Revision: 4302 Author: edi URL: http://bknr.net/trac/changeset/4302
SSL key passwords for the rest
U trunk/thirdparty/hunchentoot/CHANGELOG U trunk/thirdparty/hunchentoot/doc/index.xml U trunk/thirdparty/hunchentoot/ssl.lisp
Modified: trunk/thirdparty/hunchentoot/CHANGELOG =================================================================== --- trunk/thirdparty/hunchentoot/CHANGELOG 2009-02-19 14:18:41 UTC (rev 4301) +++ trunk/thirdparty/hunchentoot/CHANGELOG 2009-02-20 07:26:37 UTC (rev 4302) @@ -1,3 +1,5 @@ +Enable SSL key passwords for Lisps other than LW (Vsevolod) + Version 1.0.0 2009-02-19 Complete architectural redesign (together with Hans Hübner)
Modified: trunk/thirdparty/hunchentoot/doc/index.xml =================================================================== --- trunk/thirdparty/hunchentoot/doc/index.xml 2009-02-19 14:18:41 UTC (rev 4301) +++ trunk/thirdparty/hunchentoot/doc/index.xml 2009-02-20 07:26:37 UTC (rev 4302) @@ -353,10 +353,10 @@ required initargs, <code>:SSL-CERTIFICATE-FILE</code> and <code>:SSL-PRIVATEKEY-FILE</code>, for pathname designators denoting the certificate file and the key file in PEM format. On LispWorks, you can have both in one file in which case -the second initarg is optional. On LispWorks, you can also use the -<code>:SSL-PRIVATEKEY-PASSWORD</code> initarg to provide a password (as a string) -for the key file (or <code>NIL</code>, the default, for no password). On other -Lisps, the key file must not be password-protected. +the second initarg is optional. You can also use the +<code>:SSL-PRIVATEKEY-PASSWORD</code> initarg to provide a password +(as a string) for the key file (or <code>NIL</code>, the default, for +no password). <p> The default port for clix:refSSL-ACCEPTOR</clix:ref> instances is 443 instead of 80 </p>
Modified: trunk/thirdparty/hunchentoot/ssl.lisp =================================================================== --- trunk/thirdparty/hunchentoot/ssl.lisp 2009-02-19 14:18:41 UTC (rev 4301) +++ trunk/thirdparty/hunchentoot/ssl.lisp 2009-02-20 07:26:37 UTC (rev 4302) @@ -39,7 +39,6 @@ :documentation "A pathname designator for a private key file in PEM format, or (only on LispWorks) NIL if the certificate file contains the private key.") - #+:lispworks (ssl-privatekey-password :initform nil :initarg :ssl-privatekey-password :reader acceptor-ssl-privatekey-password @@ -52,10 +51,9 @@ required initargs, :SSL-CERTIFICATE-FILE and :SSL-PRIVATEKEY-FILE, for pathname designators denoting the certificate file and the key file in PEM format. On LispWorks, you can have both in one file in which case -the second initarg is optional. On LispWorks, you can also use the +the second initarg is optional. You can also use the :SSL-PRIVATEKEY-PASSWORD initarg to provide a password (as a string) -for the key file (or NIL, the default, for no password). On other -Lisps, the key file must not be password-protected. +for the key file (or NIL, the default, for no password).
The default port for SSL-ACCEPTOR instances is 443 instead of 80"))
@@ -85,11 +83,12 @@ (call-next-method acceptor (cl+ssl:make-ssl-server-stream stream :certificate (acceptor-ssl-certificate-file acceptor) - :key (acceptor-ssl-privatekey-file acceptor)))) + :key (acceptor-ssl-privatekey-file acceptor) + :password (acceptor-ssl-privatekey-password acceptor))))
;; LispWorks implementation
-#+lispworks +#+:lispworks (defun make-ssl-server-stream (socket-stream &key certificate-file privatekey-file privatekey-password) "Given the acceptor socket stream SOCKET-STREAM attaches SSL to the stream using the certificate file CERTIFICATE-FILE and the private key