Revision: 4258 Author: edi URL: http://bknr.net/trac/changeset/4258
Fix SSL problems (for LispWorks)
U trunk/thirdparty/hunchentoot/acceptor.lisp U trunk/thirdparty/hunchentoot/ssl.lisp A trunk/thirdparty/hunchentoot/test/test-certificate.crt A trunk/thirdparty/hunchentoot/test/test-key-no-password.key
Modified: trunk/thirdparty/hunchentoot/acceptor.lisp =================================================================== --- trunk/thirdparty/hunchentoot/acceptor.lisp 2009-02-16 14:18:15 UTC (rev 4257) +++ trunk/thirdparty/hunchentoot/acceptor.lisp 2009-02-16 20:17:51 UTC (rev 4258) @@ -243,6 +243,7 @@ (defmethod process-connection ((*acceptor* acceptor) (socket t)) (let ((*hunchentoot-stream* (initialize-connection-stream *acceptor* (make-socket-stream socket *acceptor*)))) + (print *hunchentoot-stream*) (unwind-protect ;; process requests until either the acceptor is shut down, ;; *CLOSE-HUNCHENTOOT-STREAM* has been set to T by the
Modified: trunk/thirdparty/hunchentoot/ssl.lisp =================================================================== --- trunk/thirdparty/hunchentoot/ssl.lisp 2009-02-16 14:18:15 UTC (rev 4257) +++ trunk/thirdparty/hunchentoot/ssl.lisp 2009-02-16 20:17:51 UTC (rev 4258) @@ -32,22 +32,21 @@ (defclass ssl-acceptor (acceptor) ((ssl-certificate-file :initarg :ssl-certificate-file :reader acceptor-ssl-certificate-file - :documentation "The namestring of a -certificate file.") + :documentation "A pathname designator for a +certificate file in PEM format.") (ssl-privatekey-file :initarg :ssl-privatekey-file :reader acceptor-ssl-privatekey-file - :documentation "The namestring of a private -key file, or NIL if the certificate file contains the private key.") - (ssl-privatekey-password #+:lispworks #+:lispworks - :initform nil + :documentation "A pathname designator for a +private key file in PEM format, or (only on LispWorks) NIL if the +certificate file contains the private key.") + #+:lispworks + (ssl-privatekey-password :initform nil :initarg :ssl-privatekey-password :reader acceptor-ssl-privatekey-password :documentation "The password for the -private key file or NIL.")) +private key file or NIL for no password.")) (:default-initargs - :port 443 - :input-chunking-p nil - :output-chunking-p nil) + :port 443) (:documentation "This class defines additional slots required to serve requests via SSL."))
@@ -56,6 +55,19 @@ (defmethod acceptor-ssl-p ((acceptor ssl-acceptor)) t)
+(defmethod initialize-instance :after ((acceptor ssl-acceptor) &rest initargs) + (declare (ignore initargs)) + ;; LispWorks can read both from the same file, so we can default one + #+:lispworks + (unless (slot-boundp acceptor 'ssl-privatekey-file) + (setf (slot-value acceptor 'ssl-privatekey-file) + (acceptor-ssl-certificate-file acceptor))) + ;; OpenSSL doesn't know much about Lisp pathnames... + (setf (slot-value acceptor 'ssl-privatekey-file) + (namestring (truename (acceptor-ssl-privatekey-file acceptor))) + (slot-value acceptor 'ssl-certificate-file) + (namestring (truename (acceptor-ssl-certificate-file acceptor))))) + ;; usocket implementation
