBio (fn () => ())
982 Msg
.send (bio
, MsgReUsers
);
984 NONE
=> print
"Server closed connection unexpectedly.\n"
987 MsgOk
=> print
"Callbacks run.\n"
988 | MsgError s
=> print ("Failed: " ^ s ^
"\n")
989 | _
=> print
"Unexpected server reply.\n";
993 fun requestFirewallRegen node
=
995 val (user
, context
) = requestContext (fn () => ())
996 val bio
= OpenSSL
.connect
true (context
, Domain
.nodeIp node ^
":" ^
Int.toString Config
.slavePort
)
997 (* Only supporting on slave nodes
*)
999 val _
= Msg
.send (bio
, MsgFirewallRegen
)
1001 fun handleResult () =
1002 case Msg
.recv bio
of
1003 NONE
=> (print
"Server closed connection unexpectedly.\n";
1007 MsgOk
=> (print
"Firewall regenerated.\n";
1009 | MsgError s
=> (print ("Firewall regeneration failed: " ^ s ^
"\n");
1011 | _
=> (print
"Unexpected server reply.\n";
1015 before OpenSSL
.close bio
1018 structure SS
= StringSet
1020 fun domainList dname
=
1022 val dir
= Posix
.FileSys
.opendir dname
1024 fun visitNode dset
=
1025 case Posix
.FileSys
.readdir dir
of
1029 val path
= OS
.Path
.joinDirFile
{dir
= dname
,
1032 fun visitDomains (path
, bfor
, dset
) =
1034 val dir
= Posix
.FileSys
.opendir path
1037 case Posix
.FileSys
.readdir dir
of
1041 val path
= OS
.Path
.joinDirFile
{dir
= path
,
1044 if Posix
.FileSys
.ST
.isDir (Posix
.FileSys
.stat path
) then
1046 val bfor
= dname
:: bfor
1048 loop (visitDomains (path
, bfor
,
1050 String.concatWith
"." bfor
)))
1057 before Posix
.FileSys
.closedir dir
1060 visitNode (visitDomains (path
, [], dset
))
1064 before Posix
.FileSys
.closedir dir
1067 fun regenerateEither tc checker context
=
1069 val () = print
"Starting regeneration....\n"
1075 domainList Config
.resultRoot
1083 val _
= ErrorMsg
.reset ()
1086 val () = Tycheck
.disallowExterns ()
1088 val () = ifReal (fn () =>
1089 (ignore (OS
.Process
.system ("rm -rf " ^ Config
.oldResultRoot ^
"/*"));
1090 ignore (OS
.Process
.system ("cp -r " ^ Config
.resultRoot
1091 ^
"/* " ^ Config
.oldResultRoot ^
"/"));
1092 Domain
.resetGlobal ()))
1096 fun contactNode (node
, ip
, ipv6
) =
1097 if node
= Config
.dispatcherName
then
1098 Domain
.resetLocal ()
1100 val bio
= OpenSSL
.connect
true (context
,
1103 ^
Int.toString Config
.slavePort
)
1105 Msg
.send (bio
, MsgRegenerate
);
1106 case Msg
.recv bio
of
1107 NONE
=> print
"Slave closed connection unexpectedly\n"
1110 MsgOk
=> print ("Slave " ^ node ^
" pre-regeneration finished\n")
1111 | MsgError s
=> print ("Slave " ^ node
1112 ^
" returned error: " ^
1114 | _
=> print ("Slave " ^ node
1115 ^
" returned unexpected command\n");
1118 handle OpenSSL
.OpenSSL s
=> print ("OpenSSL error: " ^ s ^
"\n")
1122 val _
= Domain
.setUser user
1123 val _
= ErrorMsg
.reset ()
1125 val dname
= Config
.domtoolDir user
1127 if Posix
.FileSys
.access (dname
, []) then
1129 val dir
= Posix
.FileSys
.opendir dname
1132 case Posix
.FileSys
.readdir dir
of
1133 NONE
=> (Posix
.FileSys
.closedir dir
;
1136 if notTmp fname
then
1137 loop (OS
.Path
.joinDirFile
{dir
= dname
,
1144 val (_
, files
) = Order
.order (SOME b
) files
1146 fun checker
' (file
, (G
, evs
)) =
1149 if !ErrorMsg
.anyErrors
then
1151 print ("User " ^ user ^
"'s configuration has errors!\n");
1155 let val basis
' = basis () in
1156 ignore (foldl checker
' (basis
', SM
.empty
) files
)
1159 else if (String.isSuffix
"_admin" user
) orelse (String.isSuffix
".daemon" user
) then
1162 (print ("Couldn't access " ^ user ^
"'s ~/.domtool directory.\n");
1165 handle IO
.Io
{name
, function
, ...} =>
1166 (print ("IO error processing user " ^ user ^
": " ^ function ^
": " ^ name ^
"\n");
1168 | exn
as OS
.SysErr (s
, _
) => (print ("System error processing user " ^ user ^
": " ^ s ^
"\n");
1170 | ErrorMsg
.Error
=> (ErrorMsg
.reset ();
1171 print ("User " ^ user ^
" had a compilation error.\n");
1173 | _
=> (print
"Unknown exception during regeneration!\n";
1176 ifReal (fn () => (app contactNode Config
.nodeIps
;
1178 app
doUser (Acl
.users ());
1181 val domainsAfter
= domainList Config
.resultRoot
1182 val domainsGone
= SS
.difference (domainsBefore
, domainsAfter
)
1184 if SS
.isEmpty domainsGone
then
1187 (print
"Domains to kill:";
1188 SS
.app (fn s
=> (print
" "; print s
)) domainsGone
;
1191 Domain
.rmdom
' Config
.oldResultRoot (SS
.listItems domainsGone
));
1198 val regenerate
= regenerateEither
false eval
1199 val regenerateTc
= regenerateEither
true
1200 (fn G
=> fn evs
=> fn file
=>
1201 (#
1 (check G file
), evs
))
1203 fun usersChanged () =
1204 (Domain
.onUsersChange ();
1205 ignore (OS
.Process
.system Config
.publish_reusers
))
1209 val doms
= Acl
.class
{user
= user
, class
= "domain"}
1210 val doms
= List.filter (fn dom
=>
1211 case Acl
.whoHas
{class
= "domain", value
= dom
} of
1213 | _
=> false) (StringSet
.listItems doms
)
1220 fun now () = Date
.toString (Date
.fromTimeUniv (Time
.now ()))
1224 QApt pkg
=> if Apt
.installed pkg
then MsgYes
else MsgNo
1225 | QAptExists pkg
=> (case Apt
.info pkg
of
1226 SOME
{section
, description
} => MsgAptQuery
{section
= section
, description
= description
}
1228 | QCron user
=> if Cron
.allowed user
then MsgYes
else MsgNo
1229 | QFtp user
=> if Ftp
.allowed user
then MsgYes
else MsgNo
1230 | QTrustedPath user
=> if TrustedPath
.query user
then MsgYes
else MsgNo
1231 | QSocket user
=> MsgSocket (SocketPerm
.query user
)
1232 | QFirewall
{node
, user
} => MsgFirewall (Firewall
.query (node
, user
))
1234 fun describeQuery q
=
1236 QApt pkg
=> "Requested installation status of package " ^ pkg
1237 | QAptExists pkg
=> "Requested if package " ^ pkg ^
" exists"
1238 | QCron user
=> "Asked about cron permissions for user " ^ user
1239 | QFtp user
=> "Asked about FTP permissions for user " ^ user
1240 | QTrustedPath user
=> "Asked about trusted path settings for user " ^ user
1241 | QSocket user
=> "Asked about socket permissions for user " ^ user
1242 | QFirewall
{node
, user
} => "Asked about firewall rules on " ^ node ^
" for user " ^ user
1244 fun doIt
' loop bio f cleanup
=
1246 (msgLocal
, SOME msgRemote
) =>
1249 Msg
.send (bio
, MsgError msgRemote
))
1250 |
(msgLocal
, NONE
) =>
1253 Msg
.send (bio
, MsgOk
)))
1254 handle e
as (OpenSSL
.OpenSSL s
) =>
1255 (print ("OpenSSL error: " ^ s ^
"\n");
1256 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory e
);
1257 Msg
.send (bio
, MsgError ("OpenSSL error: " ^ s
))
1258 handle OpenSSL
.OpenSSL _
=> ())
1259 | OS
