Requested https server, got http server
tonyg opened this issue · comments
ACTUAL: The program below asks for SSL service, and starts successfully, but when visited via https://localhost:5555/
, it complains about malformed requests. When visited via http://localhost:5555/
, it runs the servlet and serves HTML successfully.
EXPECTED: http service should fail; https service should work, and should be properly TLS-encrypted.
REPRODUCTION:
First, generate keys:
openssl genrsa -des3 -passout pass:a -out private-key.pem 1024
openssl rsa -passin pass:a -in private-key.pem -out private-key.pem
openssl req -new -x509 -nodes -sha1 -days 365 \
-subj /CN=demo.server.example \
-passin pass:a \
-key private-key.pem > server-cert.pem
Then, run the following Racket program:
#lang racket/base
(require web-server/servlet)
(require web-server/servlet-env)
(serve/servlet (lambda (req) (response/xexpr `(html (body (h1 "Hello")))))
#:launch-browser? #f
#:quit? #f
#:listen-ip #f
#:port 5555
#:ssl? #t
#:ssl-cert (build-path (current-directory) "server-cert.pem")
#:ssl-key (build-path (current-directory) "private-key.pem")
#:servlet-regexp #rx"")
My recent commit must be wrong. I'll investigate.
I've pushed a repair, probably. Part of the problem, I think, is that there are no tests for SSL mode (so I put too much stock in tests passing after my previous change); I'll have to get back to that.
Thanks for the repair; I can confirm that I now get SSL service, as expected. I'm not sure whether you'd prefer to close this issue, or leave it open as a placeholder pending tests for SSL mode, so I shall leave it open and let you decide. The original issue is definitely fixed, for me, though.
Jay added a test as commit eefe016, so we can close this.