[bknr-cvs] edi changed trunk/thirdparty/hunchentoot/
BKNR Commits
bknr at bknr.net
Mon Feb 16 20:17:51 UTC 2009
Revision: 4258
Author: edi
URL: http://bknr.net/trac/changeset/4258
Fix SSL problems (for LispWorks)
U trunk/thirdparty/hunchentoot/acceptor.lisp
U trunk/thirdparty/hunchentoot/ssl.lisp
A trunk/thirdparty/hunchentoot/test/test-certificate.crt
A trunk/thirdparty/hunchentoot/test/test-key-no-password.key
Modified: trunk/thirdparty/hunchentoot/acceptor.lisp
===================================================================
--- trunk/thirdparty/hunchentoot/acceptor.lisp 2009-02-16 14:18:15 UTC (rev 4257)
+++ trunk/thirdparty/hunchentoot/acceptor.lisp 2009-02-16 20:17:51 UTC (rev 4258)
@@ -243,6 +243,7 @@
(defmethod process-connection ((*acceptor* acceptor) (socket t))
(let ((*hunchentoot-stream*
(initialize-connection-stream *acceptor* (make-socket-stream socket *acceptor*))))
+ (print *hunchentoot-stream*)
(unwind-protect
;; process requests until either the acceptor is shut down,
;; *CLOSE-HUNCHENTOOT-STREAM* has been set to T by the
Modified: trunk/thirdparty/hunchentoot/ssl.lisp
===================================================================
--- trunk/thirdparty/hunchentoot/ssl.lisp 2009-02-16 14:18:15 UTC (rev 4257)
+++ trunk/thirdparty/hunchentoot/ssl.lisp 2009-02-16 20:17:51 UTC (rev 4258)
@@ -32,22 +32,21 @@
(defclass ssl-acceptor (acceptor)
((ssl-certificate-file :initarg :ssl-certificate-file
:reader acceptor-ssl-certificate-file
- :documentation "The namestring of a
-certificate file.")
+ :documentation "A pathname designator for a
+certificate file in PEM format.")
(ssl-privatekey-file :initarg :ssl-privatekey-file
:reader acceptor-ssl-privatekey-file
- :documentation "The namestring of a private
-key file, or NIL if the certificate file contains the private key.")
- (ssl-privatekey-password #+:lispworks #+:lispworks
- :initform nil
+ :documentation "A pathname designator for a
+private key file in PEM format, or \(only on LispWorks) NIL if the
+certificate file contains the private key.")
+ #+:lispworks
+ (ssl-privatekey-password :initform nil
:initarg :ssl-privatekey-password
:reader acceptor-ssl-privatekey-password
:documentation "The password for the
-private key file or NIL."))
+private key file or NIL for no password."))
(:default-initargs
- :port 443
- :input-chunking-p nil
- :output-chunking-p nil)
+ :port 443)
(:documentation "This class defines additional slots required to
serve requests via SSL."))
@@ -56,6 +55,19 @@
(defmethod acceptor-ssl-p ((acceptor ssl-acceptor))
t)
+(defmethod initialize-instance :after ((acceptor ssl-acceptor) &rest initargs)
+ (declare (ignore initargs))
+ ;; LispWorks can read both from the same file, so we can default one
+ #+:lispworks
+ (unless (slot-boundp acceptor 'ssl-privatekey-file)
+ (setf (slot-value acceptor 'ssl-privatekey-file)
+ (acceptor-ssl-certificate-file acceptor)))
+ ;; OpenSSL doesn't know much about Lisp pathnames...
+ (setf (slot-value acceptor 'ssl-privatekey-file)
+ (namestring (truename (acceptor-ssl-privatekey-file acceptor)))
+ (slot-value acceptor 'ssl-certificate-file)
+ (namestring (truename (acceptor-ssl-certificate-file acceptor)))))
+
;; usocket implementation
#-:lispworks
@@ -68,14 +80,6 @@
;; LispWorks implementation
-#+:lispworks
-(defmethod initialize-instance :after ((acceptor ssl-acceptor) &rest initargs)
- (declare (ignore initargs))
- ;; LispWorks can read both from the same file, so we can default one
- (unless (slot-boundp acceptor 'ssl-privatekey-file)
- (setf (slot-value acceptor 'ssl-privatekey-file)
- (acceptor-ssl-certificate-file acceptor))))
-
#+lispworks
(defun make-ssl-server-stream (socket-stream &key certificate-file privatekey-file privatekey-password)
"Given the acceptor socket stream SOCKET-STREAM attaches SSL to the
Added: trunk/thirdparty/hunchentoot/test/test-certificate.crt
===================================================================
--- trunk/thirdparty/hunchentoot/test/test-certificate.crt (rev 0)
+++ trunk/thirdparty/hunchentoot/test/test-certificate.crt 2009-02-16 20:17:51 UTC (rev 4258)
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB3TCCAUYCCQCDg/PAAhv7kjANBgkqhkiG9w0BAQQFADAzMQswCQYDVQQGEwJE
+RTEQMA4GA1UECBMHR2VybWFueTESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTA5MDIx
+NjEyMTgzMFoXDTEwMDIxNjEyMTgzMFowMzELMAkGA1UEBhMCREUxEDAOBgNVBAgT
+B0dlcm1hbnkxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAxpUaQISfEDw3c7VSFsW+oKQViarjMmZNJL7ZWaZlsbVgROPohCRj
+qmbS1yjQ0DZQWZK4PMyyXqT90OUIXSohGAB9O3M/etMpMYaRlws66o2mNx/R8bTZ
+qGDQcXXRg1Ghsq2JnQsyhl4nTQXMn8KM/jLd6iT9XJd+O6AuWfOlticCAwEAATAN
+BgkqhkiG9w0BAQQFAAOBgQCUW7a5BvL8Qoy5Mvd9cxUt8jnDm5KRiEgcmBIIlrVi
+bLXmEQaRPQDoxGsrzi/LaUuMitT/kaGwhbdhfwZsjXI2QxuqpPYRhLnPBvn6q77u
+e0/yXaPp6UnMnQNw2O8xLcUDeLbRrw9IBPeDUYYP0OaTkJvORwFJ4e6rdVyha4o7
+1A==
+-----END CERTIFICATE-----
Added: trunk/thirdparty/hunchentoot/test/test-key-no-password.key
===================================================================
--- trunk/thirdparty/hunchentoot/test/test-key-no-password.key (rev 0)
+++ trunk/thirdparty/hunchentoot/test/test-key-no-password.key 2009-02-16 20:17:51 UTC (rev 4258)
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDGlRpAhJ8QPDdztVIWxb6gpBWJquMyZk0kvtlZpmWxtWBE4+iE
+JGOqZtLXKNDQNlBZkrg8zLJepP3Q5QhdKiEYAH07cz960ykxhpGXCzrqjaY3H9Hx
+tNmoYNBxddGDUaGyrYmdCzKGXidNBcyfwoz+Mt3qJP1cl347oC5Z86W2JwIDAQAB
+AoGAJoJhneNaCUb0Je8ipSHhzrsjJhhKiMqH6TlNYvI+xFB9A78CpyV7Yl8gQfM7
+UzVFLamjKr8zU+FBC1Ju5co2sl4u3fPgXwuo5X36IVa03WdClXp0PQ7RsOXqi0Rx
+d1maRkxPok7AnSMCAWNeLCgxVmCKzIWLKcvB8idK7evjGUkCQQDyoewf7ey1eNy7
+hv87E9E/gUQ/9A9rEhkKcRbwvEicB+OcxpZl6Br0Z6EJH39AlJe1ii81lSqfPd+h
+6WE2uU+lAkEA0YXmYnCJdlcYAORLX3ewibVCikOJUIMt7smGVOK23ubmHh49+KUW
+HT3xDPDRVmkmiYzqXZOY0pGUG37b4GAE2wJAXRPa1kDanp835kSaYtpuWjNHsFT7
+GTL/Ii9SApXoMNsh6QGRrpREyt96Olq34VlffYf+JksL57y/rogt/+VE9QJAV+vV
+YmeQ92zSsMUb7+K83PyIAJcYjwWNB8/fI83DKURBOlA8dxNndTvh5ClF3vne5weP
+7VabYXkfam5QfBYu0wJANPeIsAd8yUdZViiMOH6tE8DUlMy/p1N9Rz0eMSc4uUch
+EB59djdHmSknY0JgVZJFybWFWKtbxSvcnrJq/hAcMQ==
+-----END RSA PRIVATE KEY-----
More information about the Bknr-cvs
mailing list