OpenSSL.close bio
end
+fun requestRmuser user =
+ let
+ val (_, bio) = requestBio (fn () => ())
+ in
+ Msg.send (bio, MsgRmuser user);
+ case Msg.recv bio of
+ NONE => print "Server closed connection unexpectedly.\n"
+ | SOME m =>
+ case m of
+ MsgOk => print "Removal succeeded.\n"
+ | MsgError s => print ("Removal failed: " ^ s ^ "\n")
+ | _ => print "Unexpected server reply.\n";
+ OpenSSL.close bio
+ end
+
fun regenerate context =
let
val b = basis ()
Env.post ()
end
+fun rmuser user =
+ let
+ val doms = Acl.class {user = user, class = "domain"}
+ val doms = List.filter (fn dom =>
+ case Acl.whoHas {class = "domain", value = dom} of
+ [_] => true
+ | _ => false) (StringSet.listItems doms)
+ in
+ Acl.rmuser user;
+ Domain.rmdom doms
+ end
+
fun service () =
let
val () = Acl.read Config.aclFile
handle OpenSSL.OpenSSL _ => ();
loop ())
- | MsgRmdom dom =>
+ | MsgRmdom doms =>
if Acl.query {user = user, class = "priv", value = "all"}
- orelse Acl.query {user = user, class = "domain", value = dom} then
- ((Domain.rmdom dom;
+ orelse List.all (fn dom => Acl.query {user = user, class = "domain", value = dom}) doms then
+ ((Domain.rmdom doms;
+ app (fn dom =>
+ Acl.revokeFromAll {class = "domain", value = dom}) doms;
+ Acl.write Config.aclFile;
Msg.send (bio, MsgOk);
- print ("Removed domain " ^ dom ^ ".\n"))
+ print ("Removed domains" ^ foldl (fn (d, s) => s ^ " " ^ d) "" doms ^ ".\n"))
handle OpenSSL.OpenSSL s =>
(print "OpenSSL error\n";
Msg.send (bio,
ignore (OpenSSL.readChar bio);
OpenSSL.close bio)
handle OpenSSL.OpenSSL _ => ();
+ loop ())
+
+ | MsgRmuser user =>
+ if Acl.query {user = user, class = "priv", value = "all"} then
+ ((rmuser user;
+ Acl.write Config.aclFile;
+ Msg.send (bio, MsgOk);
+ print ("Removed user " ^ user ^ ".\n"))
+ handle OpenSSL.OpenSSL s =>
+ (print "OpenSSL error\n";
+ Msg.send (bio,
+ MsgError
+ ("Error during revocation: "
+ ^ s)));
+ (ignore (OpenSSL.readChar bio);
+ OpenSSL.close bio)
+ handle OpenSSL.OpenSSL _ => ();
+ loop ())
+ else
+ ((Msg.send (bio, MsgError "Not authorized to remove users");
+ print "Unauthorized user asked to remove a user!\n";
+ ignore (OpenSSL.readChar bio);
+ OpenSSL.close bio)
+ handle OpenSSL.OpenSSL _ => ();
loop ())
| _ =>