mirage / ocaml-git

When writing a unikernel that uses git over https you may want to expose a https/tls-authenticator argument so the user can pin a key or certificate. The description of the format is somewhat long and not so nice to put in the argument doc string. However, leaving out the description offers a poor user experience because the user will just get an error message saying the authenticator is invalid if they try to use e.g. a key fingerprint without the prerequisite prefix and they will be none the wiser what the expected format is.

I suggest the error message explains what the expected format is.

ocaml-git/src/git-mirage/git_mirage_http.ml

Lines 290 to 323 in 363d2c3

    
           let with_optional_tls_config_and_headers ?headers ?authenticator ctx = 
        
             let time () = Some (Ptime.v (Pclock.now_d_ps ())) in 
        
             let none ?ip:_ ~host:_ _ = Ok None in 
        
             let authenticator = 
        
               match authenticator with 
        
               | None -> ( 
        
                   match NSS.authenticator () with 
        
                   | Ok authenticator -> authenticator 
        
                   | Error (`Msg err) -> failwith err) 
        
               | Some str -> ( 
        
                   match String.split_on_char ':' str with 
        
                   | "key" :: tls_key_fingerprint -> 
        
                       let tls_key_fingerprint = String.concat ":" tls_key_fingerprint in 
        
                       let hash, fingerprint = of_fp tls_key_fingerprint in 
        
                       X509.Authenticator.server_key_fingerprint ~time ~hash ~fingerprint 
        
                   | "cert" :: tls_cert_fingerprint -> 
        
                       let tls_cert_fingerprint = 
        
                         String.concat ":" tls_cert_fingerprint 
        
                       in 
        
                       let hash, fingerprint = of_fp tls_cert_fingerprint in 
        
                       X509.Authenticator.server_cert_fingerprint ~time ~hash 
        
                         ~fingerprint 
        
                   | "trust-anchor" :: certs -> 
        
                       let certs = List.map Base64.decode certs in 
        
                       let certs = List.map (Result.map Cstruct.of_string) certs in 
        
                       let certs = 
        
                         List.map 
        
                           (fun cert -> Result.bind cert X509.Certificate.decode_der) 
        
                           certs 
        
                       in 
        
                       let certs = List.filter_map Result.to_option certs in 
        
                       X509.Authenticator.chain_of_trust ~time certs 
        
                   | [ "none" ] -> none 
        
                   | _ -> Fmt.failwith "Invalid TLS authenticator: %S" str)

	let with_optional_tls_config_and_headers ?headers ?authenticator ctx =
	let time () = Some (Ptime.v (Pclock.now_d_ps ())) in
	let none ?ip:_ ~host:_ _ = Ok None in
	let authenticator =
	match authenticator with
	\| None -> (
	match NSS.authenticator () with
	\| Ok authenticator -> authenticator
	\| Error (`Msg err) -> failwith err)
	\| Some str -> (
	match String.split_on_char ':' str with
	\| "key" :: tls_key_fingerprint ->
	let tls_key_fingerprint = String.concat ":" tls_key_fingerprint in
	let hash, fingerprint = of_fp tls_key_fingerprint in
	X509.Authenticator.server_key_fingerprint ~time ~hash ~fingerprint
	\| "cert" :: tls_cert_fingerprint ->
	let tls_cert_fingerprint =
	String.concat ":" tls_cert_fingerprint
	in
	let hash, fingerprint = of_fp tls_cert_fingerprint in
	X509.Authenticator.server_cert_fingerprint ~time ~hash
	~fingerprint
	\| "trust-anchor" :: certs ->
	let certs = List.map Base64.decode certs in
	let certs = List.map (Result.map Cstruct.of_string) certs in
	let certs =
	List.map
	(fun cert -> Result.bind cert X509.Certificate.decode_der)
	certs
	in
	let certs = List.filter_map Result.to_option certs in
	X509.Authenticator.chain_of_trust ~time certs
	\| [ "none" ] -> none
	\| _ -> Fmt.failwith "Invalid TLS authenticator: %S" str)

Mirage_git_http: When failing to parse authenticator report what the expected format is