.SysErr (s
, _
) =>
1260 (print
"System error: ";
1263 Msg
.send (bio
, MsgError ("System error: " ^ s
))
1264 handle OpenSSL
.OpenSSL _
=> ())
1269 Msg
.send (bio
, MsgError ("Failure: " ^ s
))
1270 handle OpenSSL
.OpenSSL _
=> ())
1272 (print
"Compilation error\n";
1273 Msg
.send (bio
, MsgError
"Error during configuration evaluation")
1274 handle OpenSSL
.OpenSSL _
=> ());
1276 ignore (OpenSSL
.readChar bio
);
1278 handle OpenSSL
.OpenSSL _
=> ();
1283 val host
= Slave
.hostname ()
1285 val () = Acl
.read Config
.aclFile
1287 val context
= context (Config
.certDir ^
"/" ^ host ^
".pem",
1288 Config
.keyDir ^
"/" ^ host ^
"/key.pem",
1290 val _
= Domain
.set_context context
1292 val sock
= OpenSSL
.listen (context
, Config
.dispatcherPort
)
1295 (case OpenSSL
.accept sock
of
1299 val user
= OpenSSL
.peerCN bio
1300 val () = print ("\nConnection from " ^ user ^
" at " ^
now () ^
"\n")
1301 val () = Domain
.setUser user
1302 val doIt
= doIt
' loop bio
1304 fun doConfig codes
=
1306 val _
= print
"Configuration:\n"
1307 val _
= app (fn s
=> (print s
; print
"\n")) codes
1310 val outname
= OS
.FileSys
.tmpName ()
1312 fun doOne (code
, (G
, evs
)) =
1314 val outf
= TextIO.openOut outname
1316 TextIO.output (outf
, code
);
1317 TextIO.closeOut outf
;
1321 doIt (fn () => (Env
.pre ();
1322 let val basis
' = basis () in
1323 ignore (foldl
doOne (basis
', SM
.empty
) codes
)
1326 Msg
.send (bio
, MsgOk
);
1327 ("Configuration complete.", NONE
)))
1328 (fn () => OS
.FileSys
.remove outname
)
1332 case String.fields (fn ch
=> ch
= #
"@") s
of
1334 if user
= user
' then
1338 |
[user
', domain
] =>
1339 if Domain
.validEmailUser user
' andalso Domain
.yourDomain domain
then
1340 SOME (SetSA
.Email s
)
1346 case Msg
.recv bio
of
1347 NONE
=> (OpenSSL
.close bio
1348 handle OpenSSL
.OpenSSL _
=> ();
1352 MsgConfig code
=> doConfig
[code
]
1353 | MsgMultiConfig codes
=> doConfig codes
1356 if Acl
.query
{user
= user
, class
= "priv", value
= "all"}
1357 orelse Acl
.query
{user
= user
, class
= "priv", value
= "shutdown"} then
1358 print ("Domtool dispatcher shutting down at " ^
now () ^
"\n\n")
1360 (print
"Unauthorized shutdown command!\n";
1362 handle OpenSSL
.OpenSSL _
=> ();
1367 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1369 Acl
.write Config
.aclFile
;
1370 if #class acl
= "user" then
1374 ("Granted permission " ^ #value acl ^
" to " ^ #user acl ^
" in " ^ #class acl ^
".",
1377 ("Unauthorized user asked to grant a permission!",
1378 SOME
"Not authorized to grant privileges"))
1383 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1385 Acl
.write Config
.aclFile
;
1386 ("Revoked permission " ^ #value acl ^
" from " ^ #user acl ^
" in " ^ #class acl ^
".",
1389 ("Unauthorized user asked to revoke a permission!",
1390 SOME
"Not authorized to revoke privileges"))
1393 | MsgListPerms user
=>
1395 (Msg
.send (bio
, MsgPerms (Acl
.queryAll user
));
1396 ("Sent permission list for user " ^ user ^
".",
1402 (Msg
.send (bio
, MsgWhoHasResponse (Acl
.whoHas perm
));
1403 ("Sent whohas response for " ^ #class perm ^
" / " ^ #value perm ^
".",
1409 if Acl
.query
{user
= user
, class
= "priv", value
= "all"}
1410 orelse List.all (fn dom
=> Domain
.validDomain dom
1411 andalso Acl
.queryDomain
{user
= user
, domain
= dom
}) doms
then
1414 Acl
.revokeFromAll
{class
= "domain", value
= dom
}) doms
;
1415 Acl
.write Config
.aclFile
;*)
1416 ("Removed domains" ^
foldl (fn (d
, s
) => s ^
" " ^ d
) "" doms ^
".",
1419 ("Unauthorized user asked to remove a domain!",
1420 SOME
"Not authorized to remove that domain"))
1425 if Acl
.query
{user
= user
, class
= "priv", value
= "regen"}
1426 orelse Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1427 (if regenerate context
then
1428 ("Regenerated all configuration.",
1431 ("Error regenerating configuration!",
1432 SOME
"Error regenerating configuration! Consult /var/log/domtool.log."))
1434 ("Unauthorized user asked to regenerate!",
1435 SOME
"Not authorized to regenerate"))
1438 | MsgRegenerateTc
=>
1440 if Acl
.query
{user
= user
, class
= "priv", value
= "regen"}
1441 orelse Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1442 (if regenerateTc context
then
1443 ("Checked all configuration.",
1446 ("Found a compilation error!",
1447 SOME
"Found a compilation error! Consult /var/log/domtool.log."))
1449 ("Unauthorized user asked to regenerate -tc!",
1450 SOME
"Not authorized to regenerate -tc"))
1453 | MsgRmuser user
' =>
1455 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1457 Acl
.write Config
.aclFile
;
1458 ("Removed user " ^ user
' ^
".",
1461 ("Unauthorized user asked to remove a user!",
1462 SOME
"Not authorized to remove users"))
1465 | MsgListMailboxes domain
=>
1467 if not (Domain
.yourDomain domain
) then
1468 ("User wasn't authorized to list mailboxes for " ^ domain
,
1469 SOME
"You're not authorized to configure that domain.")
1471 case Vmail
.list domain
of
1472 Vmail
.Listing users
=> (Msg
.send (bio
, MsgMailboxes users
);
1473 ("Sent mailbox list for " ^ domain
,
1475 | Vmail
.Error msg
=> ("Error listing mailboxes for " ^ domain ^
": " ^ msg
,
1479 | MsgNewMailbox
{domain
, user
= emailUser
, passwd
, mailbox
} =>
1481 if not (Domain
.yourDomain domain
) then
1482 ("User wasn't authorized to add a mailbox to " ^ domain
,
1483 SOME
"You're not authorized to configure that domain.")
1484 else if not (Domain
.validEmailUser emailUser
) then
1485 ("Invalid e-mail username " ^ emailUser
,
1486 SOME
"Invalid e-mail username")
1487 else if not (CharVector
.all
Char.isGraph passwd
) then
1488 ("Invalid password",
1489 SOME
"Invalid password; may only contain printable, non-space characters")
1490 else if not (Domain
.yourPath mailbox
) then
1491 ("User wasn't authorized to add a mailbox at " ^ mailbox
,
1492 SOME ("You're not authorized to use that mailbox location. ("
1495 case Vmail
.add
{requester
= user
,
1496 domain
= domain
, user
= emailUser
,
1497 passwd
= passwd
, mailbox
= mailbox
} of
1498 NONE
=> ("Added mailbox " ^ emailUser ^
"@" ^ domain ^
" at " ^ mailbox
,
1500 | SOME msg
=> ("Error adding mailbox " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1504 | MsgPasswdMailbox
{domain
, user
= emailUser
, passwd
} =>
1506 if not (Domain
.yourDomain domain
) then
1507 ("User wasn't authorized to change password of a mailbox for " ^ domain
,
1508 SOME
"You're not authorized to configure that domain.")
1509 else if not (Domain
.validEmailUser emailUser
) then
1510 ("Invalid e-mail username " ^ emailUser
,
1511 SOME
"Invalid e-mail username")
1512 else if not (CharVector
.all
Char.isGraph passwd
) then
1513 ("Invalid password",
1514 SOME
"Invalid password; may only contain printable, non-space characters")
1516 case Vmail
.passwd
{domain
= domain
, user
= emailUser
,
1518 NONE
=> ("Changed password of mailbox " ^ emailUser ^
"@" ^ domain
,
1520 | SOME msg
=> ("Error changing mailbox password for " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1524 | MsgPortalPasswdMailbox
{domain
, user
= emailUser
, oldpasswd
, newpasswd
} =>
1526 if not (Acl
.query
{user
= user
, class
= "priv", value
= "vmail"}) then
1527 ("User is not authorized to run portal vmail password",
1528 SOME
"You're not authorized to use the portal password command")
1529 else if not (Domain
.validEmailUser emailUser
) then
1530 ("Invalid e-mail username " ^ emailUser
,
1531 SOME
"Invalid e-mail username")
1532 else if not (CharVector
.all
Char.isGraph oldpasswd
1533 andalso CharVector
.all
Char.isGraph newpasswd
) then
1534 ("Invalid password",
1535 SOME
"Invalid password; may only contain printable, non-space characters")
1537 case Vmail
.portalpasswd
{domain
= domain
, user
= emailUser
,
1538 oldpasswd
= oldpasswd
, newpasswd
= newpasswd
} of
1539 NONE
=> ("Changed password of mailbox " ^ emailUser ^
"@" ^ domain
,
1541 | SOME msg
=> ("Error changing mailbox password for " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1545 | MsgRmMailbox
{domain
, user
= emailUser
} =>
1547 if not (Domain
.yourDomain domain
) then
1548 ("User wasn't authorized to change password of a mailbox for " ^ domain
,
1549 SOME
"You're not authorized to configure that domain.")
1550 else if not (Domain
.validEmailUser emailUser
) then
1551 ("Invalid e-mail username " ^ emailUser
,
1552 SOME
"Invalid e-mail username")
1554 case Vmail
.rm
{domain
= domain
, user
= emailUser
} of
1555 NONE
=> ("Deleted mailbox " ^ emailUser ^
"@" ^ domain
,
1557 | SOME msg
=> ("Error deleting mailbox " ^ emailUser ^
"@" ^ domain ^
": " ^ msg
,
1561 | MsgSaQuery addr
=>
1563 case checkAddr addr
of
1564 NONE
=> ("User tried to query SA filtering for " ^ addr
,
1565 SOME
"You aren't allowed to configure SA filtering for that recipient.")
1566 | SOME addr
' => (Msg
.send (bio
, MsgSaStatus (SetSA
.query addr
'));
1567 ("Queried SA filtering status for " ^ addr
,
1571 |
MsgSaSet (addr
, b
) =>
1573 case checkAddr addr
of
1574 NONE
=> ("User tried to set SA filtering for " ^ addr
,
1575 SOME
"You aren't allowed to configure SA filtering for that recipient.")
1576 | SOME addr
' => (SetSA
.set (addr
', b
);
1578 Msg
.send (bio
, MsgOk
);
1579 ("Set SA filtering status for " ^ addr ^
" to "
1580 ^
(if b
then "ON" else "OFF"),
1584 | MsgSmtpLogReq domain
=>
1586 if not (Domain
.yourDomain domain
) then
1587 ("Unauthorized user tried to request SMTP logs for " ^ domain
,
1588 SOME
"You aren't authorized to configure that domain.")
