SstHttpClient forTransportScheme: 'https' example

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

SstHttpClient forTransportScheme: 'https' example

Santiago Cardoso Geller-3
Hi everybody. I need some help to understand how to open an url using ssl, like a simple webClient does. Something like this:

| client response |
 
client := (SstHttpClient forTransportScheme: 'https') startUp.
response := [client get: ('https://search.yahoo.com/')] ensure: [client shutDown].
^response basicContents asString



I exported from firefox the certificate and copied it as cert.pem into the image directory, but is not enough and I really can't figure out how to make this to work.

I would appreciate any example from someone with more experience.

Thanks,
Santiago

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: SstHttpClient forTransportScheme: 'https' example

Jan van de Sandt
Hi Santiage,

You can try this: SstHttpsClientExample fetch: 'https://search.yahoo.com/'

And use the debugger to see what happens. Most of the logic is in SstHttp11ClientExample>>#basicFetch:

Cheers,
Jan.



On Sun, Jan 11, 2015 at 6:59 PM, Santiago Cardoso Geller <[hidden email]> wrote:
Hi everybody. I need some help to understand how to open an url using ssl, like a simple webClient does. Something like this:

| client response |
 
client := (SstHttpClient forTransportScheme: 'https') startUp.
response := [client get: ('https://search.yahoo.com/')] ensure: [client shutDown].
^response basicContents asString



I exported from firefox the certificate and copied it as cert.pem into the image directory, but is not enough and I really can't figure out how to make this to work.

I would appreciate any example from someone with more experience.

Thanks,
Santiago

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: SstHttpClient forTransportScheme: 'https' example

Santiago Cardoso Geller-3
Thanks Jan. But it returns the same error:

'Could not send to: SstSendError(''SSL handshake failed: HANDSHAKE_FAILURE (40): SSL3_READ_BYTES'')'

I don't understand where to setup for auto-accept certificates.

El lunes, 12 de enero de 2015, 15:45:29 (UTC-3), Jan van de Sandt escribió:
Hi Santiage,

You can try this: SstHttpsClientExample fetch: '<a href="https://search.yahoo.com/" style="white-space:pre-wrap" target="_blank" onmousedown="this.href='https://www.google.com/url?q\75https%3A%2F%2Fsearch.yahoo.com%2F\46sa\75D\46sntz\0751\46usg\75AFQjCNFECNdsMPklAXF217Aly0928zDs4A';return true;" onclick="this.href='https://www.google.com/url?q\75https%3A%2F%2Fsearch.yahoo.com%2F\46sa\75D\46sntz\0751\46usg\75AFQjCNFECNdsMPklAXF217Aly0928zDs4A';return true;">https://search.yahoo.com/'

And use the debugger to see what happens. Most of the logic is in SstHttp11ClientExample>>#basicFetch:

Cheers,
Jan.



On Sun, Jan 11, 2015 at 6:59 PM, Santiago Cardoso Geller <<a href="javascript:" target="_blank" gdf-obfuscated-mailto="xde8GqjYKFMJ" onmousedown="this.href='javascript:';return true;" onclick="this.href='javascript:';return true;">cardos...@...> wrote:
Hi everybody. I need some help to understand how to open an url using ssl, like a simple webClient does. Something like this:

| client response |
 
client := (SstHttpClient forTransportScheme: 'https') startUp.
response := [client get: ('<a href="https://search.yahoo.com/" target="_blank" onmousedown="this.href='https://www.google.com/url?q\75https%3A%2F%2Fsearch.yahoo.com%2F\46sa\75D\46sntz\0751\46usg\75AFQjCNFECNdsMPklAXF217Aly0928zDs4A';return true;" onclick="this.href='https://www.google.com/url?q\75https%3A%2F%2Fsearch.yahoo.com%2F\46sa\75D\46sntz\0751\46usg\75AFQjCNFECNdsMPklAXF217Aly0928zDs4A';return true;">https://search.yahoo.com/')] ensure: [client shutDown].
^response basicContents asString



I exported from firefox the certificate and copied it as cert.pem into the image directory, but is not enough and I really can't figure out how to make this to work.

