Renamed many classes and feature to use "secure" term instead of "ssl". (note, the .ecf are still using the "ssl" terminologie).

Provided easy way to set secure settings for Standalone.
For wsf launcher boolean option accept "true" or "yes" for True boolean, anything else is False.

examples/debug/debug.ecf

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="debug" uuid="AA458565-7711-4BE1-ADA3-91716EABFA21" library_target="debug">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="debug" uuid="AA458565-7711-4BE1-ADA3-91716EABFA21" library_target="debug_standalone">
 	<target name="common" abstract="true">
 		<file_rule>
 			<exclude>/EIFGENs$</exclude>
@@ -18,7 +18,7 @@
 	</target>
 	<target name="debug_any" extends="common">
 		<root class="EWF_DEBUG_SERVER" feature="make_and_launch"/>
-		<setting name="concurrency" value="thread"/>
+		<setting name="concurrency" value="scoop"/>
 		<library name="cgi" location="..\..\library\server\wsf\connector\cgi-safe.ecf" readonly="false"/>
 		<library name="libfcgi" location="..\..\library\server\wsf\connector\libfcgi-safe.ecf" readonly="false"/>
 		<library name="standalone" location="..\..\library\server\wsf\connector\standalone-safe.ecf" readonly="false"/>
@@ -27,7 +27,7 @@
 	</target>
 	<target name="debug_standalone" extends="common">
 		<root class="EWF_DEBUG_SERVER" feature="make_and_launch"/>
-		<setting name="concurrency" value="thread"/>
+		<setting name="concurrency" value="scoop"/>
 		<library name="default_standalone" location="..\..\library\server\wsf\default\standalone-safe.ecf" readonly="false"/>
 		<cluster name="launcher" location=".\launcher\default\" recursive="true"/>
 		<cluster name="src" location=".\src\" recursive="true"/>
@@ -44,6 +44,4 @@
 		<cluster name="launcher" location=".\launcher\default\" recursive="true"/>
 		<cluster name="src" location=".\src\" recursive="true"/>
 	</target>
-	<target name="debug" extends="debug_standalone">
-	</target>
 </system>

examples/debug/debug.ini

@@ -0,0 +1,2 @@
+port=9090
+verbose=true

examples/simple/simple.ecf

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="simple" uuid="C28C4F53-9963-46C0-A080-8F13E94E7486" library_target="simple">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="simple" uuid="C28C4F53-9963-46C0-A080-8F13E94E7486" library_target="simple_standalone">
 	<target name="common" abstract="true">
 		<file_rule>
 			<exclude>/.svn$</exclude>
@@ -16,13 +16,20 @@
 	</target>
 	<target name="simple_standalone" extends="common">
 		<root class="APPLICATION" feature="make_and_launch"/>
-		<option warning="true" is_attached_by_default="true" void_safety="all" syntax="transitional">
+		<option debug="false" warning="true" is_attached_by_default="true" void_safety="all" syntax="transitional">
+			<debug name="dbglog" enabled="true"/>
 			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
 		</option>
 		<setting name="concurrency" value="scoop"/>
 		<library name="default_standalone" location="..\..\library\server\wsf\default\standalone-safe.ecf"/>
 		<cluster name="simple" location=".\" recursive="true"/>
 	</target>
+	<target name="simple_standalone_mt" extends="simple_standalone">
+		<setting name="concurrency" value="thread"/>
+	</target>
+	<target name="simple_standalone_st" extends="simple_standalone">
+		<setting name="concurrency" value="none"/>
+	</target>
 	<target name="simple_cgi" extends="common">
 		<root class="APPLICATION" feature="make_and_launch"/>
 		<option warning="true" is_attached_by_default="true" void_safety="transitional" syntax="transitional">
@@ -39,6 +46,4 @@
 		<library name="default_libfcgi" location="..\..\library\server\wsf\default\libfcgi-safe.ecf"/>
 		<cluster name="simple" location=".\" recursive="true"/>
 	</target>
-	<target name="simple" extends="simple_standalone">
-	</target>
 </system>

examples/simple/simple.ini

@@ -2,7 +2,8 @@ verbose=true
 verbose_level=ALERT
 port=9090
 #max_concurrent_connections=100
-#keep_alive_timeout=15
+keep_alive_timeout=3
 #max_tcp_clients=100
-#socket_timeout=300
+socket_timeout=60
+socket_recv_timeout=15
 #max_keep_alive_requests=300

examples/simple_ssl/simple.ini

@@ -17,11 +17,11 @@ port=9090
 #keep_alive_timeout=15
 #max_keep_alive_requests=100
 
-### SSL settings
+### Secure connection settings
 # enable SSL, with file certificate.
-ssl_enabled=true
-ssl_ca_key=simple.key
-ssl_ca_crt=simple.crt
+is_secure=true
+secure_certificate=ca.crt
+secure_certificate_key=ca.key
 