1590 (SmtpLog
.search (fn line
=> Msg
.send (bio
, MsgSmtpLogRes line
))
1592 ("Requested SMTP logs for " ^ domain
,
1597 doIt (fn () => (Msg
.send (bio
, answerQuery q
);
1601 | MsgDescribe dom
=>
1602 doIt (fn () => if not (Domain
.validDomain dom
) then
1603 ("Requested description of invalid domain " ^ dom
,
1604 SOME
"Invalid domain name")
1605 else if not (Domain
.yourDomain dom
1606 orelse Acl
.query
{user
= user
, class
= "priv", value
= "all"}) then
1607 ("Requested description of " ^ dom ^
", but not allowed access",
1608 SOME
"Access denied")
1610 (Msg
.send (bio
, MsgDescription (Domain
.describe dom
));
1611 ("Sent description of domain " ^ dom
,
1616 doIt (fn () => if Acl
.query
{user
= user
, class
= "priv", value
= "regen"}
1617 orelse Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1619 ("Users change callbacks run", NONE
))
1621 ("Unauthorized user asked to reusers!",
1622 SOME
"You aren't authorized to regenerate files."))
1626 doIt (fn () => ("Unexpected command",
1627 SOME
"Unexpected command"))
1632 handle e
as (OpenSSL
.OpenSSL s
) =>
1633 (print ("OpenSSL error: " ^ s ^
"\n");
1634 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory e
);
1636 handle OpenSSL
.OpenSSL _
=> ();
1638 | OS
.SysErr (s
, _
) =>
1639 (print ("System error: " ^ s ^
"\n");
1641 handle OpenSSL
.OpenSSL _
=> ();
1643 | IO
.Io
{name
, function
, cause
} =>
1644 (print ("IO error: " ^ function ^
" for " ^ name ^
"\n");
1645 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory cause
);
1647 handle OpenSSL
.OpenSSL _
=> ();
1649 | OS
.Path
.InvalidArc
=>
1650 (print
"Invalid arc\n";
1652 handle OpenSSL
.OpenSSL _
=> ();
1655 (print
"Unknown exception in main loop!\n";
1656 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory e
);
1658 handle OpenSSL
.OpenSSL _
=> ();
1660 handle e
as (OpenSSL
.OpenSSL s
) =>
1661 (print ("OpenSSL error: " ^ s ^
"\n");
1662 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory e
);
1664 | OS
.SysErr (s
, _
) =>
1665 (print ("System error: " ^ s ^
"\n");
1667 | IO
.Io
{name
, function
, cause
} =>
1668 (print ("IO error: " ^ function ^
" for " ^ name ^
"\n");
1669 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory cause
);
1672 (print
"Unknown exception in main loop!\n";
1673 app (fn x
=> print (x ^
"\n")) (SMLofNJ
.exnHistory e
);
1676 print ("Domtool dispatcher starting up at " ^
now () ^
"\n");
1677 print
"Listening for connections....\n";
1679 OpenSSL
.shutdown sock
1684 val host
= Slave
.hostname ()
1686 val context
= context (Config
.certDir ^
"/" ^ host ^
".pem",
1687 Config
.keyDir ^
"/" ^ host ^
"/key.pem",
1690 val sock
= OpenSSL
.listen (context
, Config
.slavePort
)
1692 val _
= print ("Slave server starting at " ^
now () ^
"\n")
1695 (case OpenSSL
.accept sock
of
1699 val peer
= OpenSSL
.peerCN bio
1700 val () = print ("\nConnection from " ^ peer ^
" at " ^
now () ^
"\n")
1702 if peer
= Config
.dispatcherName
then let
1704 case Msg
.recv bio