I would appreciate any example from someone with more experience.

Thanks,
Santiago

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to <a href="javascript:" target="_blank" gdf-obfuscated-mailto="xde8GqjYKFMJ" onmousedown="this.href='javascript:';return true;" onclick="this.href='javascript:';return true;">va-smalltalk...@googlegroups.com.
To post to this group, send email to <a href="javascript:" target="_blank" gdf-obfuscated-mailto="xde8GqjYKFMJ" onmousedown="this.href='javascript:';return true;" onclick="this.href='javascript:';return true;">va-sma...@....
Visit this group at <a href="http://groups.google.com/group/va-smalltalk" target="_blank" onmousedown="this.href='http://groups.google.com/group/va-smalltalk';return true;" onclick="this.href='http://groups.google.com/group/va-smalltalk';return true;">http://groups.google.com/group/va-smalltalk.
For more options, visit <a href="https://groups.google.com/d/optout" target="_blank" onmousedown="this.href='https://groups.google.com/d/optout';return true;" onclick="this.href='https://groups.google.com/d/optout';return true;">https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: SstHttpClient forTransportScheme: 'https' example

Jan van de Sandt
Hi,

Yes, I'm facing the same error when I try to access Facebook. But it does work on other https websites, like Google. Perhaps some sites use a SSL/TLS configuration that is not supported by the default VASt 8.6.1 https configuration. Unfortunately I don't know enough about SSL/TLS to figure this out.

Jan.

On Mon, Jan 12, 2015 at 8:00 PM, Santiago Cardoso Geller <[hidden email]> wrote:
Thanks Jan. But it returns the same error:

'Could not send to: SstSendError(''SSL handshake failed: HANDSHAKE_FAILURE (40): SSL3_READ_BYTES'')'

I don't understand where to setup for auto-accept certificates.

El lunes, 12 de enero de 2015, 15:45:29 (UTC-3), Jan van de Sandt escribió:
Hi Santiage,

You can try this: SstHttpsClientExample fetch: 'https://search.yahoo.com/'

And use the debugger to see what happens. Most of the logic is in SstHttp11ClientExample>>#basicFetch:

Cheers,
Jan.



On Sun, Jan 11, 2015 at 6:59 PM, Santiago Cardoso Geller <[hidden email]> wrote:
Hi everybody. I need some help to understand how to open an url using ssl, like a simple webClient does. Something like this:

| client response |
 
client := (SstHttpClient forTransportScheme: 'https') startUp.
response := [client get: ('https://search.yahoo.com/')] ensure: [client shutDown].
^response basicContents asString



I exported from firefox the certificate and copied it as cert.pem into the image directory, but is not enough and I really can't figure out how to make this to work.

I would appreciate any example from someone with more experience.

Thanks,
Santiago

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to va-smalltalk...@googlegroups.com.
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: SstHttpClient forTransportScheme: 'https' example

Santiago Cardoso Geller-3
Me neither, but thanks for your answer. Now I have two cases for comparing.

SstHttpsClientExample fetch: 'https://www.google.com/"Works"

SstHttpsClientExample fetch: 'https://search.yahoo.com/"Does not work"


Regards,
Santiago

El lunes, 12 de enero de 2015, 16:09:32 (UTC-3), Jan van de Sandt escribió:
Hi,

Yes, I'm facing the same error when I try to access Facebook. But it does work on other https websites, like Google. Perhaps some sites use a SSL/TLS configuration that is not supported by the default VASt 8.6.1 https configuration. Unfortunately I don't know enough about SSL/TLS to figure this out.

Jan.

On Mon, Jan 12, 2015 at 8:00 PM, Santiago Cardoso Geller <<a href="javascript:" target="_blank" gdf-obfuscated-mailto="jZ3H0or2i-wJ" onmousedown="this.href='javascript:';return true;" onclick="this.href='javascript:';return true;">cardos...@...> wrote:
Thanks Jan. But it returns the same error:

'Could not send to: SstSendError(''SSL handshake failed: HANDSHAKE_FAILURE (40): SSL3_READ_BYTES'')'

I don't understand where to setup for auto-accept certificates.

