From 4f64ecfddad44524fe686f3e16a8f92487d912d9 Mon Sep 17 00:00:00 2001 From: Fazlul Shahriar Date: Wed, 28 Jul 2010 18:13:56 -0700 Subject: [PATCH] http: add https client support Fixes #851. R=rsc CC=golang-dev https://golang.org/cl/1729052 --- src/pkg/crypto/tls/handshake_client.go | 2 +- src/pkg/http/client.go | 15 +++++++++++---- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/pkg/crypto/tls/handshake_client.go b/src/pkg/crypto/tls/handshake_client.go index 324c02f701..b15bbd331a 100644 --- a/src/pkg/crypto/tls/handshake_client.go +++ b/src/pkg/crypto/tls/handshake_client.go @@ -93,7 +93,7 @@ func (c *Conn) clientHandshake() os.Error { } // TODO(rsc): Find certificates for OS X 10.6. - if false && c.config.RootCAs != nil { + if c.config.RootCAs != nil { root := c.config.RootCAs.FindParent(certs[len(certs)-1]) if root == nil { return c.sendAlert(alertBadCertificate) diff --git a/src/pkg/http/client.go b/src/pkg/http/client.go index 54487dac2f..ee586bd621 100644 --- a/src/pkg/http/client.go +++ b/src/pkg/http/client.go @@ -8,6 +8,7 @@ package http import ( "bufio" + "crypto/tls" "encoding/base64" "fmt" "io" @@ -21,7 +22,7 @@ import ( func hasPort(s string) bool { return strings.LastIndex(s, ":") > strings.LastIndex(s, "]") } // Used in Send to implement io.ReadCloser by bundling together the -// io.BufReader through which we read the response, and the underlying +// bufio.Reader through which we read the response, and the underlying // network connection. type readClose struct { io.Reader @@ -34,13 +35,13 @@ type readClose struct { // send() method is nonpublic because, when we refactor the code for persistent // connections, it may no longer make sense to have a method with this signature. func send(req *Request) (resp *Response, err os.Error) { - if req.URL.Scheme != "http" { + if req.URL.Scheme != "http" && req.URL.Scheme != "https" { return nil, &badStringError{"unsupported protocol scheme", req.URL.Scheme} } addr := req.URL.Host if !hasPort(addr) { - addr += ":http" + addr += ":" + req.URL.Scheme } info := req.URL.Userinfo if len(info) > 0 { @@ -52,7 +53,13 @@ func send(req *Request) (resp *Response, err os.Error) { } req.Header["Authorization"] = "Basic " + string(encoded) } - conn, err := net.Dial("tcp", "", addr) + + var conn io.ReadWriteCloser + if req.URL.Scheme == "http" { + conn, err = net.Dial("tcp", "", addr) + } else { // https + conn, err = tls.Dial("tcp", "", addr) + } if err != nil { return nil, err }