From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Newsgroups: gmane.lisp.guile.bugs Subject: bug#24075: tls/https support in Guile (through r6rs binary ports?) Date: Sat, 05 Nov 2016 20:02:32 +0100 Message-ID: <87fun56987.fsf@gnu.org> References: <8760rss8al.fsf@dustycloud.org> <87a8gstgn6.fsf@pobox.com> <878tvqqfkq.fsf@dustycloud.org> <87r36p6aaz.fsf@dustycloud.org> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: blaine.gmane.org 1478372605 30843 195.159.176.226 (5 Nov 2016 19:03:25 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 5 Nov 2016 19:03:25 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) Cc: 24075@debbugs.gnu.org To: Christopher Allan Webber Original-X-From: bug-guile-bounces+guile-bugs=m.gmane.org@gnu.org Sat Nov 05 20:03:18 2016 Return-path: Envelope-to: guile-bugs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c36FB-000679-Mg for guile-bugs@m.gmane.org; Sat, 05 Nov 2016 20:03:09 +0100 Original-Received: from localhost ([::1]:55306 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c36FE-000548-Mw for guile-bugs@m.gmane.org; Sat, 05 Nov 2016 15:03:12 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:45207) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c36F7-000537-G8 for bug-guile@gnu.org; Sat, 05 Nov 2016 15:03:06 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c36F4-0004zH-Bm for bug-guile@gnu.org; Sat, 05 Nov 2016 15:03:05 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:58968) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1c36F4-0004z5-8E for bug-guile@gnu.org; Sat, 05 Nov 2016 15:03:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1c36F4-0002yF-0y for bug-guile@gnu.org; Sat, 05 Nov 2016 15:03:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Original-Sender: "Debbugs-submit" Resent-CC: bug-guile@gnu.org Resent-Date: Sat, 05 Nov 2016 19:03:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 24075 X-GNU-PR-Package: guile X-GNU-PR-Keywords: Original-Received: via spool by 24075-submit@debbugs.gnu.org id=B24075.147837256611394 (code B ref 24075); Sat, 05 Nov 2016 19:03:01 +0000 Original-Received: (at 24075) by debbugs.gnu.org; 5 Nov 2016 19:02:46 +0000 Original-Received: from localhost ([127.0.0.1]:46134 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c36Eo-0002xi-5R for submit@debbugs.gnu.org; Sat, 05 Nov 2016 15:02:46 -0400 Original-Received: from eggs.gnu.org ([208.118.235.92]:54170) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c36Em-0002xU-IH for 24075@debbugs.gnu.org; Sat, 05 Nov 2016 15:02:44 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c36Ee-0004aY-99 for 24075@debbugs.gnu.org; Sat, 05 Nov 2016 15:02:39 -0400 Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:34381) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c36Ee-0004aQ-69; Sat, 05 Nov 2016 15:02:36 -0400 Original-Received: from reverse-83.fdn.fr ([80.67.176.83]:50300 helo=pluto) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1c36Ed-0001NT-DJ; Sat, 05 Nov 2016 15:02:35 -0400 In-Reply-To: <87r36p6aaz.fsf@dustycloud.org> (Christopher Allan Webber's message of "Sat, 05 Nov 2016 13:39:16 -0500") X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-guile@gnu.org List-Id: "Bug reports for GUILE, GNU's Ubiquitous Extension Language" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guile-bounces+guile-bugs=m.gmane.org@gnu.org Original-Sender: "bug-guile" Xref: news.gmane.org gmane.lisp.guile.bugs:8447 Archived-At: Hi! Christopher Allan Webber skribis: >>>From d4def07779c5532ffc6b7ee13820919bc23d1811 Mon Sep 17 00:00:00 2001 > From: Christopher Allan Webber > Date: Thu, 17 Sep 2015 15:14:54 -0500 > Subject: [PATCH] web: Add https support through gnutls. > > Since importing gnutls directly would result in a dependency cycle, > we load gnutls lazily. > > This uses code originally written for Guix by Ludovic > > * module/web/client.scm: (%http-receive-buffer-size) > (warn-no-gnutls-return-false, gnutls-module, ensure-gnutls) > (gnutls-ref, tls-wrap): New variables. > (open-socket-for-uri): Wrap in tls when uri scheme is https. Woohoo, cool! > +(define (ensure-gnutls) > + (if (not (force gnutls-module)) > + (throw 'gnutls-not-available "(gnutls) module not available"))) I wonder if this is the right exception, but I can=E2=80=99t think of anyth= ing better (there=E2=80=99s no generic =E2=80=9Cnot supported=E2=80=9D exceptio= n I think; (throw 'system-error =E2=80=A6 ENOSYS) would do that but it=E2=80=99s too vague.) > +(define (gnutls-ref symbol) > + "Fetch method-symbol from the gnutls module" > + (module-ref (force gnutls-module) symbol)) > + > (define current-http-proxy > (make-parameter (let ((proxy (getenv "http_proxy"))) > (and (not (equal? proxy "")) > proxy)))) >=20=20 > +(define (tls-wrap port server) > + "Return PORT wrapped in a TLS connection to SERVER. SERVER must be a = DNS > +host name without trailing dot." > + (define (log level str) > + (format (current-error-port) > + "gnutls: [~a|~a] ~a" (getpid) level str)) > + > + (ensure-gnutls) > + > + (let ((session ((gnutls-ref 'make-session) > + (gnutls-ref 'connection-end/client)))) What about leaving the =E2=80=98ensure-gnutls=E2=80=99 call and then simply= use the GnuTLS symbols directly and rely on autoloading, as in (guix build download)? --8<---------------cut here---------------start------------->8--- ;; Autoload GnuTLS so that this module can be used even when GnuTLS is ;; not available. At compile time, this yields "possibly unbound ;; variable" warnings, but these are OK: we know that the variables will ;; be bound if we need them, because (guix download) adds GnuTLS as an ;; input in that case. ;; XXX: Use this hack instead of #:autoload to avoid compilation errors. ;; See . (module-autoload! (current-module) '(gnutls) '(make-session connection-end/client)) --8<---------------cut here---------------end--------------->8--- That would lead more concise and slightly more efficient code, and I think it would still work as expected in the absence of (gnutls). WDYT? > + (define (read! bv start count) > + (define read-bv (get-bytevector-n record count)) > + (define read-bv-len (bytevector-length read-bv)) > + (bytevector-copy! read-bv 0 bv 0 read-bv-len) > + read-bv-len) Beware: =E2=80=98get-bytevector-n=E2=80=99 can return the EOF object instea= d of a number, so you need to check for that. (Conversely, =E2=80=98read!=E2=80= =99 needs to return 0 to indicate EOF.) > + (define (open-socket) > + (let loop ((addresses addresses)) Or just =E2=80=9C(define sock =E2=80=A6=E2=80=9D. Otherwise works for me! Could you document HTTPS support in the doc of =E2=80=98open-socket-for-uri= =E2=80=99 (info "(guile) Web Client")? Probably with something like: @xref{Guile Preparations, how to install the GnuTLS bindings for Guile,, gnutls-guile, GnuTLS-Guile}, for more information. Thank you Chris! Ludo=E2=80=99.