github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-04-03 14:18:37 +00:00
Code Issues Projects Releases Wiki Activity
Files
d9bdd77ba7e1be01532cfcd5c5dbf225a74580db
linuxkit/projects/miragesdk/examples/https-unikernel/src/tls_terminator.ml
Thomas Leonard 86b4f01e17 Update https-unikernel to released capnp-rpc 0.1 API 
Also, separate out RPC encoding from application logic.

Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
2017-08-15 14:16:35 +01:00

27 lines
965 B
OCaml
Raw Blame History

(** The TLS terminator implementation.
Listens for TLS connections on a port and forwards the plaintext flow to the HTTP service. *)
open Lwt.Infix
open Capnp_rpc_lwt
let run ~port ~http_service =
let tls_config : Conduit_lwt_unix.server_tls_config =
`Crt_file_path "tls-secrets/server.crt",
`Key_file_path "tls-secrets/server.key",
`No_password,
`Port port
in
let mode = `TLS tls_config in
Logs.info (fun f -> f "Listening on https port %d" port);
Conduit_lwt_unix.(serve ~ctx:default_ctx) ~mode (fun _flow ic oc ->
Logs.info (fun f -> f "Got new TLS connection");
let flow_obj = Rpc.Flow.local ic oc in
Rpc.Http.accept http_service flow_obj >|= fun () ->
Capability.dec_ref flow_obj
)
let init ~switch ~to_http =
let tags = Logs.Tag.add Logging.Actor.tag (`Blue, "TLS ") Logs.Tag.empty in
let http_service = CapTP.bootstrap (CapTP.connect ~tags ~switch to_http) in
run ~http_service ~port:8443
Reference in New Issue View Git Blame Copy Permalink