Comments (3)
Sample use case: wrapping client sockets with TLS
diff --git a/http.tcl b/http.tcl
index 2177d68..8ea391b 100644
--- a/http.tcl
+++ b/http.tcl
@@ -287,6 +287,10 @@ proc ::http::serve-and-trap-errors {channel clientAddr clientPort routes} {
# Handle HTTP requests over a channel and send responses. A hacky HTTP
# implementation.
proc ::http::serve {channel clientAddr clientPort routes} {
+ # hack
+ tls load_cert ../rootCA.pem
+
+ set schannel [$channel tls -server]
global ::http::maxRequestLength
::http::log info "Client connected: $clientAddr"
@@ -295,7 +299,8 @@ proc ::http::serve {channel clientAddr clientPort routes} {
set headerLines {}
set firstLine 1
- while {[gets $channel buf]} {
+ puts $schannel
+ while {[gets $schannel buf]} {
if {$firstLine} {
# Change the newline variable when the incoming request has
# nonstandard \n newlines. This happens, e.g., when you use netcat.
@@ -313,6 +318,9 @@ proc ::http::serve {channel clientAddr clientPort routes} {
break
}
lappend headerLines $buf
+
+ # hack, TLS socket support doesn't handle \n yet
+ break
}
set request [::http::parse-headers $headerLines]
@@ -333,10 +341,10 @@ proc ::http::serve {channel clientAddr clientPort routes} {
if {$request(contentLength) <= $::http::maxRequestLength} {
if {[dict exists $request expect] &&
($request(expect) eq "100-continue")} {
- puts $channel "HTTP/1.1 100 Continue\n"
+ puts $schannel "HTTP/1.1 100 Continue\n"
}
- set postString [read $channel $request(contentLength)]
+ set postString [read $schannel $request(contentLength)]
if {$request(contentType) eq
"application/x-www-form-urlencoded"} {
::http::log debug "POST request: {$postString}\n"
@@ -386,11 +394,12 @@ proc ::http::serve {channel clientAddr clientPort routes} {
if {!$error} {
::http::log info "Responding."
- ::http::route $channel $request $routes
+ ::http::route $schannel $request $routes
} else {
- puts -nonewline $channel [::http::error-response $error]
+ puts -nonewline $schannel [::http::error-response $error]
}
+ close $schannel
close $channel
}
from jimhttp.
Implemented in 1417f82. Try to set the lambda to something like
{{} {
tls load_cert ../rootCA.pem
upvar 1 channel channel
set channel [$channel tls -server]
}
and tell me how it works. Note that for now you will have to modify the proc ::http::serve
itself if you want to have the break
statement there.
from jimhttp.
You can close this issue - works great with the LibreSSL bindings from https://github.com/dimkr/jimtcl/tree/libressl.
{{} {
upvar 1 channel channel
set channel [$channel ssl -server certificate.pem key.pem]
}
from jimhttp.
Related Issues (8)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jimhttp.