#-:lispworks @@ -68,14 +80,6 @@
;; LispWorks implementation
-#+:lispworks -(defmethod initialize-instance :after ((acceptor ssl-acceptor) &rest initargs) - (declare (ignore initargs)) - ;; LispWorks can read both from the same file, so we can default one - (unless (slot-boundp acceptor 'ssl-privatekey-file) - (setf (slot-value acceptor 'ssl-privatekey-file) - (acceptor-ssl-certificate-file acceptor)))) - #+lispworks (defun make-ssl-server-stream (socket-stream &key certificate-file privatekey-file privatekey-password) "Given the acceptor socket stream SOCKET-STREAM attaches SSL to the
Added: trunk/thirdparty/hunchentoot/test/test-certificate.crt =================================================================== --- trunk/thirdparty/hunchentoot/test/test-certificate.crt (rev 0) +++ trunk/thirdparty/hunchentoot/test/test-certificate.crt 2009-02-16 20:17:51 UTC (rev 4258) @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB3TCCAUYCCQCDg/PAAhv7kjANBgkqhkiG9w0BAQQFADAzMQswCQYDVQQGEwJE +RTEQMA4GA1UECBMHR2VybWFueTESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTA5MDIx +NjEyMTgzMFoXDTEwMDIxNjEyMTgzMFowMzELMAkGA1UEBhMCREUxEDAOBgNVBAgT +B0dlcm1hbnkxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOB +jQAwgYkCgYEAxpUaQISfEDw3c7VSFsW+oKQViarjMmZNJL7ZWaZlsbVgROPohCRj +qmbS1yjQ0DZQWZK4PMyyXqT90OUIXSohGAB9O3M/etMpMYaRlws66o2mNx/R8bTZ +qGDQcXXRg1Ghsq2JnQsyhl4nTQXMn8KM/jLd6iT9XJd+O6AuWfOlticCAwEAATAN +BgkqhkiG9w0BAQQFAAOBgQCUW7a5BvL8Qoy5Mvd9cxUt8jnDm5KRiEgcmBIIlrVi +bLXmEQaRPQDoxGsrzi/LaUuMitT/kaGwhbdhfwZsjXI2QxuqpPYRhLnPBvn6q77u +e0/yXaPp6UnMnQNw2O8xLcUDeLbRrw9IBPeDUYYP0OaTkJvORwFJ4e6rdVyha4o7 +1A== +-----END CERTIFICATE-----
Added: trunk/thirdparty/hunchentoot/test/test-key-no-password.key =================================================================== --- trunk/thirdparty/hunchentoot/test/test-key-no-password.key (rev 0) +++ trunk/thirdparty/hunchentoot/test/test-key-no-password.key 2009-02-16 20:17:51 UTC (rev 4258) @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQDGlRpAhJ8QPDdztVIWxb6gpBWJquMyZk0kvtlZpmWxtWBE4+iE +JGOqZtLXKNDQNlBZkrg8zLJepP3Q5QhdKiEYAH07cz960ykxhpGXCzrqjaY3H9Hx +tNmoYNBxddGDUaGyrYmdCzKGXidNBcyfwoz+Mt3qJP1cl347oC5Z86W2JwIDAQAB +AoGAJoJhneNaCUb0Je8ipSHhzrsjJhhKiMqH6TlNYvI+xFB9A78CpyV7Yl8gQfM7 +UzVFLamjKr8zU+FBC1Ju5co2sl4u3fPgXwuo5X36IVa03WdClXp0PQ7RsOXqi0Rx +d1maRkxPok7AnSMCAWNeLCgxVmCKzIWLKcvB8idK7evjGUkCQQDyoewf7ey1eNy7 +hv87E9E/gUQ/9A9rEhkKcRbwvEicB+OcxpZl6Br0Z6EJH39AlJe1ii81lSqfPd+h +6WE2uU+lAkEA0YXmYnCJdlcYAORLX3ewibVCikOJUIMt7smGVOK23ubmHh49+KUW +HT3xDPDRVmkmiYzqXZOY0pGUG37b4GAE2wJAXRPa1kDanp835kSaYtpuWjNHsFT7 +GTL/Ii9SApXoMNsh6QGRrpREyt96Olq34VlffYf+JksL57y/rogt/+VE9QJAV+vV +YmeQ92zSsMUb7+K83PyIAJcYjwWNB8/fI83DKURBOlA8dxNndTvh5ClF3vne5weP +7VabYXkfam5QfBYu0wJANPeIsAd8yUdZViiMOH6tE8DUlMy/p1N9Rz0eMSc4uUch +EB59djdHmSknY0JgVZJFybWFWKtbxSvcnrJq/hAcMQ== +-----END RSA PRIVATE KEY-----