HTTPS v1.04 Package for OmniWeb 3.x (Rhapsody DR2) ================================================== JŸrgen Mšllenhoff (jm@oic.de), June 14, 1998 Description =========== This Package allows you to use https-URLs (via SSL or TLS) with OmniWeb 3 (Version == 3.x (Beta7)). It uses the free SSLeay-lib (Version 0.9.0) from Eric Young (eay@cryptsoft.com) and the OmniWeb (http://www.omnigroup.com/) extensible bundle architecture. This software is supplied without a warranty of any kind. I am not responsible for any damage that may occur as a result of using this software. Please keep in mind that this is work in progress. Also, please bear with the incomplete nature of the package. Installation ============ ATTENTION: Before you can install this Package you must install the SSLeay.pkg (Version 0.9.0 Port 1) in /Local/Library/Frameworks, without this Framework the bundle doesn't work. People outside of the USA and Canada can obtain this framework via ftp://ftp.cs.tu-berlin.de/pub/NeXT/developer/libs/frameworks/SSLeay.0.9.0.1.r.PI.b.tar.gz People inside the USA and Canada should check ftp://next-ftp.peak.org/pub/next/rhapsody/Developer/Frameworks/ or write to Rex Dieter to get a RSAref-Version of this framework. To enable the HTTPS protocol, install the ./HTTPS.plugin bundle anywhere in the OmniWeb 3.x bundle path. Then, restart OmniWeb.app. The recommended location for personal installation is ~/Library/PlugIns for system-wide installation /Local/Library/PlugIns or /Network/Library/PlugIns. If you use a proxy server, you MUST include at least one protocol for your proxy server (http, ftp, etc. but not https) in the protocol section of the Proxy-Preferences Panel or add the "https" protocol to the NonProxiableSchemes like defaults write OmniWeb NonProxiableSchemes "(file, mailto, omniweb, rlogin, telnet, tn3270, https)" Without these "workarounds" OmniWeb wraps https calls to http!!! CONNECT-Protocol (Proxy Support for https) ========================================== To enable proxy support for https (SSL tunneling) you need another entry in the Proxy-Preferences Panel. Add a server to the "Proxy Server URL" section like this: "https:\\whatever-cache:1234\" and add the https protocol to the "Protocols" section. IMPORTANT: The https proxy MUST be the first server in the list, because the list of proxy servers is an ordered list. For example my "OWProxyServers" defaults look like this: ( { destinations = (oic.de); proxyURL = "(non-proxied protocols and destinations)"; }, {proxyURL = "https://www-cache.oic.de:3128/"; schemes = (https); }, {proxyURL = "http://www-cache.oic.de:3128/"; } ) History ======= 1.04 [14 June, 1998] - Some modifications (.plugin instead .omniweb, etc) for OmniWeb 3.x Beta7. 1.03 [10 May, 1998] - Changed the Preferences-Panel (more options). - Added a warning panel when the user enters a encrypted site. - Display more details about the connection (You must enable the Information/Warning-Panel to see it). - Localized the most stuff. - Source code is now included. 1.02 [26 April, 1998] - It's now SSLeay-lib in version 0.9.0. - Supports TLSv1, SSLv2 and SSLv3 - Changed the SSL-Frameworks from SSL.framework and SSLCrypto.framework to one "super" Framework SSLeay.framework. It's now compatible to Rex Dieter's implementation of the SSL-Framework. 1.01 [26 January, 1998] - Fixed a bug in the CONNECTION (SSL-Tunneling) method. It was not possible to use the Apache-Proxy for SSL-Tunneling. 1.0 [19 January, 1998] - Changed the Proxy-Support. If you need proxy support add the proxy server now with the Proxy-Preferences Panel of OmniWeb. - Created a Version for OmniWeb 3.x (OpenStep/Rhapsody) AND OmniWeb 2.x - The name of the bundle for OmniWeb 3.x (OpenStep/Rhapsody) is "HTTPS", for OmniWeb 2.x "HTTPSExtension". 0.9 (Beta) [1 December, 1997] - Added Proxy authentication for the CONNECT-Protocol. - Fixed a bug in the Hostname resolver. Now it should be possible to use this bundle without any DNS if you use a proxy server. 0.8 (Beta) [14 November, 1997] - Adapted the bundle for OmniWeb 3.x - SSLeay-lib is now located in two Frameworks (SSLCrypto, SSL) - Renamed it (sorry for that) from HTTPSExtension.omniweb to HTTPS.omniweb, because the "new" bundle is not compatible with OmniWeb2.x, it works ONLY for OmniWeb3.x. So it is easier for me to figure out which bundle you mean if you have some questions about it. 0.7 [13 August, 1997] - It's now SSLeay-lib in version 0.8.1. - Supports SSLv2 and SSLv3 - Added a Preferences Panel - Added Proxy-Support (CONNECT-Protocol) (see HTTPS Preferences) - Added an Installer Package - Renamed it from https.omni to HTTPSExtension.omniweb - Fixed some bugs - Removed the source code 0.6 [1 December, 1996] - Internal version 0.5a [14 June, 1996] - It's now SSLeay-lib in version 0.5.2a. - Fixed a little (not important) bug. - Included the source code 0.5 [5 May, 1996] - First version, which uses the SSLeay-lib in version 0.5.1b Bugs? ===== Yes, if you use a proxy server. You MUST include at least one protocol for your proxy server (http, ftp, etc. but not https) in the protocol section of the Proxy-Preferences Panel or add the "https" protocol to the NonProxiableSchemes. ATTENTION: Without any protocols, OmniWeb wraps https calls to http!! Send bug reports, suggestions or comments to the address below. Architectures ============= ALL Architectures are supported. Copyright ========= This bundle is free for commercial and non-commercial use. The code is supplied "as is" the author makes no warranty as to its suitability for any purpose. The code is free and may be distributed in accordance with the terms of the: GNU GENERAL PUBLIC LICENSE Version 2, June 1991 copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA 02139, USA Test ==== Some https-URL's to test the bundle: https://tls.cryptsoft.com/ https://www.cryptsoft.com/~tjh/cryptocheck.php https://www.onlygourmet.com/ https://www.bose.com/cgi-bin/Direct https://sectest.microsoft.com/ https://vault.sfnb.com/cgi-bin/accntSum ToDo ==== - Client certification?? - Display an Icon when a SSL-Connection is in progress?? Source Code =========== To compile this bundle you need the SSLeay-Framework in version 0.9.0 and the API (Frameworks) for OmniWeb 3.x. If you modify the source code, please send a copy of the modifications to me . Thank you. Thanks ====== Thanks to "Stefanie R. Herzer " "Stephen J. Perkins " "Ken Case " "Eric Young " "Tim Hudson " "Jens M. Schuh " "Sabina Stoeckmann " "Thomas Sieweke " "Rex Dieter " "David Andel " Contact Information =================== JŸrgen Mšllenhoff OIC - Object Innovation Center Bochum, Germany EMail: jm@oic.de (ASCII, NEXT and MIME-Mail)