val _ =
case CommandLine.arguments () of
["grant", user, class, value] => Main.requestGrant {user = user, class = class, value = value}
+ | ["revoke", user, class, value] => Main.requestRevoke {user = user, class = class, value = value}
| _ => print "Invalid command-line arguments\n"
OpenSSL.close bio
end
+fun requestRevoke acl =
+ let
+ val (user, bio) = requestBio (fn () => ())
+ in
+ Msg.send (bio, MsgRevoke acl);
+ case Msg.recv bio of
+ NONE => print "Server closed connection unexpectedly.\n"
+ | SOME m =>
+ case m of
+ MsgOk => print "Revoke succeeded.\n"
+ | MsgError s => print ("Revoke failed: " ^ s ^ "\n")
+ | _ => print "Unexpected server reply.\n";
+ OpenSSL.close bio
+ end
+
fun service () =
let
val () = Acl.read Config.aclFile
if Acl.query {user = user, class = "group", value = "root"} then
((Acl.grant acl;
Acl.write Config.aclFile;
- Msg.send (bio, MsgOk))
+ Msg.send (bio, MsgOk);
+ print ("Granted permission " ^ #value acl ^ " to " ^ #user acl ^ " in " ^ #class acl ^ ".\n"))
handle OpenSSL.OpenSSL s =>
(print "OpenSSL error\n";
Msg.send (bio,
loop ())
else
((Msg.send (bio, MsgError "Not authorized to grant privileges");
+ print "Unauthorized user asked to grant a permission!\n";
+ ignore (OpenSSL.readChar bio);
+ OpenSSL.close bio)
+ handle OpenSSL.OpenSSL _ => ();
+ loop ())
+
+ | MsgRevoke acl =>
+ if Acl.query {user = user, class = "group", value = "root"} then
+ ((Acl.revoke acl;
+ Acl.write Config.aclFile;
+ Msg.send (bio, MsgOk);
+ print ("Revoked permission " ^ #value acl ^ " from " ^ #user acl ^ " in " ^ #class acl ^ ".\n"))
+ handle OpenSSL.OpenSSL s =>
+ (print "OpenSSL error\n";
+ Msg.send (bio,
+ MsgError
+ ("Error during revocation: "
+ ^ s)));
+ (ignore (OpenSSL.readChar bio);
+ OpenSSL.close bio)
+ handle OpenSSL.OpenSSL _ => ();
+ loop ())
+ else
+ ((Msg.send (bio, MsgError "Not authorized to revoke privileges");
+ print "Unauthorized user asked to revoke a permission!\n";
ignore (OpenSSL.readChar bio);
OpenSSL.close bio)
handle OpenSSL.OpenSSL _ => ();
| MsgDoFiles => OpenSSL.writeInt (bio, 5)
| MsgGrant acl => (OpenSSL.writeInt (bio, 6);
sendAcl (bio, acl))
+ | MsgRevoke acl => (OpenSSL.writeInt (bio, 7);
+ sendAcl (bio, acl))
fun checkIt v =
case v of
| 6 => (case recvAcl bio of
SOME acl => SOME (MsgGrant acl)
| _ => NONE)
+ | 7 => (case recvAcl bio of
+ SOME acl => SOME (MsgRevoke acl)
+ | _ => NONE)
| _ => NONE)
end