 ### App settings
 verbose=true

examples/websocket/application.e

@@ -14,16 +14,18 @@ feature {NONE} -- Initialization
 	make_and_launch
 		local
 			l_launcher: WSF_STANDALONE_WEBSOCKET_SERVICE_LAUNCHER [APPLICATION_EXECUTION]
-			opts: WSF_SERVICE_LAUNCHER_OPTIONS
+			opts: WSF_STANDALONE_WEBSOCKET_SERVICE_OPTIONS
 		do
-			create {WSF_SERVICE_LAUNCHER_OPTIONS_FROM_INI} opts.make_from_file ("ws.ini")
-			create l_launcher.make_and_launch (options)
+			create opts
+			if opts.is_secure_connection_supported then
+				opts.is_secure := True
+				opts.set_secure_protocol_to_tls_1_2
+				opts.secure_certificate := "ca.crt"
+				opts.secure_certificate_key := "ca.key"
 			end
 
-	options: WSF_SERVICE_LAUNCHER_OPTIONS
-			-- Initialize current service.
-		do
-			create {WSF_SERVICE_LAUNCHER_OPTIONS_FROM_INI} Result.make_from_file ("ws.ini")
+			opts.import_ini_file_options ("ws.ini")
+			create l_launcher.make_and_launch (opts)
 		end
 
 end

examples/websocket/application_execution.e

@@ -88,7 +88,7 @@ feature -- HTML Resource
 <!DOCTYPE html>
 <html>
 <head>
-<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
+<script src="##HTTPSCHEME##://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
 <script type="text/javascript">
 $(document).ready(function() {
 
@@ -96,7 +96,7 @@ $(document).ready(function() {
 
 	function connect(){
 
-			var host = "ws://127.0.0.1:##PORTNUMBER##";
+			var host = "##WSSCHEME##://127.0.0.1:##PORTNUMBER##";
 
 			try{
 				socket = new WebSocket(host);
@@ -178,6 +178,13 @@ body {font-family:Arial, Helvetica, sans-serif;}
 </html>
 			]"
 			Result.replace_substring_all ("##PORTNUMBER##", a_port.out)
+			if request.is_https then
+				Result.replace_substring_all ("##HTTPSCHEME##", "https")
+				Result.replace_substring_all ("##WSSCHEME##", "wss")
+			else
+				Result.replace_substring_all ("##HTTPSCHEME##", "http")
+				Result.replace_substring_all ("##WSSCHEME##", "ws")
+			end
 		end
 
 

examples/websocket/ca.crt

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICWDCCAcGgAwIBAgIJAJnXGtV+PtiYMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTUwNDAzMjIxNTA0WhcNMTYwNDAyMjIxNTA0WjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDFMK6ojzg+KlklhTossR13c51izMgGc3B0z9ttfHIcx2kxra3HtHcKIl5wSUvn
+G8zmSyFAyQTs5LUv65q46FM9qU8tP+vTeFCfNXvjRcIEpouta3J53K0xuUlxz4d4
+4D6qvdDWAez/0AkI4y5etW5zXtg7IQorJhsI9TmfGuruzwIDAQABo1AwTjAdBgNV
+HQ4EFgQUbWpk2HoHa0YqpEwr7CGEatBFTMkwHwYDVR0jBBgwFoAUbWpk2HoHa0Yq
+pEwr7CGEatBFTMkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAi+h4/
+IgEocWkdRZBKHEcTrRxz5WhEDJMoVo9LhnXvCfn1G/4p6Un6sYv7Xzpi9NuSY8uV
+cjfJJXhtF3AtyZ70iTAxWaRWjGaZ03PYOjlledJ5rqJEt6CCn8m+JsfznduZvbxQ
+zQ6jCLXfyD/tvemB+yYEI3NntvRKx5/zt6Q26Q==
+-----END CERTIFICATE-----

examples/websocket/ca.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDFMK6ojzg+KlklhTossR13c51izMgGc3B0z9ttfHIcx2kxra3H
+tHcKIl5wSUvnG8zmSyFAyQTs5LUv65q46FM9qU8tP+vTeFCfNXvjRcIEpouta3J5
+3K0xuUlxz4d44D6qvdDWAez/0AkI4y5etW5zXtg7IQorJhsI9TmfGuruzwIDAQAB
+AoGAR5efMg+dieRyLU8rieJcImxVbfOPg9gRsjdtIVkXTR+RL7ow59q7hXBo/Td/
+WU8cm1gXoJ/bK+71YYqWyB+BaLRIWvRWb7Gdw203tu4e136Ca5uuY+71qdbVTVcl
+NQ7J+T+eAQFP+a+DdT3ZQxu9eze87SMbu6i5YSpIk2kusOECQQDunv/DQ+nc+NgR
+DF+Td3sNYUVRT9a1CWi6abAG6reXwp8MS4NobWDf+Ps4JODhEEwlIdq5qL7qqYBZ
+Gc1TJJ53AkEA0404Fn6vAzzegBcS4RLlYTK7nMr0m4pMmDMCI6YzAYdMmKHp1e6f
+IwxSmQrmwyAgwcT01bc0+A8yipcC2BWQaQJBAJ01QZm635OGmos41KsKF5bsE8gL
+SpBBH69Yu/ECqGwie7iU84FUNnO4zIHjwghlPVVlZX3Vz9o4S+fn2N9DC+cCQGyZ
+QyCxGdC0r5fbwHJQS/ZQn+UGfvlVzqoXDVMVn3t6ZES6YZrT61eHnOM5qGqklIxE
+Old3vDZXPt/MU8Zvk3kCQBOgUx2VxvTrHN37hk9/QIDiM62+RenBm1M3ah8xTosf
+1mSeEb6d9Kwb3TgPBmA7YXzJuAQfRIvEPMPxT5SSr6Q=
+-----END RSA PRIVATE KEY-----