of
1705 NONE
=> print
"Dispatcher closed connection unexpectedly\n"
1708 MsgFile file
=> loop
' (file
:: files
)
1709 | MsgDoFiles
=> (Slave
.handleChanges files
;
1710 Msg
.send (bio
, MsgOk
))
1711 | MsgRegenerate
=> (Domain
.resetLocal ();
1712 Msg
.send (bio
, MsgOk
))
1713 | MsgVmailChanged
=> (if Vmail
.doChanged () then
1714 Msg
.send (bio
, MsgOk
)
1716 Msg
.send (bio
, MsgError
"userdb update failed"))
1717 | MsgSaChanged
=> (if Slave
.shell
[Config
.SpamAssassin
.postReload
] then
1718 Msg
.send (bio
, MsgOk
)
1720 Msg
.send (bio
, MsgError
"Error reloading SpamAssassin addresses"))
1721 | _
=> (print
"Dispatcher sent unexpected command\n";
1722 Msg
.send (bio
, MsgError
"Unexpected command"))
1725 ignore (OpenSSL
.readChar bio
);
1729 else if peer
= "domtool" then
1730 case Msg
.recv bio
of
1731 SOME MsgShutdown
=> (OpenSSL
.close bio
;
1732 print ("Shutting down at " ^
now () ^
"\n\n"))
1733 | _
=> (OpenSSL
.close bio
;
1737 val doIt
= doIt
' loop bio
1740 case Msg
.recv bio
of
1741 NONE
=> (OpenSSL
.close bio
1742 handle OpenSSL
.OpenSSL _
=> ();
1746 (MsgQuery q
) => (print (describeQuery q ^
"\n");
1747 Msg
.send (bio
, answerQuery q
);
1748 ignore (OpenSSL
.readChar bio
);
1751 | MsgCreateDbUser
{dbtype
, passwd
} =>
1753 case Dbms
.lookup dbtype
of
1754 NONE
=> ("Database user creation request with unknown datatype type " ^ dbtype
,
1755 SOME ("Unknown database type " ^ dbtype
))
1757 case #adduser handler
{user
= user
, passwd
= passwd
} of
1758 NONE
=> ("Added " ^ dbtype ^
" user " ^ user ^
".",
1761 ("Error adding a " ^ dbtype ^
" user " ^ user ^
": " ^ msg
,
1762 SOME ("Error adding user: " ^ msg
)))
1765 | MsgDbPasswd
{dbtype
, passwd
} =>
1767 case Dbms
.lookup dbtype
of
1768 NONE
=> ("Database passwd request with unknown datatype type " ^ dbtype
,
1769 SOME ("Unknown database type " ^ dbtype
))
1771 case #passwd handler
{user
= user
, passwd
= passwd
} of
1772 NONE
=> ("Changed " ^ dbtype ^
" password of user " ^ user ^
".",
1775 ("Error setting " ^ dbtype ^
" password of user " ^ user ^
": " ^ msg
,
1776 SOME ("Error adding user: " ^ msg
)))
1779 | MsgCreateDb
{dbtype
, dbname
, encoding
} =>
1781 if Dbms
.validDbname dbname
then
1782 case Dbms
.lookup dbtype
of
1783 NONE
=> ("Database creation request with unknown datatype type " ^ dbtype
,
1784 SOME ("Unknown database type " ^ dbtype
))
1786 if not (Dbms
.validEncoding encoding
) then
1787 ("Invalid encoding " ^ valOf encoding ^
" requested for database creation.",
1788 SOME
"Invalid encoding")
1790 case #createdb handler
{user
= user
, dbname
= dbname
, encoding
= encoding
} of
1791 NONE
=> ("Created database " ^ user ^
"_" ^ dbname ^
".",
1793 | SOME msg
=> ("Error creating database " ^ user ^
"_" ^ dbname ^
": " ^ msg
,
1794 SOME ("Error creating database: " ^ msg
))
1796 ("Invalid database name " ^ user ^
"_" ^ dbname
,
1797 SOME ("Invalid database name " ^ dbname
)))
1800 | MsgDropDb
{dbtype
, dbname
} =>
1802 if Dbms
.validDbname dbname
then
1803 case Dbms
.lookup dbtype
of
1804 NONE
=> ("Database drop request with unknown datatype type " ^ dbtype
,
1805 SOME ("Unknown database type " ^ dbtype
))
1807 case #dropdb handler
{user
= user
, dbname
= dbname
} of
1808 NONE
=> ("Drop database " ^ user ^
"_" ^ dbname ^
".",
1810 | SOME msg
=> ("Error dropping database " ^ user ^
"_" ^ dbname ^
": " ^ msg
,
1811 SOME ("Error dropping database: " ^ msg
))
1813 ("Invalid database name " ^ user ^
"_" ^ dbname
,
1814 SOME ("Invalid database name " ^ dbname
)))
1817 | MsgGrantDb
{dbtype
, dbname
} =>
1819 if Dbms
.validDbname dbname
then
1820 case Dbms
.lookup dbtype
of
1821 NONE
=> ("Database drop request with unknown datatype type " ^ dbtype
,
1822 SOME ("Unknown database type " ^ dbtype
))
1824 case #grant handler
{user
= user
, dbname
= dbname
} of
1825 NONE
=> ("Grant permissions to database " ^ user ^
"_" ^ dbname ^
".",
1827 | SOME msg
=> ("Error granting permissions to database " ^ user ^
"_" ^ dbname ^
": " ^ msg
,
1828 SOME ("Error granting permissions to database: " ^ msg
))
1830 ("Invalid database name " ^ user ^
"_" ^ dbname
,
1831 SOME ("Invalid database name " ^ dbname
)))
1833 | MsgFirewallRegen
=>
1834 doIt (fn () => (Acl
.read Config
.aclFile
;
1835 if Acl
.query
{user
= user
, class
= "priv", value
= "all"} then
1836 if List.exists (fn x
=> x
= host
) Config
.Firewall
.firewallNodes
then
1837 if (Firewall
.generateFirewallConfig (Firewall
.parseRules ()) andalso Firewall
.publishConfig ())
1839 ("Firewall rules regenerated.", NONE
)
1841 ("Rules regeneration failed!", SOME
"Script execution failed.")
1842 else ("Node not controlled by domtool firewall.", SOME (host
))
1844 ("Not authorized to regenerate firewall.", SOME ("Unauthorized user " ^ user ^
" attempted to regenerated firewall"))))
1847 | _
=> (OpenSSL
.close bio
;
1850 end handle OpenSSL
.OpenSSL s
=>
1851 (print ("OpenSSL error: " ^ s ^
"\n");
1853 handle OpenSSL
.OpenSSL _
=> ();
1855 | e
as OS
.SysErr (s
, _
) =>
1856 (app (fn s
=> print (s ^
"\n")) (SMLofNJ
.exnHistory e
);
1857 print ("System error: "^ s ^
"\n");
1859 handle OpenSSL
.OpenSSL _
=> ();
1861 | IO
.Io
{function
, name
, ...} =>
1862 (print ("IO error: " ^ function ^
": " ^ name ^
"\n");
1864 handle OpenSSL
.OpenSSL _
=> ();
1867 (app (fn s
=> print (s ^
"\n")) (SMLofNJ
.exnHistory e
);
1868 print
"Uncaught exception!\n";
1870 handle OpenSSL
.OpenSSL _
=> ();
1872 handle OpenSSL
.OpenSSL s
=>
1873 (print ("OpenSSL error: " ^ s ^
"\n");
1876 (app (fn s
=> print (s ^
"\n")) (SMLofNJ
.exnHistory e
);
1877 print
"Uncaught exception!\n";
1881 OpenSSL
.shutdown sock
1886 val dir
= Posix
.FileSys
.opendir Config
.libRoot
1889 case Posix
.FileSys
.readdir dir
of
1890 NONE
=> (Posix
.FileSys
.closedir dir
;
1893 if String.isSuffix
".dtl" fname
then
1894 loop (OS
.Path
.joinDirFile
{dir
= Config
.libRoot
,
1903 fun autodocBasis outdir
=
1904 Autodoc
.autodoc
{outdir
= outdir
, infiles
= listBasis ()}