structure Main :> MAIN = struct
-open Ast Print
+open Ast MsgTypes Print
structure SM = StringMap
-val dmy = ErrorMsg.dummyLoc
-
-fun init () = (F_OpenSSL_SML_add_all_algorithms.f' ();
- F_OpenSSL_SML_load_error_strings.f' ();
- F_OpenSSL_SML_load_BIO_strings.f' ())
-
-val () = init ()
-
-val defaultT : record ref = ref SM.empty
-val defaultV : (unit -> exp) SM.map ref = ref SM.empty
-
-fun registerDefault (name, t, v) =
- case SM.find (!defaultT, name) of
- NONE => (defaultT := SM.insert (!defaultT, name, t);
- defaultV := SM.insert (!defaultV, name, v))
- | SOME _ => raise Fail "Duplicate default environment variable"
-
-fun tInit () = (TAction ((CRoot, dmy),
- !defaultT,
- StringMap.empty),
- dmy)
-
-
+fun init () = Acl.read Config.aclFile
fun check' G fname =
let
- (*val _ = print ("Check " ^ fname ^ "\n")*)
val prog = Parse.parse fname
in
if !ErrorMsg.anyErrors then
G
else
- Tycheck.checkFile G (tInit ()) prog
+ Tycheck.checkFile G (Defaults.tInit ()) prog
end
fun basis () =
val b = basis ()
in
if !ErrorMsg.anyErrors then
- (b, NONE)
+ raise ErrorMsg.Error
else
let
val _ = ErrorMsg.reset ()
val prog = Parse.parse fname
in
if !ErrorMsg.anyErrors then
- (Env.empty, NONE)
+ raise ErrorMsg.Error
else
let
- val G' = Tycheck.checkFile b (tInit ()) prog
+ val G' = Tycheck.checkFile b (Defaults.tInit ()) prog
in
- (G', #3 prog)
+ if !ErrorMsg.anyErrors then
+ raise ErrorMsg.Error
+ else
+ (G', #3 prog)
end
end
end
case reduce fname of
(SOME body') =>
if !ErrorMsg.anyErrors then
- ()
+ raise ErrorMsg.Error
else
- Eval.exec (SM.map (fn f => f ()) (!defaultV)) body'
- | NONE => ()
+ Eval.exec (Defaults.eInit ()) body'
+ | NONE => raise ErrorMsg.Error
-val dispatcher : C.rw ZString.zstring' = ZString.dupML' Config.dispatcher
+val dispatcher =
+ Config.dispatcher ^ ":" ^ Int.toString Config.dispatcherPort
-fun ssl_err s =
+fun hostname () =
let
- val err = F_OpenSSL_SML_get_error.f ()
+ val inf = TextIO.openIn "/etc/hostname"
in
- print s;
- print "\nReason: ";
- print (ZString.toML (F_OpenSSL_SML_lib_error_string.f err));
- print ":";
- print (ZString.toML (F_OpenSSL_SML_func_error_string.f err));
- print ":";
- print (ZString.toML (F_OpenSSL_SML_reason_error_string.f err));
- print "\n"
+ case TextIO.inputLine inf of
+ NONE => (TextIO.closeIn inf; raise Fail "No line in /etc/hostname")
+ | SOME line => (TextIO.closeIn inf; String.substring (line, 0, size line - 1))
end
-exception OpenSSL of string
+fun request fname =
+ let
+ val uid = Posix.ProcEnv.getuid ()
+ val user = Posix.SysDB.Passwd.name (Posix.SysDB.getpwuid uid)
+
+ val () = Acl.read Config.aclFile
+ val () = Domain.setUser user
+ val _ = check fname
+
+ val context = OpenSSL.context (Config.certDir ^ "/" ^ user ^ ".pem",
+ Config.keyDir ^ "/" ^ user ^ ".pem",
+ Config.trustStore)
+
+ val bio = OpenSSL.connect (context, dispatcher)
+
+ val inf = TextIO.openIn fname
+
+ fun loop lines =
+ case TextIO.inputLine inf of
+ NONE => String.concat (List.rev lines)
+ | SOME line => loop (line :: lines)
-fun writeAll (bio, s) =
+ val code = loop []
+ in
+ TextIO.closeIn inf;
+ Msg.send (bio, MsgConfig code);
+ case Msg.recv bio of
+ NONE => print "Server closed connection unexpectedly.\n"
+ | SOME m =>
+ case m of
+ MsgOk => print "Configuration succeeded.\n"
+ | MsgError s => print ("Configuration failed: " ^ s ^ "\n")
+ | _ => print "Unexpected server reply.\n";
+ OpenSSL.close bio
+ end
+ handle ErrorMsg.Error => ()
+
+fun service () =
let