examples/websocket/websocket_app.ecf

@@ -18,4 +18,7 @@
 		<library name="wsf" location="..\..\library\server\wsf\wsf-safe.ecf"/>
 		<cluster name="app" location=".\" recursive="true"/>
 	</target>
+	<target name="websocket_app_ssl" extends="websocket_app">
+		<variable name="ssl_enabled" value="true"/>
+	</target>
 </system>

examples/websocket/ws.ini

@@ -6,3 +6,7 @@ keep_alive_timeout=35
 max_tcp_clients=100
 socket_timeout=30000
 max_keep_alive_requests=3000
+
+is_secure=false
+secure_certificate=ca.crt
+secure_certificate_key=ca.key

library/network/http_client/src/spec/net/net_http_client_request.e

@@ -40,12 +40,12 @@ feature {NONE} -- Internal
 			then
 				l_socket := l_persistent_connection.socket
 				if a_is_https then
-					if attached {HTTP_STREAM_SSL_SOCKET} l_socket as l_ssl_socket then
+					if attached {HTTP_STREAM_SECURE_SOCKET} l_socket as l_ssl_socket then
 						Result := l_ssl_socket
 					else
 						l_socket := Void
 					end
-				elseif attached {HTTP_STREAM_SSL_SOCKET} l_socket as l_ssl_socket then
+				elseif attached {HTTP_STREAM_SECURE_SOCKET} l_socket as l_ssl_socket then
 					l_socket := Void
 				end
 				if l_socket /= Void and then not l_socket.is_connected then
@@ -59,7 +59,7 @@ feature {NONE} -- Internal
 			else
 				session.set_persistent_connection (Void)
 				if a_is_https then
-					create {HTTP_STREAM_SSL_SOCKET} Result.make_client_by_port (a_port, a_host)
+					create {HTTP_STREAM_SECURE_SOCKET} Result.make_client_by_port (a_port, a_host)
 				else
 					create Result.make_client_by_port (a_port, a_host)
 				end

library/network/http_network/http_network-safe.ecf

@@ -22,7 +22,7 @@
 			</condition>
 		</external_include>
 		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
-		<library name="net" location="$ISE_LIBRARY\library\net\net-safe.ecf" readonly="false"/>
+		<library name="net" location="$ISE_LIBRARY\library\net\net-safe.ecf"/>
 		<library name="net_ssl" location="$ISE_LIBRARY\unstable\library\network\socket\netssl\net_ssl-safe.ecf">
 			<condition>
 				<custom name="ssl_enabled" value="true"/>
@@ -94,6 +94,5 @@
 				</condition>
 			</cluster>
 		</cluster>
-		
 	</target>
 </system>

library/network/http_network/http_network.ecf

@@ -41,6 +41,13 @@
 					<version type="compiler" max="16.11.0.0"/>
 				</condition>
 			</file_rule>
+			<cluster name="disabled_ssl_network" location="$|no_ssl\" recursive="true">
+				<condition>
+					<custom name="ssl_enabled" excluded_value="true"/>
+					<custom name="net_ssl_enabled" excluded_value="true"/>
+					<custom name="httpd_ssl_enabled" excluded_value="true"/>
+				</condition>
+			</cluster>
 			<cluster name="ssl_network" location="$|ssl\" recursive="true">
 				<condition>
 					<custom name="ssl_enabled" value="true"/>

library/network/http_network/src/http_stream_socket.e

@@ -21,10 +21,12 @@ create {NETWORK_STREAM_SOCKET}
 
 feature -- Status report
 
-	is_ssl_supported: BOOLEAN
-			-- SSL supported?
+	is_secure_connection_supported: BOOLEAN
+			-- SSL/TLS supported?
 		once
 			Result := False
+		ensure
+			Result = {HTTP_SECURE_HELPER}.is_secure_connection_supported
 		end
 
 feature -- Input	

library/network/http_network/src/no_ssl/http_secure_helper.e

@@ -0,0 +1,18 @@
+note
+	description: "[
+			Interface helping using SSL.
+			For now, mainly for `is_secure_connection_supported' to indicate if current project is compiled with SSL support.
+			i.e compiled with EiffelNet-SSL library.
+		]"
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	HTTP_SECURE_HELPER
+
+feature -- Status
+
+	is_secure_connection_supported: BOOLEAN = False
+			-- Is Current system compiled with EiffelNet-SSL support?
+
+end

library/network/http_network/src/no_ssl/http_stream_secure_socket.e

@@ -7,7 +7,7 @@ note
 	revision: "$Revision$"
 
 class
-	HTTP_STREAM_SSL_SOCKET
+	HTTP_STREAM_SECURE_SOCKET
 
 inherit
 	HTTP_STREAM_SOCKET
@@ -17,7 +17,7 @@ create
 	make_client_by_port, make_client_by_address_and_port,
 	make_server_by_port, make_server_by_address_and_port, make_loopback_server_by_port
 
