bind to address provided on command line
bonus: and print an error if we couldn't
This commit is contained in:
parent
32099b7541
commit
ba3795e3f2
|
|
@ -41,11 +41,10 @@ CN=CA openssl req -config openssl.cnf -x509 -new -nodes -key ca.key -sha256 -day
|
||||||
# create example client CSR for testing (check openssl.cnf against "psk" file)
|
# create example client CSR for testing (check openssl.cnf against "psk" file)
|
||||||
CN=rotuer openssl req -config openssl.cnf -newkey rsa:2048 -nodes -keyout client.key -out client.csr
|
CN=rotuer openssl req -config openssl.cnf -newkey rsa:2048 -nodes -keyout client.key -out client.csr
|
||||||
|
|
||||||
# start the server
|
# build and start the server
|
||||||
bin/certifix
|
nix-build && result/bin/certifix --challenge-password psk --certificate ca.crt --private-key ca.key localhost:19613
|
||||||
|
|
||||||
# send it
|
# send it
|
||||||
|
|
||||||
curl -v -H 'content-type: application/x-pem-file' --data-binary @client.csr http://localhost:8201/sign
|
curl -v -H 'content-type: application/x-pem-file' --data-binary @client.csr http://localhost:8201/sign
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
||||||
28
main.fnl
28
main.fnl
|
|
@ -53,14 +53,14 @@
|
||||||
(assoc (parse-args rest) :private-key (slurp f))
|
(assoc (parse-args rest) :private-key (slurp f))
|
||||||
["--challenge-password" f & rest]
|
["--challenge-password" f & rest]
|
||||||
(assoc (parse-args rest) :challenge-password (read-line f))
|
(assoc (parse-args rest) :challenge-password (read-line f))
|
||||||
[peer] { : peer }
|
[bind-address] { : bind-address }
|
||||||
_ {}))
|
_ {}))
|
||||||
|
|
||||||
(local options
|
(local options
|
||||||
(doto
|
(doto
|
||||||
(parse-args arg)
|
(parse-args arg)
|
||||||
(case
|
(case
|
||||||
{: certificate : private-key : challenge-password : peer}
|
{: certificate : private-key : challenge-password : bind-address}
|
||||||
true
|
true
|
||||||
_
|
_
|
||||||
(assert nil "missing required command line params"))))
|
(assert nil "missing required command line params"))))
|
||||||
|
|
@ -100,24 +100,30 @@
|
||||||
(let [hdrs (out:get_headers)
|
(let [hdrs (out:get_headers)
|
||||||
method (hdrs:get ":method")
|
method (hdrs:get ":method")
|
||||||
path (or (hdrs:get ":path") "/")]
|
path (or (hdrs:get ":path") "/")]
|
||||||
(print :path path)
|
|
||||||
(case path
|
(case path
|
||||||
"/sign"
|
"/sign"
|
||||||
(handle-sign-csr out)
|
(handle-sign-csr out)
|
||||||
_
|
_
|
||||||
(send-error out 404 "not found"))))
|
(send-error out 404 "not found"))))
|
||||||
|
|
||||||
|
;; ncall is the opposite of pcall: "non-protected call"
|
||||||
|
(macro ncall [f]
|
||||||
|
`(case ,f
|
||||||
|
ok# ok#
|
||||||
|
(nil err#) (error err#)))
|
||||||
|
|
||||||
(fn new-server []
|
(fn new-server []
|
||||||
(server.listen
|
(let [(addr port) (string.match options.bind-address "(.+):(%d+)$")]
|
||||||
|
(case (server.listen
|
||||||
{
|
{
|
||||||
:host :localhost
|
:host addr
|
||||||
:port 8201
|
:port (tonumber port)
|
||||||
:onstream on-stream
|
:onstream on-stream
|
||||||
}))
|
})
|
||||||
|
f (doto f (print))
|
||||||
|
(nil e) (error e))))
|
||||||
|
|
||||||
|
(let [s (new-server)]
|
||||||
(doto (new-server)
|
(ncall (s:listen))
|
||||||
(: :listen)
|
|
||||||
(print "server ready")
|
(print "server ready")
|
||||||
(: :loop))
|
(ncall (s:loop)))
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue