[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Better HTTPS support in (web client)
From: |
Chris Vine |
Subject: |
Re: Better HTTPS support in (web client) |
Date: |
Fri, 10 Jan 2020 15:55:54 +0000 |
On Fri, 10 Jan 2020 15:49:49 +0100
Ludovic Courtès <address@hidden> wrote:
> Hello Guilers!
>
> I’ve pushed a ‘wip-https-client’ branch that contains improvements for
> HTTPS support in (web client) that I’d like to be part of Guile 3:
>
> https://git.savannah.gnu.org/cgit/guile.git/log/?h=wip-https-client
>
> In a nutshell:
>
> • $https_proxy support and a ‘current-https-proxy’ parameter;
>
> • better TLS alert handling;
>
> • verification of server certificates (!).
>
> You can test it with a program as simple as:
>
> (use-modules (web client))
>
> (call-with-values
> (lambda ()
> (http-get "https://guix.gnu.org"))
> pk)
>
> You can test how expired certificates are handled with:
>
> guix environment --ad-hoc libfaketime -- \
> faketime 2022-01-01 ./meta/guile /tmp/https.scm
>
> To check whether $https_proxy is honored, try:
>
> https_proxy=http://localhost:8118 strace -e connect \
> ./meta/guile /tmp/https.scm
>
> (I have Privoxy running as a proxy on that port.)
>
> Feedback welcome!
Is the new implementation usable with suspendable ports? When I last
looked the read-response-body procedure was not, which meant that
http-get and http-put were not, which meant that you could not really
use them with fibers.
Chris