Merge pull request #60 from avsm/master

Make TLS optional in `Conduit_mirage`, and disable it by default.
mirage · Apr 18, 2015 · 992dc55 · 992dc55
2 parents 0f6ca56 + b56ad9e
commit 992dc55
Show file tree

Hide file tree

Showing 6 changed files with 43 additions and 15 deletions.
diff --git a/CHANGES b/CHANGES
@@ -1,3 +1,8 @@
+0.8.2 (2015-04-18):
+* Make TLS optional in `Conduit_mirage`, and disable it by default
+  so that it is a developer-only option until it is properly released.
+  It can be enabled by setting the `HAVE_MIRAGE_LWT` env variable.
+
 0.8.1 (2015-04-17):
 * Support Async_SSL version 112.24.00 and higher.
 * Add a TLS echo server in `tests/async/`

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-0.8.1
+0.8.2
diff --git a/build.sh b/build.sh
@@ -21,7 +21,8 @@ esac
 HAVE_LWT=`ocamlfind query lwt 2>/dev/null || true`
 HAVE_LWT_SSL=`ocamlfind query lwt.ssl 2>/dev/null || true`
 HAVE_LWT_TLS=`ocamlfind query tls.lwt 2>/dev/null || true`
-HAVE_MIRAGE=`ocamlfind query mirage-types dns.mirage tcpip vchan tls 2>/dev/null || true`
+HAVE_MIRAGE=`ocamlfind query mirage-types dns.mirage tcpip vchan 2>/dev/null || true`
+HAVE_MIRAGE_TLS="" # activate manually for now
 HAVE_VCHAN=`ocamlfind query vchan 2>/dev/null || true`
 HAVE_VCHAN_LWT=`ocamlfind query vchan.lwt xen-evtchn.unix 2>/dev/null || true`
 HAVE_XEN=`ocamlfind query mirage-xen xenstore_transport 2>/dev/null || true`
@@ -105,7 +106,13 @@ if [ "$HAVE_LWT" != "" ]; then
       echo "Building with Mirage Vchan support."
       LWT_MIRAGE_REQUIRES="$LWT_MIRAGE_REQUIRES vchan"
     fi
-    LWT_MIRAGE_REQUIRES="$LWT_MIRAGE_REQUIRES tls tls.mirage"
+    if [ "$HAVE_MIRAGE_TLS" != "" ]; then
+      echo "Building with Mirage TLS support."
+      echo 'true: define(HAVE_LWT_TLS)' >> _tags
+      LWT_MIRAGE_REQUIRES="$LWT_MIRAGE_REQUIRES tls tls.mirage"
+    else
+      echo Mirage TLS disabled. Edit build.sh to activate it as a developer.
+    fi
     add_target "conduit-lwt-mirage"
     cp lib/conduit-lwt-mirage.mllib lib/conduit-lwt-mirage.odocl
     if [ "$HAVE_XEN" != "" ]; then
@@ -140,7 +147,7 @@ fi
 
 REQS=`echo $PKG $ASYNC_REQUIRES $LWT_REQUIRES $LWT_UNIX_REQUIRES $LWT_MIRAGE_REQUIRES $LWT_MIRAGE_XEN_REQUIRES $VCHAN_LWT_REQUIRES | tr -s ' '`
 
-ocamlbuild -use-ocamlfind -no-links -j ${J_FLAG} -tag ${TAGS} \
+ocamlbuild -use-ocamlfind -classic-display -no-links -j ${J_FLAG} -tag ${TAGS} \
   -cflags "-w A-4-33-40-41-42-43-34-44" \
   -pkgs `echo $REQS | tr ' ' ','` \
   ${TARGETS}

diff --git a/lib/conduit_mirage.ml b/lib/conduit_mirage.ml
@@ -21,15 +21,23 @@ open Sexplib.Conv
 
 type vchan_port = Vchan.Port.t with sexp
 
+IFDEF HAVE_MIRAGE_TLS THEN
+type tls_config_client = Tls.Config.client with sexp
+type tls_config_server = Tls.Config.server with sexp
+ELSE
+type tls_config_client = [ `Tls_not_available ] with sexp
+type tls_config_server = [ `Tls_not_available ] with sexp
+ENDIF
+
 type client = [
-  | `TLS of Tls.Config.client * client
+  | `TLS of tls_config_client * client
   | `TCP of Ipaddr.t * int
   | `Vchan_direct of int * vchan_port
   | `Vchan_domain_socket of [ `Uuid of string ] * [ `Port of vchan_port ]
 ] with sexp
 
 type server = [
-  | `TLS of Tls.Config.server * server
+  | `TLS of tls_config_server * server
   | `TCP of [ `Port of int ]
   | `Vchan_direct of [`Remote_domid of int] * vchan_port
   | `Vchan_domain_socket of [ `Uuid of string ] * [ `Port of vchan_port ]
@@ -115,11 +123,11 @@ module type TLS = sig
     with type flow = Dynamic_flow.flow
   include V1_LWT.FLOW
   type tracer
-  val server_of_flow :
-    ?trace:tracer ->
-    Tls.Config.server -> FLOW.flow ->
+
+  val server_of_flow : ?trace:tracer -> tls_config_server -> FLOW.flow ->
     [> `Ok of flow | `Error of error | `Eof  ] Lwt.t
-  val client_of_flow: Tls.Config.client -> FLOW.flow ->
+
+  val client_of_flow: tls_config_client -> FLOW.flow ->
     [> `Ok of flow | `Error of error | `Eof] Lwt.t
 end
 

diff --git a/lib/conduit_mirage.mli b/lib/conduit_mirage.mli
@@ -21,17 +21,25 @@
 
 type vchan_port = Vchan.Port.t with sexp
 
+IFDEF HAVE_MIRAGE_TLS THEN
+type tls_config_client = Tls.Config.client with sexp
+type tls_config_server = Tls.Config.server with sexp
+ELSE
+type tls_config_client = [ `Tls_not_available ] with sexp
+type tls_config_server = [ `Tls_not_available ] with sexp
+ENDIF
+
 (** Configuration for a single client connection *)
 type client = [
-  | `TLS of Tls.Config.client * client
+  | `TLS of tls_config_client * client
   | `TCP of Ipaddr.t * int     (** IP address and TCP port number *)
   | `Vchan_direct of int * vchan_port (** Remote Xen domain id and port name *)
   | `Vchan_domain_socket of [ `Uuid of string ] * [ `Port of vchan_port ]
 ] with sexp
 
 (** Configuration for listening on a server port. *)
 type server = [
-  | `TLS of Tls.Config.server * server
+  | `TLS of tls_config_server * server
   | `TCP of [ `Port of int ]
   | `Vchan_direct of [ `Remote_domid of int ] * vchan_port
   | `Vchan_domain_socket of [ `Uuid of string ] * [ `Port of vchan_port ]
@@ -120,9 +128,9 @@ module type TLS = sig
   type tracer
   val server_of_flow :
     ?trace:tracer ->
-    Tls.Config.server -> FLOW.flow ->
+    tls_config_server -> FLOW.flow ->
     [> `Ok of flow | `Error of error | `Eof  ] Lwt.t
-  val client_of_flow: Tls.Config.client -> FLOW.flow ->
+  val client_of_flow: tls_config_client -> FLOW.flow ->
     [> `Ok of flow | `Error of error | `Eof] Lwt.t
 end
 

diff --git a/opam b/opam
@@ -1,6 +1,6 @@
 opam-version: "1.2"
 name:         "conduit"
-version:      "0.8.1"
+version:      "0.8.2"
 maintainer:   "anil@recoil.org"
 authors:      ["Anil Madhavapeddy" "Thomas Leonard" "Thomas Gazagnaire"]
 homepage:     "https://github.com/mirage/ocaml-conduit"