- val buf = ZString.dupML' s
+ val () = Acl.read Config.aclFile
+
+ val context = OpenSSL.context (Config.serverCert,
+ Config.serverKey,
+ Config.trustStore)
+ val _ = Domain.set_context context
- fun loop (buf, len) =
- let
- val r = F_OpenSSL_SML_write.f' (bio, C.Ptr.inject' buf, len)
- in
- if r = len then
- ()
- else if r <= 0 then
- (C.free' buf;
- raise OpenSSL "BIO_write failed")
- else
- loop (C.Ptr.|+! C.S.uchar (buf, Int32.toInt r), Int32.- (len, r))
- end
+ val sock = OpenSSL.listen (context, Config.dispatcherPort)
+
+ fun loop () =
+ case OpenSSL.accept sock of
+ NONE => ()
+ | SOME bio =>
+ let
+ val user = OpenSSL.peerCN bio
+ val () = print ("\nConnection from " ^ user ^ "\n")
+ val () = Domain.setUser user
+
+ fun cmdLoop () =
+ case Msg.recv bio of
+ NONE => (OpenSSL.close bio
+ handle OpenSSL.OpenSSL _ => ();
+ loop ())
+ | SOME m =>
+ case m of
+ MsgConfig code =>
+ let
+ val _ = print "Configuration:\n"
+ val _ = print code
+ val _ = print "\n"
+
+ val outname = OS.FileSys.tmpName ()
+ val outf = TextIO.openOut outname
+ in
+ TextIO.output (outf, code);
+ TextIO.closeOut outf;
+ (eval outname;
+ Msg.send (bio, MsgOk))
+ handle ErrorMsg.Error =>
+ (print "Compilation error\n";
+ Msg.send (bio,
+ MsgError "Error during configuration evaluation"))
+ | OpenSSL.OpenSSL s =>
+ (print "OpenSSL error\n";
+ Msg.send (bio,
+ MsgError
+ ("Error during configuration evaluation: "
+ ^ s)));
+ OS.FileSys.remove outname;
+ (ignore (OpenSSL.readChar bio);
+ OpenSSL.close bio)
+ handle OpenSSL.OpenSSL _ => ();
+ loop ()
+ end
+ | _ =>
+ (Msg.send (bio, MsgError "Unexpected command")
+ handle OpenSSL.OpenSSL _ => ();
+ OpenSSL.close bio
+ handle OpenSSL.OpenSSL _ => ();
+ loop ())
+ in
+ cmdLoop ()
+ end
in
- loop (buf, Int32.fromInt (size s));
- C.free' buf
+ loop ();
+ OpenSSL.shutdown sock
end
-fun request fname =
+fun slave () =
let
- val bio = F_OpenSSL_SML_new_connect.f' dispatcher
+ val host = hostname ()
+
+ val context = OpenSSL.context (Config.certDir ^ "/" ^ host ^ ".pem",
+ Config.keyDir ^ "/" ^ host ^ ".pem",
+ Config.trustStore)
+
+ val sock = OpenSSL.listen (context, Config.slavePort)
+
+ fun loop () =
+ case OpenSSL.accept sock of
+ NONE => ()
+ | SOME bio =>
+ let
+ val peer = OpenSSL.peerCN bio
+ val () = print ("\nConnection from " ^ peer ^ "\n")
+ in
+ if peer <> Config.dispatcherName then
+ (print "Not authorized!\n";
+ OpenSSL.close bio;
+ loop ())
+ else let
+ fun loop' files =
+ case Msg.recv bio of
+ NONE => print "Dispatcher closed connection unexpectedly\n"
+ | SOME m =>
+ case m of
+ MsgFile file => loop' (file :: files)
+ | MsgDoFiles => (Slave.handleChanges files;
+ Msg.send (bio, MsgOk))
+ | _ => (print "Dispatcher sent unexpected command\n";
+ Msg.send (bio, MsgError "Unexpected command"))
+ in
+ loop' [];
+ ignore (OpenSSL.readChar bio);
+ OpenSSL.close bio;
+ loop ()
+ end
+ end
in
- if C.Ptr.isNull' bio then
- (ssl_err ("Error initializating connection to dispatcher at " ^ Config.dispatcher);
- F_OpenSSL_SML_free_all.f' bio)
- else if F_OpenSSL_SML_do_connect.f' bio <= 0 then
- (ssl_err ("Error connecting to dispatcher at " ^ Config.dispatcher);
- F_OpenSSL_SML_free_all.f' bio)
- else let
- val inf = TextIO.openIn fname
-
- fun loop () =
- case TextIO.inputLine inf of
- NONE => ()
- | SOME line => (writeAll (bio, line);
- loop ())
- in
- loop ();
- TextIO.closeIn inf;
- F_OpenSSL_SML_free_all.f' bio
- end
+ loop ();
+ OpenSSL.shutdown sock
end
end