Hi, has anyone done anything to get LW to talk to SSL? I'm basically completely ignorant of SSL, but I'm aware that I need some kind of authenticated and encrypted connection (both server and client side), and as far as I can see, ssl is the way to do this. Assuming SSL presents connections as some kind of Unix fd at some point, then it kind of ought to be fairly easy, at least on Unix/Linux I think? --tim
Am Fre, 2002-07-12 um 19.37 schrieb Tim Bradshaw:
> Hi, has anyone done anything to get LW to talk to SSL? I'm basically
> completely ignorant of SSL, but I'm aware that I need some kind of
> authenticated and encrypted connection (both server and client side),
> and as far as I can see, ssl is the way to do this.
>
> Assuming SSL presents connections as some kind of Unix fd at some
> point, then it kind of ought to be fairly easy, at least on Unix/Linux
> I think?
I have written a FLI binding to "OpenSSL" called "CL-SSL". You can
download it from
http://www.dataheaven.de
It contains it's own buffering code which I want to change to use the
Graystreams buffering enhancements of LW. It should run on LispWorks and
CMUCL.
CL-SSL is layered into three parts. The lowest part consists of FFI
definitions for several C functions of the OpenSSL library and a
definition of some "byte-vector" datatype used for the buffers.
The mid part implements a very simple buffering protocol above of the
lowest layer and exposes some I/O functions.
The streams integration layer uses the mid layer to integrate SSL into
Common Lisp streams (actually by using Gray-Streams).
[streams integration]
[buffering primitives]
[FLI definitions]
The only lisp-system dependent code should be in the lowest layer. (At
least if the system supports gray-streams).
Good ideas to enhance CL-SSL would be to replace the lowest layer with
UFFI and changing the buffering protocol so that it can make use of what
LW provides for that purpose.
Sidenote:
CL-SSL is maintained in the same CVS like Portable AllegroServe - the
package from my homepage contains a license-note that it is "free for
non-commercial work" until I found the right licence for it. This
history - CL-SSL uses now the LLGPL (the same license like (Portable)
AllegroServe).
ciao,
Jochen
>>>>> Jochen Schmidt writes: Jochen> I have written a FLI binding to "OpenSSL" called "CL-SSL". You can Jochen> download it from Jochen> http://www.dataheaven.de I've recently started to use Jochen's CL-SSL (to do HTTPS requests) on Lispworks on Linux, and can confirm that it works, though I did need to tweak a few things to get it to run in delivered applications. Just thought you'd like one more data point that you wouldn't be wasting your time installing it. cheers, -- Alain Picard Memetrics