-create {HTTP_STREAM_SSL_SOCKET}
+create {HTTP_STREAM_SECURE_SOCKET}
 	make_from_descriptor_and_address
 
 feature -- Element change	
@@ -29,9 +29,39 @@ feature -- Element change
 	set_key_file_path (a_key_filename: PATH)
 		do
 		end
+feature -- SSL Helpers
+
+	set_secure_protocol (v: NATURAL)
+		do
+		end
+
+	set_secure_protocol_to_ssl_2_or_3
+			-- Set `ssl_protocol' with `Ssl_23'.
+		do
+		end
+
+	set_secure_protocol_to_tls_1_0
+			-- Set `ssl_protocol' with `Tls_1_0'.
+		do
+		end
+
+	set_secure_protocol_to_tls_1_1
+			-- Set `ssl_protocol' with `Tls_1_1'.
+		do
+		end
+
+	set_secure_protocol_to_tls_1_2
+			-- Set `ssl_protocol' with `Tls_1_2'.
+		do
+		end
+
+	set_secure_protocol_to_dtls_1_0
+			-- Set `ssl_protocol' with `Dtls_1_0'.
+		do
+		end
 
 invariant
-	ssl_not_supported: not is_ssl_supported -- Current is a Fake SSL interface!
+	secure_connection_not_supported: not is_secure_connection_supported -- Current is a Fake SSL interface!
 note
 	copyright: "2011-2013, Javier Velilla, Jocelyn Fiat and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"

library/network/http_network/src/ssl/http_secure_helper.e

@@ -0,0 +1,18 @@
+note
+	description: "[
+			Interface helping using SSL.
+			For now, mainly for `is_secure_connection_supported' to indicate if current project is compiled with SSL support.
+			i.e compiled with EiffelNet-SSL library.
+		]"
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	HTTP_SECURE_HELPER
+
+feature -- Status
+
+	is_secure_connection_supported: BOOLEAN = True
+			-- Is Current system compiled with EiffelNet-SSL support?
+
+end

library/network/http_network/src/ssl/http_stream_secure_socket.e

@@ -4,7 +4,7 @@ note
 	revision: "$Revision$"
 
 class
-	HTTP_STREAM_SSL_SOCKET
+	HTTP_STREAM_SECURE_SOCKET
 
 inherit
 	HTTP_STREAM_SOCKET
@@ -20,7 +20,7 @@ inherit
 			connect, shutdown,
 			do_accept
 		redefine
-			is_ssl_supported,
+			is_secure_connection_supported,
 			put_managed_pointer,
 			read_stream_noexception,
 			read_into_pointer_noexception,
@@ -32,7 +32,7 @@ inherit
 			put_managed_pointer -- Redefine to allow support of compiler before 16.11.
 		end
 
-	HTTP_STREAM_SSL_SOCKET_EXT
+	HTTP_STREAM_SECURE_SOCKET_EXT
 
 create
 	make, make_empty,
@@ -44,42 +44,44 @@ create {SSL_NETWORK_STREAM_SOCKET}
 
 feature -- Status report
 
-	is_ssl_supported: BOOLEAN
+	is_secure_connection_supported: BOOLEAN = True
 			-- SSL supported?
-		once
-			Result := True
+
+feature -- Secure connection Helpers
+
+	set_secure_protocol (v: NATURAL)
+		do
+			set_tls_protocol (v)
 		end
 
-feature -- SSL Helpers
-
-	set_ssl_protocol_to_ssl_2_or_3
+	set_secure_protocol_to_ssl_2_or_3
 			-- Set `ssl_protocol' with `Ssl_23'.
 		do
-			set_tls_protocol ({SSL_PROTOCOL}.Ssl_23)
+			set_secure_protocol ({SSL_PROTOCOL}.Ssl_23)
 		end
 
-	set_ssl_protocol_to_tls_1_0
+	set_secure_protocol_to_tls_1_0
 			-- Set `ssl_protocol' with `Tls_1_0'.
 		do
-			set_tls_protocol ({SSL_PROTOCOL}.Tls_1_0)
+			set_secure_protocol ({SSL_PROTOCOL}.Tls_1_0)
 		end
 
-	set_ssl_protocol_to_tls_1_1
+	set_secure_protocol_to_tls_1_1
 			-- Set `ssl_protocol' with `Tls_1_1'.
 		do
-			set_tls_protocol ({SSL_PROTOCOL}.Tls_1_1)
+			set_secure_protocol ({SSL_PROTOCOL}.Tls_1_1)
 		end
 
-	set_ssl_protocol_to_tls_1_2
+	set_secure_protocol_to_tls_1_2
 			-- Set `ssl_protocol' with `Tls_1_2'.
 		do
-			set_tls_protocol ({SSL_PROTOCOL}.Tls_1_2)
+			set_secure_protocol ({SSL_PROTOCOL}.Tls_1_2)
 		end
 
-	set_ssl_protocol_to_dtls_1_0
+	set_secure_protocol_to_dtls_1_0
 			-- Set `ssl_protocol' with `Dtls_1_0'.
 		do
-			set_tls_protocol ({SSL_PROTOCOL}.Dtls_1_0)
+			set_secure_protocol ({SSL_PROTOCOL}.Dtls_1_0)
 		end
 
 feature -- Input

library/network/http_network/src/ssl/http_stream_secure_socket_ext.e

@@ -6,7 +6,7 @@ note
 		]"
 
 deferred class
-	HTTP_STREAM_SSL_SOCKET_EXT
+	HTTP_STREAM_SECURE_SOCKET_EXT
 
 feature {NONE} -- SSL bridge
 

library/network/http_network/src/until_16_05/ssl/http_stream_secure_socket_ext.e

@@ -6,7 +6,7 @@ note
 		]"
 
 deferred class
-	HTTP_STREAM_SSL_SOCKET_EXT
+	HTTP_STREAM_SECURE_SOCKET_EXT
 
 feature {NONE} -- SSL bridge
 

library/network/websocket/client/example/ws_client/ws_client-safe.ecf

@@ -20,6 +20,6 @@
 		<setting name="concurrency" value="thread"/>
 	</target>
 	<target name="ws_client_ssl" extends="ws_client">
-		<variable name="net_ssl_enabled" value="true"/>
+		<variable name="ssl_enabled" value="true"/>
 	</target>
 </system>

library/network/websocket/client/src/no_ssl/web_socket_client.e

@@ -14,14 +14,14 @@ inherit
 
 feature -- Status report
 
-	is_ssl_supported: BOOLEAN = False
+	is_secure_connection_supported: BOOLEAN = False
 
 feature -- Factory
 
 	new_socket (a_port: INTEGER; a_host: STRING): HTTP_STREAM_SOCKET
 		do
-			if is_tunneled then
-				check ssl_supported: False end
+			if is_secure then
+				check is_secure_connection_supported: False end
 			end
 			create {HTTP_STREAM_SOCKET} Result.make_client_by_port (a_port, a_host)
 		end

library/network/websocket/client/src/ssl/web_socket_client.e

@@ -14,37 +14,37 @@ inherit
 
 feature -- Status report
 
-	is_ssl_supported: BOOLEAN = True
+	is_secure_connection_supported: BOOLEAN = True
 
 feature -- Factory
 
 	new_socket (a_port: INTEGER; a_host: STRING): HTTP_STREAM_SOCKET
 		local
-			l_ssl: HTTP_STREAM_SSL_SOCKET
+			l_secure: HTTP_STREAM_SECURE_SOCKET
 		do
-			if is_tunneled then
-				create l_ssl.make_client_by_port (a_port, a_host)
-				Result := l_ssl
-				if attached ssl_protocol as l_prot then
+			if is_secure then
+				create l_secure.make_client_by_port (a_port, a_host)
+				Result := l_secure
+				if attached secure_protocol as l_prot then
 					if l_prot.is_case_insensitive_equal ("ssl_2_3") then
-						l_ssl.set_ssl_protocol_to_ssl_2_or_3
+						l_secure.set_secure_protocol_to_ssl_2_or_3
 					elseif l_prot.is_case_insensitive_equal ("tls_1_0") then
-						l_ssl.set_ssl_protocol_to_tls_1_0
+						l_secure.set_secure_protocol_to_tls_1_0
 					elseif l_prot.is_case_insensitive_equal ("tls_1_1") then
-						l_ssl.set_ssl_protocol_to_tls_1_1
+						l_secure.set_secure_protocol_to_tls_1_1
 					elseif l_prot.is_case_insensitive_equal ("tls_1_2") then
-						l_ssl.set_ssl_protocol_to_tls_1_2
+						l_secure.set_secure_protocol_to_tls_1_2
 					elseif l_prot.is_case_insensitive_equal ("dtls_1_0") then
-						l_ssl.set_ssl_protocol_to_dtls_1_0
+						l_secure.set_secure_protocol_to_dtls_1_0
 					else -- Default
-						l_ssl.set_ssl_protocol_to_tls_1_2
+						l_secure.set_secure_protocol_to_tls_1_2
 					end
 				end
-				if attached ssl_key_file as k then
-					l_ssl.set_key_file_path (k)
+				if attached secure_certificate_file as c then
+					l_secure.set_certificate_file_path (c)
 				end
-				if attached ssl_certificate_file as c then
-					l_ssl.set_certificate_file_path (c)
+				if attached secure_certificate_key_file as k then
+					l_secure.set_key_file_path (k)
 				end
 			else
 				create {HTTP_STREAM_SOCKET} Result.make_client_by_port (a_port, a_host)

library/network/websocket/client/src/web_socket.e

@@ -11,7 +11,6 @@ deferred class
 	WEB_SOCKET
 
 inherit
-
 	WEB_SOCKET_CONSTANTS
 
 feature -- Access
@@ -37,7 +36,7 @@ feature -- Access
 			-- Has the result fo protocol negotiation between client and the server
 			-- By default it's an empty string.
 
-	is_tunneled: BOOLEAN
+	is_secure: BOOLEAN
 			-- Is the current connection tunneled over TLS/SSL?
 		local
 			l_uri: STRING

library/network/websocket/client/src/web_socket_client_i.e

@@ -10,7 +10,6 @@ deferred class
 	WEB_SOCKET_CLIENT_I
 
 inherit
-
 	WEB_SOCKET_SUBSCRIBER
 		redefine
 			on_websocket_error,
@@ -106,39 +105,39 @@ feature -- Access
 	server_handshake: WEB_SOCKET_HANDSHAKE_DATA
 			-- Handshake data received from the server
 
-feature -- Access: ssl
+feature -- Access: secure
 
-	is_ssl_supported: BOOLEAN
+	is_secure_connection_supported: BOOLEAN
 			-- Is SSL supported?
 		deferred
 		end
 
-	ssl_protocol: detachable READABLE_STRING_GENERAL
-			-- SSL protocol , if `is_ssl_supported'.
+	secure_protocol: detachable READABLE_STRING_GENERAL
+			-- SSL protocol , if `is_secure_connection_supported'.
 
-	ssl_certificate_file: detachable PATH
-			-- SSL certificate file , if `is_ssl_supported'.
+	secure_certificate_file: detachable PATH
+			-- SSL certificate file , if `is_secure_connection_supported'.
 
-	ssl_key_file: detachable PATH
-			-- SSL key file , if `is_ssl_supported'.
+	secure_certificate_key_file: detachable PATH
+			-- SSL key file , if `is_secure_connection_supported'.
 
 feature -- Element change
 
-	set_ssl_protocol (a_prot: like ssl_protocol)
+	set_secure_protocol (a_prot: like secure_protocol)
 		do
-			ssl_protocol := a_prot
+			secure_protocol := a_prot
 		end
 
-	set_ssl_certificate_file (p: detachable PATH)
+	set_secure_certificate_file (p: detachable PATH)
 			-- Set SSL certificate from file at `p'.
 		do
-			ssl_certificate_file := p
+			secure_certificate_file := p
 		end
 
-	set_ssl_key_file (p: detachable PATH)
+	set_secure_certificate_key_file (p: detachable PATH)
 			-- Set SSL key from file at `p'.
 		do
-			ssl_key_file := p
+			secure_certificate_key_file := p
 		end
 
 feature -- Events API
@@ -346,7 +345,7 @@ feature {NONE} -- Implementation
 
 	set_default_port
 		do
-			if is_tunneled then
+			if is_secure then
 				port := wss_port_default
 			else
 				port := ws_port_default

library/network/websocket/client/src/web_socket_impl.e

@@ -27,8 +27,8 @@ feature {NONE} -- Initialization
 			create ready_state.make
 		ensure
 			uri_set: a_uri = uri
-			port_wss: is_tunneled implies port = wss_port_default
-			port_ws: not is_tunneled implies port = ws_port_default
+			port_wss: is_secure implies port = wss_port_default
+			port_ws: not is_secure implies port = ws_port_default
 			ready_state_set: ready_state.state = {WEB_SOCKET_READY_STATE}.connecting
 			subscriber_set: subscriber = a_subscriber
 			protocol_set: protocol.is_empty
@@ -58,8 +58,8 @@ feature {NONE} -- Initialization
 			create ready_state.make
 		ensure
 			uri_set: a_uri = uri
-			port_wss: is_tunneled implies port = wss_port_default
-			port_ws: not is_tunneled implies port = ws_port_default
+			port_wss: is_secure implies port = wss_port_default
+			port_ws: not is_secure implies port = ws_port_default
 			protocols_set: protocols = a_protocols
 			ready_state_set: ready_state.state = {WEB_SOCKET_READY_STATE}.connecting
 			subscriber_set: subscriber = a_subscriber
@@ -214,7 +214,7 @@ feature {NONE} -- Implementation
 
 	set_default_port
 		do
-			if is_tunneled then
+			if is_secure then
 				port := wss_port_default
 			else
 				port := ws_port_default

library/network/websocket/client/web_socket_client.ecf

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="web_socket_client" uuid="934F36F1-D417-4695-A5A9-2D005B35BB1B" library_target="web_socket_client">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="web_socket_client" uuid="EE010507-597F-4FAD-8EFA-B7251E800911" library_target="web_socket_client">
 	<target name="web_socket_client">
 		<root all_classes="true"/>
 		<file_rule>
@@ -16,47 +16,28 @@
 		<library name="crypto" location="$ISE_LIBRARY\unstable\library\text\encryption\crypto\crypto.ecf"/>
 		<library name="encoder" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\text\encoder\encoder.ecf"/>
 		<library name="net" location="$ISE_LIBRARY\library\net\net.ecf"/>
-		<library name="net_ssl" location="$ISE_LIBRARY\unstable\library\network\socket\netssl\net_ssl.ecf">
-			<condition>
-				<custom name="client_ssl_disabled" excluded_value="true"/>
-			</condition>
-		</library>
 		<library name="thread" location="$ISE_LIBRARY\library\thread\thread.ecf"/>
 		<library name="uri" location="$ISE_LIBRARY\library\text\uri\uri.ecf"/>
+		<library name="lib_http_network" location="..\..\http_network\http_network.ecf"/>
 		<library name="lib_web_socket_protocol" location="..\protocol\web_socket_protocol.ecf"/>
 		<cluster name="web_socket_client" location=".\src\" recursive="true">
 			<file_rule>
-				<exclude>/socket$</exclude>
 				<exclude>/no_ssl$</exclude>
 				<exclude>/ssl$</exclude>
 				<exclude>/spec$</exclude>
 			</file_rule>
 			<cluster name="ssl" location="$|ssl\" recursive="true">
 				<condition>
-					<custom name="client_ssl_disabled" excluded_value="true"/>
+					<custom name="ssl_enabled" value="true"/>
+				</condition>
+				<condition>
+					<custom name="net_ssl_enabled" value="true"/>
 				</condition>
 			</cluster>
 			<cluster name="no_ssl" location="$|no_ssl\" recursive="true">
 				<condition>
-					<custom name="client_ssl_disabled" value="true"/>
-				</condition>
-			</cluster>
-			<cluster name="socket" location="$|socket\">
-				<file_rule>
-					<exclude>/tcp_stream_socket.e$</exclude>
-					<condition>
-						<version type="compiler" max="15.2.0.0"/>
-					</condition>
-				</file_rule>
-				<cluster name="socket_ssl" location="$|ssl\" recursive="true" hidden="true">
-					<condition>
-						<custom name="client_ssl_disabled" excluded_value="true"/>
-					</condition>
-				</cluster>
-			</cluster>
-			<cluster name="spec_before_15_01" location="$|spec\before_15_01\" recursive="true">
-				<condition>
-					<version type="compiler" max="15.2.0.0"/>
+					<custom name="ssl_enabled" excluded_value="true"/>
+					<custom name="net_ssl_enabled" excluded_value="true"/>
 				</condition>
 			</cluster>
 		</cluster>

library/network/websocket/server/example/echo_websocket_server/application.e

@@ -23,8 +23,8 @@ feature {NONE} -- Initialization
 			opts.set_verbose_level ("debug")
 
 			opts.set_ssl_enabled (True) -- If SSL is supported
-			opts.set_ssl_ca_crt ("C:\OpenSSL-Win64\bin\ca.crt") -- Change to use your own crt file.
-			opts.set_ssl_ca_key ("C:\OpenSSL-Win64\bin\ca.key") -- Change to use your own key file.
+			opts.set_ssl_ca_crt ("ca.crt") -- Change to use your own crt file.
+			opts.set_ssl_ca_key ("ca.key") -- Change to use your own key file.
 
 			opts.set_port (default_port_number)
 		end

library/network/websocket/server/example/echo_websocket_server/ca.crt

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICWDCCAcGgAwIBAgIJAJnXGtV+PtiYMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTUwNDAzMjIxNTA0WhcNMTYwNDAyMjIxNTA0WjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDFMK6ojzg+KlklhTossR13c51izMgGc3B0z9ttfHIcx2kxra3HtHcKIl5wSUvn
+G8zmSyFAyQTs5LUv65q46FM9qU8tP+vTeFCfNXvjRcIEpouta3J53K0xuUlxz4d4
+4D6qvdDWAez/0AkI4y5etW5zXtg7IQorJhsI9TmfGuruzwIDAQABo1AwTjAdBgNV
+HQ4EFgQUbWpk2HoHa0YqpEwr7CGEatBFTMkwHwYDVR0jBBgwFoAUbWpk2HoHa0Yq
+pEwr7CGEatBFTMkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAi+h4/
+IgEocWkdRZBKHEcTrRxz5WhEDJMoVo9LhnXvCfn1G/4p6Un6sYv7Xzpi9NuSY8uV
+cjfJJXhtF3AtyZ70iTAxWaRWjGaZ03PYOjlledJ5rqJEt6CCn8m+JsfznduZvbxQ
+zQ6jCLXfyD/tvemB+yYEI3NntvRKx5/zt6Q26Q==
+-----END CERTIFICATE-----

