TLS client

[dworkin]

TLS client sessions are managed by ~TLS/api/lib/ClientSession. Only connections to servers with RSA certificates are currently supported, and client certificates don't work at all, yet.

There is also a TLS-enabled HTTP client in ~HTTP/api/obj/tls_client1.

Example code for a HTTP TLS client:

# include <String.h>
# include "~HTTP/HttpConnection.h"
# include "~HTTP/HttpRequest.h"
# include "~HTTP/HttpResponse.h"
# include "~HTTP/HttpField.h"

object connection;

void create()
{
    connection = clone_object(HTTP1_TLS_CLIENT, this_object(), "localhost",
                              8443);
}

void connected()
{
    HttpRequest request;
    HttpFields fields;

    request = new HttpRequest(1.1, "GET", "https://", "localhost:8443", "/");
    fields = new HttpFields;
    fields->add(new HttpField("Host", "localhost:8443"));
    request->setHeaders(fields);

    connection->sendRequest(request);
}

void receiveResponse(HttpResponse response)
{
    int length;

    length = response->headerValue("Content-length");
    connection->expectEntity(length);
}

void receiveEntity(StringBuffer entity)
{
    connection->doneResponse();
}

void disconnect()
{
}

[dworkin]

TLS requires the crypto extension module.

This TLS implementation keeps all state in LPC, which means that TLS connections are fully persistent across upgrades and hotbooting. It is probably the first implementation worldwide to have that.

[dworkin]

TLS server support has now been implemented, as well.