I think it might be this easy (although I have ignored support for Allegro, given that I can't afford their licensing fees):
--- request.lisp.orig 2009-04-14 02:58:20.000000000 -0700 +++ request.lisp 2009-04-14 03:03:15.000000000 -0700 @@ -200,6 +200,8 @@ force-binary want-stream stream + client-ssl-certificate + client-ssl-key #+:lispworks (connection-timeout 20) #+:lispworks (read-timeout 20) #+(and :lispworks (not :lw-does-not-have-write-timeout)) @@ -475,9 +477,15 @@ (socket:make-ssl-client-stream http-stream) #-:allegro (let ((s http-stream)) - (cl+ssl:make-ssl-client-stream - (cl+ssl:stream-fd s) - :close-callback (lambda () (close s))))))) + (if (and client-ssl-certificate client-ssl-key) + (cl+ssl:make-ssl-client-stream + (cl+ssl:stream-fd s) + :certificate client-ssl-certificate + :key client-ssl-key + :close-callback (lambda () (close s))) + (cl+ssl:make-ssl-client-stream + (cl+ssl:stream-fd s) + :close-callback (lambda () (close s)))))))) (cond (stream (setf (flexi-stream-element-type http-stream) #+:lispworks 'lw:simple-char #-:lispworks 'character
I will test this as soon as I get my client certificate from the credit card processor.
Cheers. Kevin Raison
Kevin Raison wrote:
Edi, basically, the HTTP server forces the client to authenticate itself using a client certificate. I believe RFC2246 describes the process, see http://www.ietf.org/rfc/rfc2246.txt. The patches at http://web.kepibu.org/code/lisp/cl+ssl/ which add client certificate support have already been incorporated into CL+SSL, so it should be relatively easy to add support to Drakma, perhaps by adding client-ssl-certificate and client-ssl-key keywords to http-request and then passing the args to cl+ssl:make-ssl-client-stream in request.lisp. Unless I have missed something and there is a way to do this already, I will experiment and send you a patch.
Cheers. Kevin
Edi Weitz wrote:
On Tue, Apr 14, 2009 at 12:28 AM, Kevin Raison raison@chatsubo.net wrote:
Hello. I am using a site for credit card authorization that requires me to send my personal SSL certificate with any POST. I don't see anything in the Drakma documentation about how to go about this; is it possible? I would rather not use curl, but it does have the -E option that allows for sending certificates to the remote host. Any help would be appreciated!
I have to admit that I'm not familiar with how this is done in general. Is there an RFC for this or can you point me to some documentation?
Thanks, Edi.
drakma-devel mailing list drakma-devel@common-lisp.net http://common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel
drakma-devel mailing list drakma-devel@common-lisp.net http://common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel