I think it might be this easy (although I have ignored support for
Allegro, given that I can't afford their licensing fees):
--- request.lisp.orig 2009-04-14 02:58:20.000000000 -0700
+++ request.lisp 2009-04-14 03:03:15.000000000 -0700
@@ -200,6 +200,8 @@
force-binary
want-stream
stream
+ client-ssl-certificate
+ client-ssl-key
#+:lispworks (connection-timeout 20)
#+:lispworks (read-timeout 20)
#+(and :lispworks (not
:lw-does-not-have-write-timeout))
@@ -475,9 +477,15 @@
(socket:make-ssl-client-stream http-stream)
#-:allegro
(let ((s http-stream))
- (cl+ssl:make-ssl-client-stream
- (cl+ssl:stream-fd s)
- :close-callback (lambda () (close s)))))))
+ (if (and client-ssl-certificate client-ssl-key)
+ (cl+ssl:make-ssl-client-stream
+ (cl+ssl:stream-fd s)
+ :certificate client-ssl-certificate
+ :key client-ssl-key
+ :close-callback (lambda () (close s)))
+ (cl+ssl:make-ssl-client-stream
+ (cl+ssl:stream-fd s)
+ :close-callback (lambda () (close s))))))))
(cond (stream
(setf (flexi-stream-element-type http-stream)
#+:lispworks 'lw:simple-char #-:lispworks
'character
I will test this as soon as I get my client certificate from the credit
card processor.
Cheers.
Kevin Raison
Kevin Raison wrote:
> Edi, basically, the HTTP server forces the client to authenticate itself
> using a client certificate. I believe RFC2246 describes the process,
> see http://www.ietf.org/rfc/rfc2246.txt. The patches at
> http://web.kepibu.org/code/lisp/cl+ssl/ which add client certificate
> support have already been incorporated into CL+SSL, so it should be
> relatively easy to add support to Drakma, perhaps by adding
> client-ssl-certificate and client-ssl-key keywords to http-request and
> then passing the args to cl+ssl:make-ssl-client-stream in request.lisp.
> Unless I have missed something and there is a way to do this already,
> I will experiment and send you a patch.
>
> Cheers.
> Kevin
>
>
> Edi Weitz wrote:
>> On Tue, Apr 14, 2009 at 12:28 AM, Kevin Raison <rai...@chatsubo.net> wrote:
>>> Hello. I am using a site for credit card authorization that requires me
>>> to send my personal SSL certificate with any POST. I don't see anything
>>> in the Drakma documentation about how to go about this; is it possible?
>>> I would rather not use curl, but it does have the -E option that
>>> allows for sending certificates to the remote host. Any help would be
>>> appreciated!
>> I have to admit that I'm not familiar with how this is done in
>> general. Is there an RFC for this or can you point me to some
>> documentation?
>>
>> Thanks,
>> Edi.
>>
>> _______________________________________________
>> drakma-devel mailing list
>> drakma-devel@common-lisp.net
>> http://common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel
>>
>
> _______________________________________________
> drakma-devel mailing list
> drakma-devel@common-lisp.net
> http://common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel
>
_______________________________________________
drakma-devel mailing list
drakma-devel@common-lisp.net
http://common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel
