diff --git a/README.md b/README.md index 7f975ea..c1e3daf 100644 --- a/README.md +++ b/README.md @@ -41,11 +41,10 @@ CN=CA openssl req -config openssl.cnf -x509 -new -nodes -key ca.key -sha256 -day # create example client CSR for testing (check openssl.cnf against "psk" file) CN=rotuer openssl req -config openssl.cnf -newkey rsa:2048 -nodes -keyout client.key -out client.csr -# start the server -bin/certifix +# build and start the server +nix-build && result/bin/certifix --challenge-password psk --certificate ca.crt --private-key ca.key localhost:19613 # send it - curl -v -H 'content-type: application/x-pem-file' --data-binary @client.csr http://localhost:8201/sign ``` diff --git a/main.fnl b/main.fnl index 6321494..ee52592 100644 --- a/main.fnl +++ b/main.fnl @@ -53,14 +53,14 @@ (assoc (parse-args rest) :private-key (slurp f)) ["--challenge-password" f & rest] (assoc (parse-args rest) :challenge-password (read-line f)) - [peer] { : peer } + [bind-address] { : bind-address } _ {})) (local options (doto (parse-args arg) (case - {: certificate : private-key : challenge-password : peer} + {: certificate : private-key : challenge-password : bind-address} true _ (assert nil "missing required command line params")))) @@ -100,24 +100,30 @@ (let [hdrs (out:get_headers) method (hdrs:get ":method") path (or (hdrs:get ":path") "/")] - (print :path path) (case path "/sign" (handle-sign-csr out) _ (send-error out 404 "not found")))) +;; ncall is the opposite of pcall: "non-protected call" +(macro ncall [f] + `(case ,f + ok# ok# + (nil err#) (error err#))) (fn new-server [] - (server.listen - { - :host :localhost - :port 8201 - :onstream on-stream - })) + (let [(addr port) (string.match options.bind-address "(.+):(%d+)$")] + (case (server.listen + { + :host addr + :port (tonumber port) + :onstream on-stream + }) + f (doto f (print)) + (nil e) (error e)))) - -(doto (new-server) - (: :listen) +(let [s (new-server)] + (ncall (s:listen)) (print "server ready") - (: :loop)) + (ncall (s:loop)))