From d22c1f00ed619c221dc9891c86c5ced202a9ee77 Mon Sep 17 00:00:00 2001 From: Adam Chlipala Date: Sat, 12 May 2007 21:59:22 +0000 Subject: [PATCH] More helpful error message for failure to create an SSL context --- src/main.sml | 24 +++++++++++++++--------- src/openssl.sig | 2 +- src/openssl.sml | 10 +++++----- 3 files changed, 21 insertions(+), 15 deletions(-) diff --git a/src/main.sml b/src/main.sml index aca57ed..e106823 100644 --- a/src/main.sml +++ b/src/main.sml @@ -170,6 +170,12 @@ val dispatcher = val self = "localhost:" ^ Int.toString Config.slavePort +fun context x = + (OpenSSL.context false x) + handle e as OpenSSL.OpenSSL _ => + (print "Couldn't find your certificate.\nYou probably haven't been given any Domtool privileges.\n"; + raise e) + fun requestContext f = let val user = @@ -187,9 +193,9 @@ fun requestContext f = val () = f () - val context = OpenSSL.context (Config.certDir ^ "/" ^ user ^ ".pem", - Config.keyDir ^ "/" ^ user ^ "/key.pem", - Config.trustStore) + val context = context (Config.certDir ^ "/" ^ user ^ ".pem", + Config.keyDir ^ "/" ^ user ^ "/key.pem", + Config.trustStore) in (user, context) end @@ -897,9 +903,9 @@ fun service () = let val () = Acl.read Config.aclFile - val context = OpenSSL.context (Config.serverCert, - Config.serverKey, - Config.trustStore) + val context = context (Config.serverCert, + Config.serverKey, + Config.trustStore) val _ = Domain.set_context context val sock = OpenSSL.listen (context, Config.dispatcherPort) @@ -1282,9 +1288,9 @@ fun slave () = let val host = Slave.hostname () - val context = OpenSSL.context (Config.certDir ^ "/" ^ host ^ ".pem", - Config.keyDir ^ "/" ^ host ^ "/key.pem", - Config.trustStore) + val context = context (Config.certDir ^ "/" ^ host ^ ".pem", + Config.keyDir ^ "/" ^ host ^ "/key.pem", + Config.trustStore) val sock = OpenSSL.listen (context, Config.slavePort) diff --git a/src/openssl.sig b/src/openssl.sig index 82cec65..a3641a9 100644 --- a/src/openssl.sig +++ b/src/openssl.sig @@ -39,7 +39,7 @@ val writeInt : bio * int -> unit val writeString' : bio * string -> unit val writeString : bio * string -> unit -val context : string * string * string -> context +val context : bool -> string * string * string -> context val connect : context * string -> bio val close : bio -> unit diff --git a/src/openssl.sml b/src/openssl.sml index 9ebb959..3f3b292 100644 --- a/src/openssl.sml +++ b/src/openssl.sml @@ -231,29 +231,29 @@ fun writeString (bio, s) = (writeInt (bio, size s); writeString' (bio, s)) -fun context (chain, key, root) = +fun context printErr (chain, key, root) = let val context = F_OpenSSL_SML_CTX_new.f' (F_OpenSSL_SML_SSLv23_method.f' ()) in if C.Ptr.isNull' context then - (ssl_err "Error creating SSL context"; + (if printErr then ssl_err "Error creating SSL context" else (); raise OpenSSL "Can't create SSL context") else if F_OpenSSL_SML_use_certificate_chain_file.f' (context, ZString.dupML' chain) = 0 then - (ssl_err "Error using certificate chain"; + (if printErr then ssl_err "Error using certificate chain" else (); F_OpenSSL_SML_CTX_free.f' context; raise OpenSSL "Can't load certificate chain") else if F_OpenSSL_SML_use_PrivateKey_file.f' (context, ZString.dupML' key) = 0 then - (ssl_err "Error using private key"; + (if printErr then ssl_err "Error using private key" else (); F_OpenSSL_SML_CTX_free.f' context; raise OpenSSL "Can't load private key") else if F_OpenSSL_SML_load_verify_locations.f' (context, ZString.dupML' root, C.Ptr.null') = 0 then - (ssl_err "Error loading trust store"; + (if printErr then ssl_err "Error loading trust store" else (); F_OpenSSL_SML_CTX_free.f' context; raise OpenSSL "Can't load trust store") else -- 2.20.1