val self =
"localhost:" ^ Int.toString Config.slavePort
+fun context x =
+ (OpenSSL.context false x)
+ handle e as OpenSSL.OpenSSL _ =>
+ (print "Couldn't find your certificate.\nYou probably haven't been given any Domtool privileges.\n";
+ raise e)
+
fun requestContext f =
let
val user =
val () = f ()
- val context = OpenSSL.context (Config.certDir ^ "/" ^ user ^ ".pem",
- Config.keyDir ^ "/" ^ user ^ "/key.pem",
- Config.trustStore)
+ val context = context (Config.certDir ^ "/" ^ user ^ ".pem",
+ Config.keyDir ^ "/" ^ user ^ "/key.pem",
+ Config.trustStore)
in
(user, context)
end
let
val () = Acl.read Config.aclFile
- val context = OpenSSL.context (Config.serverCert,
- Config.serverKey,
- Config.trustStore)
+ val context = context (Config.serverCert,
+ Config.serverKey,
+ Config.trustStore)
val _ = Domain.set_context context
val sock = OpenSSL.listen (context, Config.dispatcherPort)
let
val host = Slave.hostname ()
- val context = OpenSSL.context (Config.certDir ^ "/" ^ host ^ ".pem",
- Config.keyDir ^ "/" ^ host ^ "/key.pem",
- Config.trustStore)
+ val context = context (Config.certDir ^ "/" ^ host ^ ".pem",
+ Config.keyDir ^ "/" ^ host ^ "/key.pem",
+ Config.trustStore)
val sock = OpenSSL.listen (context, Config.slavePort)
val writeString' : bio * string -> unit
val writeString : bio * string -> unit
-val context : string * string * string -> context
+val context : bool -> string * string * string -> context
val connect : context * string -> bio
val close : bio -> unit
(writeInt (bio, size s);
writeString' (bio, s))
-fun context (chain, key, root) =
+fun context printErr (chain, key, root) =
let
val context = F_OpenSSL_SML_CTX_new.f' (F_OpenSSL_SML_SSLv23_method.f' ())
in
if C.Ptr.isNull' context then
- (ssl_err "Error creating SSL context";
+ (if printErr then ssl_err "Error creating SSL context" else ();
raise OpenSSL "Can't create SSL context")
else if F_OpenSSL_SML_use_certificate_chain_file.f' (context,
ZString.dupML' chain)
= 0 then
- (ssl_err "Error using certificate chain";
+ (if printErr then ssl_err "Error using certificate chain" else ();
F_OpenSSL_SML_CTX_free.f' context;
raise OpenSSL "Can't load certificate chain")
else if F_OpenSSL_SML_use_PrivateKey_file.f' (context,
ZString.dupML' key)
= 0 then
- (ssl_err "Error using private key";
+ (if printErr then ssl_err "Error using private key" else ();
F_OpenSSL_SML_CTX_free.f' context;
raise OpenSSL "Can't load private key")
else if F_OpenSSL_SML_load_verify_locations.f' (context,
ZString.dupML' root,
C.Ptr.null') = 0 then
- (ssl_err "Error loading trust store";
+ (if printErr then ssl_err "Error loading trust store" else ();
F_OpenSSL_SML_CTX_free.f' context;
raise OpenSSL "Can't load trust store")
else