Re: Better HTTPS support in (web client)

2020-01-18 Thread Amirouche Boubekki
Le ven. 10 janv. 2020 à 16:56, Chris Vine  a écrit :
>
> Is the new implementation usable with suspendable ports?  When I last
> looked the read-response-body procedure was not, which meant that
> http-get and http-put were not, which meant that you could not really
> use them with fibers.

Is that because of get-bytevector-all is coded in C?



Re: Better HTTPS support in (web client)

2020-01-13 Thread Ludovic Courtès
Hi Andy,

Andy Wingo  skribis:

> On Fri 10 Jan 2020 15:49, Ludovic Courtès  writes:
>
>> Hello Guilers!
>>
>> I’ve pushed a ‘wip-https-client’ branch that contains improvements for
>> HTTPS support in (web client) that I’d like to be part of Guile 3:
>>
>>   https://git.savannah.gnu.org/cgit/guile.git/log/?h=wip-https-client
>
> Looks nice, sounds like a great thing to merge in!

Pushed with a ‘NEWS’ entry!

Apologies for missing 2.9.9.

Thanks,
Ludo’.



Re: Better HTTPS support in (web client)

2020-01-13 Thread Ludovic Courtès
Hello!

Chris Vine  skribis:

> Is the new implementation usable with suspendable ports?  When I last
> looked the read-response-body procedure was not, which meant that
> http-get and http-put were not, which meant that you could not really
> use them with fibers.

It’s not a “new implementation”, rather additional (and IMO important)
features that are added.

So it works as before, meaning that data is passed through a GnuTLS
“session record port”.  And that, in turn, that means this is not
suspendable, unfortunately.

To address that, it should be possible to avoid the session record port
and instead use the lower-level GnuTLS ‘record-receive!’ and
‘record-send’ procedures.  This is left as an excercise to the reader.
:-)

Thanks,
Ludo’.



Re: Better HTTPS support in (web client)

2020-01-10 Thread Andy Wingo
On Fri 10 Jan 2020 15:49, Ludovic Courtès  writes:

> Hello Guilers!
>
> I’ve pushed a ‘wip-https-client’ branch that contains improvements for
> HTTPS support in (web client) that I’d like to be part of Guile 3:
>
>   https://git.savannah.gnu.org/cgit/guile.git/log/?h=wip-https-client

Looks nice, sounds like a great thing to merge in!

Andy



Re: Better HTTPS support in (web client)

2020-01-10 Thread Chris Vine
On Fri, 10 Jan 2020 15:49:49 +0100
Ludovic Courtès  wrote:
> Hello Guilers!
> 
> I’ve pushed a ‘wip-https-client’ branch that contains improvements for
> HTTPS support in (web client) that I’d like to be part of Guile 3:
> 
>   https://git.savannah.gnu.org/cgit/guile.git/log/?h=wip-https-client
> 
> In a nutshell:
> 
>   • $https_proxy support and a ‘current-https-proxy’ parameter;
> 
>   • better TLS alert handling;
> 
>   • verification of server certificates (!).
> 
> You can test it with a program as simple as:
> 
>   (use-modules (web client))
> 
>   (call-with-values
>   (lambda ()
> (http-get "https://guix.gnu.org;))
> pk)
> 
> You can test how expired certificates are handled with:
> 
>   guix environment --ad-hoc libfaketime -- \
>  faketime 2022-01-01 ./meta/guile /tmp/https.scm
> 
> To check whether $https_proxy is honored, try:
> 
>   https_proxy=http://localhost:8118 strace -e connect \
> ./meta/guile /tmp/https.scm
> 
> (I have Privoxy running as a proxy on that port.)
> 
> Feedback welcome!

Is the new implementation usable with suspendable ports?  When I last
looked the read-response-body procedure was not, which meant that
http-get and http-put were not, which meant that you could not really
use them with fibers.

Chris