El lunes, 12 de enero de 2015, 15:45:29 (UTC-3), Jan van de Sandt escribió:
Hi Santiage,

You can try this: SstHttpsClientExample fetch: '<a href="https://search.yahoo.com/" style="white-space:pre-wrap" target="_blank" onmousedown="this.href='https://www.google.com/url?q\75https%3A%2F%2Fsearch.yahoo.com%2F\46sa\75D\46sntz\0751\46usg\75AFQjCNFECNdsMPklAXF217Aly0928zDs4A';return true;" onclick="this.href='https://www.google.com/url?q\75https%3A%2F%2Fsearch.yahoo.com%2F\46sa\75D\46sntz\0751\46usg\75AFQjCNFECNdsMPklAXF217Aly0928zDs4A';return true;">https://search.yahoo.com/'

And use the debugger to see what happens. Most of the logic is in SstHttp11ClientExample>>#basicFetch:

Cheers,
Jan.



On Sun, Jan 11, 2015 at 6:59 PM, Santiago Cardoso Geller <[hidden email]> wrote:
Hi everybody. I need some help to understand how to open an url using ssl, like a simple webClient does. Something like this:

| client response |
 
client := (SstHttpClient forTransportScheme: 'https') startUp.
response := [client get: ('<a href="https://search.yahoo.com/" target="_blank" onmousedown="this.href='https://www.google.com/url?q\75https%3A%2F%2Fsearch.yahoo.com%2F\46sa\75D\46sntz\0751\46usg\75AFQjCNFECNdsMPklAXF217Aly0928zDs4A';return true;" onclick="this.href='https://www.google.com/url?q\75https%3A%2F%2Fsearch.yahoo.com%2F\46sa\75D\46sntz\0751\46usg\75AFQjCNFECNdsMPklAXF217Aly0928zDs4A';return true;">https://search.yahoo.com/')] ensure: [client shutDown].
^response basicContents asString



I exported from firefox the certificate and copied it as cert.pem into the image directory, but is not enough and I really can't figure out how to make this to work.

I would appreciate any example from someone with more experience.

Thanks,
Santiago

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to va-smalltalk...@googlegroups.com.
To post to this group, send email to [hidden email].
Visit this group at <a href="http://groups.google.com/group/va-smalltalk" target="_blank" onmousedown="this.href='http://groups.google.com/group/va-smalltalk';return true;" onclick="this.href='http://groups.google.com/group/va-smalltalk';return true;">http://groups.google.com/group/va-smalltalk.
For more options, visit <a href="https://groups.google.com/d/optout" target="_blank" onmousedown="this.href='https://groups.google.com/d/optout';return true;" onclick="this.href='https://groups.google.com/d/optout';return true;">https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to <a href="javascript:" target="_blank" gdf-obfuscated-mailto="jZ3H0or2i-wJ" onmousedown="this.href='javascript:';return true;" onclick="this.href='javascript:';return true;">va-smalltalk...@googlegroups.com.
To post to this group, send email to <a href="javascript:" target="_blank" gdf-obfuscated-mailto="jZ3H0or2i-wJ" onmousedown="this.href='javascript:';return true;" onclick="this.href='javascript:';return true;">va-sma...@....
Visit this group at <a href="http://groups.google.com/group/va-smalltalk" target="_blank" onmousedown="this.href='http://groups.google.com/group/va-smalltalk';return true;" onclick="this.href='http://groups.google.com/group/va-smalltalk';return true;">http://groups.google.com/group/va-smalltalk.
For more options, visit <a href="https://groups.google.com/d/optout" target="_blank" onmousedown="this.href='https://groups.google.com/d/optout';return true;" onclick="this.href='https://groups.google.com/d/optout';return true;">https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: SstHttpClient forTransportScheme: 'https' example

dmacq
Hi guys,

Execute this code snippet and then save your image:

| tlsv1 httpsl id|
id := 'httpsl'.
tlsv1 := SciSslSocketConfiguration new     sslVersion: SciSslConstants::TLSv1.
httpsl := ( SstTransport configurationForIdentifier: id ).
httpsl    securityConfiguration: tlsv1.
SstTransport configurationRegistry at: id put: httpsl.
(SstTransport configurationForIdentifier: id)  inspect.


