From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on yquem.inria.fr X-Spam-Level: X-Spam-Status: No, score=0.1 required=5.0 tests=AWL autolearn=disabled version=3.1.3 X-Original-To: caml-list@yquem.inria.fr Delivered-To: caml-list@yquem.inria.fr Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by yquem.inria.fr (Postfix) with ESMTP id 6568ABC6B for ; Tue, 4 Sep 2007 19:27:06 +0200 (CEST) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.179]) by concorde.inria.fr (8.13.6/8.13.6) with ESMTP id l84HR5NT021912 for ; Tue, 4 Sep 2007 19:27:06 +0200 Received: from dslb-084-059-125-251.pools.arcor-ip.net [84.59.125.251] (helo=gate.lan.gerd-stolpmann.de) by mrelayeu.kundenserver.de (node=mrelayeu6) with ESMTP (Nemesis), id 0ML29c-1IScB029Zm-0004Lg; Tue, 04 Sep 2007 19:27:00 +0200 Received: from flakew.lan.gerd-stolpmann.de (fw.lan.gerd-stolpmann.de [192.168.1.1]) by gate.lan.gerd-stolpmann.de (Postfix) with ESMTP id 2F614C0AD; Tue, 4 Sep 2007 19:26:58 +0200 (CEST) Subject: Re: [Caml-list] Simple HTTPS client example? From: Gerd Stolpmann To: Dave Benjamin Cc: caml-list@inria.fr In-Reply-To: <46DD8559.9080401@ramenlabs.com> References: <46DCDFEB.9050606@ramenlabs.com> <1188907650.8088.11.camel@localhost.localdomain> <46DD8559.9080401@ramenlabs.com> Content-Type: text/plain Date: Tue, 04 Sep 2007 19:26:57 +0200 Message-Id: <1188926817.8088.17.camel@localhost.localdomain> Mime-Version: 1.0 X-Mailer: Evolution 2.6.1 Content-Transfer-Encoding: 7bit X-Provags-ID: V01U2FsdGVkX18m6mw4bnrAjaodUDH3FsQ9MOkCV1XOVuLCtZs Bu6S05PLPGfocXB+Xkl7qCLe3kvrA235104UrIMzYQrD+wPdGy cAsS9WS91wpD+eqU7VJB9PbXGbNL7mQ X-Miltered: at concorde with ID 46DD9569.002 by Joe's j-chkmail (http://j-chkmail . ensmp . fr)! X-Spam: no; 0.00; gerd:01 stolpmann:01 gerd:01 stolpmann:01 ocamlnet:01 subclassing:01 overriding:01 viktoriastr:01 64293:01 darmstadt:01 6151:01 6151:01 dienstag:98 end-to-end:98 wrote:01 Am Dienstag, den 04.09.2007, 09:18 -0700 schrieb Dave Benjamin: > Gerd Stolpmann wrote: > > Am Montag, den 03.09.2007, 21:32 -0700 schrieb Dave Benjamin: > >> Has anyone written any code to use Ocamlnet to retrieve a URL using > >> HTTPS? I'm looking at Uq_ssl and Http_client, but can't seem to find a > >> way to fit them together. > > > > There is no easy way to do so. > > Well, is there a difficult way to do so? Any idea what that way might be? =) Yes. Change Http_client so it can make use of Uq_ssl. This is, however, not so easy. > Otherwise, it seems like it ought to be possible at least to use a proxy > like squid to relay the request. However, even with proxy enabled, I get A proxy doesn't work here, because encryption is end-to-end. What you need is a tunnel endpoint like stunnel. I think that a few changes of Http_client are still necessary since there is currently no way to inject an already connected socket into it. > this error: > > Exception: Failure "Http_client: bad URL". > > whenever there is an "https" as the protocol. It looks like subclassing > the call class and overriding set_request_uri to accept HTTPS URLs would > at least make that error go away, but then something additional would > need to be done to keep track of the protocol when it's time to send it > to the proxy... I guess this is the simplest part of the change. Gerd -- ------------------------------------------------------------ Gerd Stolpmann * Viktoriastr. 45 * 64293 Darmstadt * Germany gerd@gerd-stolpmann.de http://www.gerd-stolpmann.de Phone: +49-6151-153855 Fax: +49-6151-997714 ------------------------------------------------------------