Fwd: [squeak-dev] SSLSocket and basic http auth (api.del.icio.us or mail.google.com or ...)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Fwd: [squeak-dev] SSLSocket and basic http auth (api.del.icio.us or mail.google.com or ...)

Simon Kirk
Hi all.

This list has been quiet for ages, but I hope that we can get some kind of response here as there's been nothing on Squeak-Dev.

Please see the forwarded message below. It's part of a two-message thread, there are two parties (my company, and [hidden email]) trying to use SSLSocket, and having no joy.

Please can anybody help? I'm trying to use CurlPlugin as a workaround, but this is for XML-RPC calls, which needs POST requests with a customer content-type. The upshot is that CurlPlugin is unsuitable.

Ultimately, I'm thinking that if SSLSocket doesn't work, I'm going to have to look to Gemstone or something, and that's a totally foreign environment to me!

Cheers,
Simon

Begin forwarded message:

From: Simon Kirk <[hidden email]>
Date: 20 February 2009 15:51:18 GMT
To: The general-purpose Squeak developers list <[hidden email]>
Subject: Re: [squeak-dev] SSLSocket and basic http auth (api.del.icio.us or mail.google.com or ...)
Reply-To: The general-purpose Squeak developers list <[hidden email]>

I hate to say it but I'm getting even worse behaviour. For HTTPS sites that don't require HTTP auth at all, they also fail.

For instance:

'https://www.amazon.com' asUrl retrieveContents content

Printit yields:  'error occured retrieving https://www.amazon.com/: Server www.amazon.com is not responding'

Ditto for lots of other sites, such as Google.

Interestingly, it still works for *some* of the examples from the SSL Workspace provided with the SSL package (https://investing.schwab.com/ and 'https://www.usaa.com') but not others.

This implies some sort of cipher or protocol the SSL suite doesn't support.

This is pretty bad for us, as we need to do some stuff for a client that involves XML-RPC calls to an SSL server, which I've just discovered doesn't work with the SSL package :(

Cheers,
Simon


On 20 Feb 2009, at 12:57, Pierre-Edouard PORTIER wrote:

Hi!
I try to connect to SSL + Basic HTTP Auth sites, for example : https://mail.google.com or https://api.del.icio.us
When I try :

| conn |
conn := SSLSocket newConnectionAddress: (NetNameResolver addressForName: 'mail.google.com') port: 443

I obtain a socket with state: SSLConnectionClosed.
With sites that do not require HTTP Basic authentication :

| conn |
conn := SSLSocket newConnectionAddress: (NetNameResolver addressForName: 'www.usaa.com') port: 443

I obtain a SSLSocket with state: SSLConnectionConnected.
But don't we need an open socket in order to send the request with the authentication data in the header ?

In fact, inside the HttpsSocket>>httpsGetDocumentFromUrl: url args: args accept: mimeType request: requestString we find:

sock := HttpsSocket new.
        sock connectTo: serverAddr port: connectToPort.
        (sock waitForConnectionUntil: (Time millisecondClockValue + (10000) truncated)) ifTrue: [
            sock sendCommand: 'GET ', page, ' HTTP/1.0', String crlf,
                (mimeType ifNotNil: ['ACCEPT: ', mimeType, String crlf] ifNil: ['']),
                'ACCEPT: text/html', String crlf,    "Always accept plain text"
                requestString,    "extra user request. Authorization"
                'Host: ', serverName, ':', port printString, String crlf.
etc.etc.
with the possibility to put the authentication header inside the requestString.

Has someone any idea how to solve this problem?

Thank you.

pep



Click here to report this email as spam.





 

ΓΌ Consider your responsibility to the environment - think before you print!

*******************************************************************************************************************************************

This email is from Pinesoft Limited. Its contents are confidential to the intended recipient(s) at the email address(es) to which it has been addressed. It may not be disclosed to or used by anyone other than the addressee(s), nor may it be copied in anyway. If received in error, please contact the sender, then delete it from your system. Although this email and attachments are believed to be free of virus, or any other defect which might affect any computer or IT system into which they are received and opened, it is the responsibility of the recipient to ensure that they are virus free and no responsibility is accepted by Pinesoft for any loss or damage arising in any way from receipt or use thereof.

******************************************************************************************************************************************* 

Pinesoft Limited are registered in England, Registered number: 2914825. Registered office: 266-268 High Street, Waltham Cross, Herts, EN8 7EA

 




_______________________________________________
Cryptography mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
Reply | Threaded
Open this post in threaded view
|

Re: Fwd: [squeak-dev] SSLSocket and basic http auth (api.del.icio.us or mail.google.com or ...)

Levente Uzonyi-2
Hi!

Since the Cryptography Team doesn't exists anymore, the Cryptography
package is not maintained by anyone. The SSL implementation doesn't allow
easy debugging, you can't just turn on logging to see what's happening.
Following the state machine transitions should give you the answer why the
handshake isn't succeding. It might be related to certificates or
TLS->SSL3 fallback. If I were you, I would go with curl.
There are two ways to use curl for your stuff:
1. Modify CurlPlugin. Since the current version of CurlPlugin doesn't give
you access to the http headers, you have to add this feature to the plugin
and the api code.
2. The easier way is to use OSProcess and call the curl command
line utility directly. With the -H command line switch you can add or
modify http headers. This should work with linux and mac.

Cheers,
Levente

On Sun, 22 Feb 2009, Simon Kirk wrote:

> Hi all.
>
> This list has been quiet for ages, but I hope that we can get some kind of
> response here as there's been nothing on Squeak-Dev.
>
> Please see the forwarded message below. It's part of a two-message thread,
> there are two parties (my company, and [hidden email])
> trying to use SSLSocket, and having no joy.
>
> Please can anybody help? I'm trying to use CurlPlugin as a workaround, but
> this is for XML-RPC calls, which needs POST requests with a customer
> content-type. The upshot is that CurlPlugin is unsuitable.
>
> Ultimately, I'm thinking that if SSLSocket doesn't work, I'm going to have to
> look to Gemstone or something, and that's a totally foreign environment to
> me!
>
> Cheers,
> Simon
>
_______________________________________________
Cryptography mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography