Opened 5 years ago

Closed 5 years ago

#1210 closed enhancement (fixed)

http-client should support SSL mutual authentication

Reported by: rsenior Owned by:
Priority: major Milestone: someday
Component: unknown Version: 4.9.x
Keywords: Cc:
Estimated difficulty:

Description

The openssl egg supports mutual authentication, but http-client currently does not allow users to specify the openssl connection settings.

Attachments (2)

http-client-changes.diff (1.5 KB) - added by rsenior 5 years ago.
intarweb-changes.diff (1.6 KB) - added by rsenior 5 years ago.

Download all attachments as: .zip

Change History (4)

Changed 5 years ago by rsenior

Attachment: http-client-changes.diff added

Changed 5 years ago by rsenior

Attachment: intarweb-changes.diff added

comment:1 Changed 5 years ago by rsenior

Attached two patches that I used to add this new feature to http-client/intarweb

comment:2 Changed 5 years ago by sjamaan

Resolution: fixed
Status: newclosed

Thanks for reporting this missing feature, and suggesting a fix. The fix looks alright, but I don't think the change in intarweb is required: connection management is something unique to the application. intarweb's responsibility is dealing with the protocol only (parsing headers, wrapping ports to support chunking and so on), so this change does not belong there.

Instead, I have simply added yet another parameter to http-client, which can be overriden in an application that wishes to manage connections. I'm not 100% happy with it yet (because the connection cache is not under application control, only the setting up of connections), but it will have to do for now.

I have committed changeset [32633] to fix this. Please give it a try. It hasn't been released yet, so you'll have to check out http-client trunk. You can use it by supplying a parameter called server-connector, which holds a procedure of 2 arguments: the uri and the proxy (which may be #f if no proxy is in use). The default connector is named default-server-connector, so you can still call this if you want to.

Please let me know how it works for you. If it's all good I will document and release this.

Note: See TracTickets for help on using tickets.