Donald [|]

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: SstHttpClient forTransportScheme: 'https' example

Santiago Cardoso Geller-3
Thank you, Donald. Now it works!

Regards,
Santiago

El lunes, 2 de febrero de 2015, 17:31:03 (UTC-3), Donald MacQueen escribió:
Hi guys,

Execute this code snippet and then save your image:

| tlsv1 httpsl id|
id := 'httpsl'.
tlsv1 := SciSslSocketConfiguration new     sslVersion: SciSslConstants::TLSv1.
httpsl := ( SstTransport configurationForIdentifier: id ).
httpsl    securityConfiguration: tlsv1.
SstTransport configurationRegistry at: id put: httpsl.
(SstTransport configurationForIdentifier: id)  inspect.


Donald [|]

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: SstHttpClient forTransportScheme: 'https' example

jtuchel
In reply to this post by dmacq
Hi Donald,

what exactly is the purpose of the snippet? This SST stuff is so weakly documented (or at least hard tuo understand for non-native english speakers)....

I understand this just sets the protocol version to TLSv1 instead of some old SSL version for all connections that create a local endpoint with an identifier of 'httpsl'. Is that correct?

Then: is saving the image really needed for it to work or do you just advise to do so so that the setting is in efect for the future? I think I know the answer, but in SST it seems all is possible.
I think the better advice would be to integrate this snippet into your application startup code, because depending on what technique you use for packaging, this change will not make it into your runtime image.

Joachim


Am Montag, 2. Februar 2015 21:31:03 UTC+1 schrieb Donald MacQueen:
Hi guys,

Execute this code snippet and then save your image:

| tlsv1 httpsl id|
id := 'httpsl'.
tlsv1 := SciSslSocketConfiguration new     sslVersion: SciSslConstants::TLSv1.
httpsl := ( SstTransport configurationForIdentifier: id ).
httpsl    securityConfiguration: tlsv1.
SstTransport configurationRegistry at: id put: httpsl.
(SstTransport configurationForIdentifier: id)  inspect.


Donald [|]

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: SstHttpClient forTransportScheme: 'https' example

dmacq
HI guys,

The SstTransport class has a class variable named ConfigurationRegistry, (inspect SstTransport configurationRegistry) which is a LookupTable of SstHttpConfiguration objects. The one for key 'httpsl' has in its securityConfiguration instance variable a PlatformFunction pointing to SSLv3.  This determines what dll will be used.

The code snippet I posted changes securityConfiguration to a PlatformFunction that uses TLSv1.  Connections can be negotiated downwards to a lesser level of security, but not upwards.  Saving your image will preserve this change.

Donald [|]




On Tuesday, February 3, 2015 at 1:41:15 AM UTC-5, Joachim Tuchel wrote:
Hi Donald,

what exactly is the purpose of the snippet? This SST stuff is so weakly documented (or at least hard tuo understand for non-native english speakers)....

I understand this just sets the protocol version to TLSv1 instead of some old SSL version for all connections that create a local endpoint with an identifier of 'httpsl'. Is that correct?

Then: is saving the image really needed for it to work or do you just advise to do so so that the setting is in efect for the future? I think I know the answer, but in SST it seems all is possible.
I think the better advice would be to integrate this snippet into your application startup code, because depending on what technique you use for packaging, this change will not make it into your runtime image.

Joachim


Am Montag, 2. Februar 2015 21:31:03 UTC+1 schrieb Donald MacQueen:
Hi guys,

Execute this code snippet and then save your image:

| tlsv1 httpsl id|
id := 'httpsl'.
tlsv1 := SciSslSocketConfiguration new     sslVersion: SciSslConstants::TLSv1.
httpsl := ( SstTransport configurationForIdentifier: id ).
httpsl    securityConfiguration: tlsv1.
SstTransport configurationRegistry at: id put: httpsl.
(SstTransport configurationForIdentifier: id)  inspect.


Donald [|]

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at http://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.