R2 SSL Error

Hi! >> about REBOL/View 2.7.8.3.1 1-Jan-2011 Copyright 2000-2011 REBOL Technologies. All rights reserved. REBOL is a trademark of REBOL Technologies. WWW.REBOL.COM >> read https://rebolforum.com connecting to: rebolforum.com ** Command Error: SSL Error: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version ** Where: build-port ** Near: system/words/set-modes port/sub-port [secure: true] how it fix?

Sadly, Rebol 2 cannot read HTTPS. It can do plain old HTTP: read http://rebolforum.com == {<html><head><title></title><META HTTP-EQUIV="REFRESH" CONTENT="0; URL=./index.cgi"></head>

>> ? system/schemes/https SYSTEM/SCHEMES/HTTPS is an object of value: scheme word! HTTPS host none! none port-id integer! 443 ... passive none! none cache-size integer! 5 user-agent string! "REBOL View 2.7.8.3.1" >> read https://ya.ru connecting to: ya.ru == {<!DOCTYPE html><html class="i-ua_js_no i-ua_css_standart i-ua_browser_unknown i-ua_browser-engine_unknown i-ua_browser_deskto... Perhaps some encryption algorithm is missing. Perhaps someone has already implemented it?

You're right, R2 used to do HTTPS, but the encryption ciphers are outdated for most connections. Because they are built in, and R2 is closed source, there is no obvious way to update them.

You're right, R2 used to do HTTPS, but the encryption ciphers are outdated for most connections. Because they are built in, and R2 is closed source, there is no obvious way to update them.

You're right, R2 used to do HTTPS, but the encryption ciphers are outdated for most connections. Because they are built in, and R2 is closed source, there is no obvious way to update them.

Manipulation with object "system/schemes/HTTPS" can be help? Or make function like "read-https" which open TCP port (...open/binary/no-wait tcp://:443...) and create required encrypt code is not exit? But this is just an amateurish questions of a beginner :) The potential of R2 seems so great that the lack of source code can be compensated by thoughtful architecture and opportunities :) Opensource R3 and Red are less complete (alpha) and much more demanding on OS and hardware.

Yes, you could write your own HTTPS implementation, but that is very advanced work. You could also write a binding to some existing HTTPS library, but that is fairly advanced work and may be hard to do in R2. And it would introduce a dependency, possibly OS-dependent.

"...some existing HTTPS library..." are using: ...for HTTPS "curl" >> tmp: copy "" call/output "curl -s https://rebolforum.com" tmp tmp: to-block tmp == [<html> <head> <title> </title> <META HTTP-EQUIV="REFRESH" CONTENT="0; URL=./index.cgi"> </head> <body bgcolor="#FFFFFF"> </body... ...for E-mail whit proxy (https://www.stunnel.org). But a solution without using external programs would be much better.

Yes, that's the easiest way. If you don't need high performance, it works. I'm currently using cURL that way in the Meta compiler client. I once wrote a binding for R3 to LibCURL. That's the next step up to make it less primitive. Potentially, LibCURL can be linked in statically in R3, but not R2.

LibCURL/OpenSSL can be "linked in dynamic" for R2? Some like "curllib: load/library decompress #{789CE53C6B77E..."

You need to load it by file name, and then bind the functions in the library,

>> ? system/components/ssl SYSTEM/COMPONENTS/SSL is an object of value: Title string! "Secure Socket Layer" Date date! 17-Jan-2002/22:45:19 Name word! ssl Version tuple! 1.4.0 File file! %comp-ssl.r ... it turns out SSL is written on Rebol? If "yes" is it possible to "update" it? Does anyone have a "comp-ssl.r" file?

I think that's just metadata so R2 knows which features it has. I would expect comp-ssl.r to be high-level code that calls low-level C code. It's probably possible to write a new HTTPS scheme, it may even be possible to replace the existing handler, if you don't need speed it may be possible to write it in REBOL, but as I said, that's advanced work. Many people have wanted it for a long time, but nobody has done it.