library/network/websocket/server/example/echo_websocket_server/ca.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDFMK6ojzg+KlklhTossR13c51izMgGc3B0z9ttfHIcx2kxra3H
+tHcKIl5wSUvnG8zmSyFAyQTs5LUv65q46FM9qU8tP+vTeFCfNXvjRcIEpouta3J5
+3K0xuUlxz4d44D6qvdDWAez/0AkI4y5etW5zXtg7IQorJhsI9TmfGuruzwIDAQAB
+AoGAR5efMg+dieRyLU8rieJcImxVbfOPg9gRsjdtIVkXTR+RL7ow59q7hXBo/Td/
+WU8cm1gXoJ/bK+71YYqWyB+BaLRIWvRWb7Gdw203tu4e136Ca5uuY+71qdbVTVcl
+NQ7J+T+eAQFP+a+DdT3ZQxu9eze87SMbu6i5YSpIk2kusOECQQDunv/DQ+nc+NgR
+DF+Td3sNYUVRT9a1CWi6abAG6reXwp8MS4NobWDf+Ps4JODhEEwlIdq5qL7qqYBZ
+Gc1TJJ53AkEA0404Fn6vAzzegBcS4RLlYTK7nMr0m4pMmDMCI6YzAYdMmKHp1e6f
+IwxSmQrmwyAgwcT01bc0+A8yipcC2BWQaQJBAJ01QZm635OGmos41KsKF5bsE8gL
+SpBBH69Yu/ECqGwie7iU84FUNnO4zIHjwghlPVVlZX3Vz9o4S+fn2N9DC+cCQGyZ
+QyCxGdC0r5fbwHJQS/ZQn+UGfvlVzqoXDVMVn3t6ZES6YZrT61eHnOM5qGqklIxE
+Old3vDZXPt/MU8Zvk3kCQBOgUx2VxvTrHN37hk9/QIDiM62+RenBm1M3ah8xTosf
+1mSeEb6d9Kwb3TgPBmA7YXzJuAQfRIvEPMPxT5SSr6Q=
+-----END RSA PRIVATE KEY-----

library/network/websocket/server/example/echo_websocket_server/echo_websocket_server-safe.ecf

@@ -32,18 +32,16 @@
 		<root class="APPLICATION" feature="make_and_launch"/>
 		<option concurrency="thread" root_concurrency="thread">
 		</option>
-		<variable name="httpd_ssl_enabled" value="true"/>
 	</target>
-	<target name="echo_websocket_server_mt_no_ssl" extends="echo_websocket_server_mt">
-		<variable name="httpd_ssl_enabled" value="false"/>
+	<target name="echo_websocket_server_mt_ssl" extends="echo_websocket_server_mt">
+		<variable name="ssl_enabled" value="true"/>
 	</target>
 	<target name="echo_websocket_server_scoop" extends="common">
 		<root class="APPLICATION" feature="make_and_launch"/>
 		<option concurrency="scoop" root_concurrency="scoop">
 		</option>
+	</target>
+	<target name="echo_websocket_server_scoop_ssl" extends="echo_websocket_server_scoop">
 		<variable name="httpd_ssl_enabled" value="true"/>
 	</target>
-	<target name="echo_websocket_server_scoop_no_ssl" extends="echo_websocket_server_scoop">
-		<variable name="httpd_ssl_enabled" value="false"/>
-	</target>
 </system>

library/server/httpd/configuration/httpd_configuration_i.e

@@ -23,8 +23,8 @@ feature {NONE} -- Initialization
 			keep_alive_timeout := default_keep_alive_timeout
 			max_keep_alive_requests := default_max_keep_alive_requests
 			is_secure := False
-			create ca_crt.make_empty
-			create ca_key.make_empty
+			create secure_certificate.make_empty
+			create secure_certificate_key.make_empty
 		end
 
 feature -- Access
@@ -75,8 +75,8 @@ feature -- Access
 			-- To disable KeepAlive, set `max_keep_alive_requests' to 0.
 			-- By default: 100 .
 
-	has_ssl_support: BOOLEAN
-			-- Has SSL support?
+	has_secure_support: BOOLEAN
+			-- Has SSL/TLS secure support?
 		deferred
 		end
 
@@ -96,30 +96,30 @@ feature -- Access: SSL
 	is_secure: BOOLEAN
 			 -- Is SSL/TLS session?.
 
-	ca_crt: detachable IMMUTABLE_STRING_32
+	secure_certificate: detachable IMMUTABLE_STRING_32
 			-- the signed certificate.
 
-	ca_key: detachable IMMUTABLE_STRING_32
-			-- private key to the certificate.
+	secure_certificate_key: detachable IMMUTABLE_STRING_32
+			-- private key to the certificate authority.
 
-	ssl_protocol: NATURAL
+	secure_protocol: NATURAL
 			-- By default protocol is tls 1.2.
 
 feature -- Element change
 
-	set_ssl_settings (v: detachable separate TUPLE [protocol: separate READABLE_STRING_GENERAL; ca_crt, ca_key: detachable separate READABLE_STRING_GENERAL])
+	set_secure_settings (v: detachable separate TUPLE [protocol: separate READABLE_STRING_GENERAL; ca_crt, ca_key: detachable separate READABLE_STRING_GENERAL])
 		local
 			prot: STRING_32
 		do
 			is_secure := False
-			ca_crt := Void
-			ca_key := Void
+			secure_certificate := Void
+			secure_certificate_key := Void
 			if v /= Void then
 				is_secure := True
 				create prot.make_from_separate (v.protocol)
-				set_ssl_protocol_from_string (prot)
-				set_ca_crt (v.ca_crt)
-				set_ca_key (v.ca_key)
+				set_secure_protocol_from_string (prot)
+				set_secure_certificate (v.ca_crt)
+				set_secure_certificate_key (v.ca_key)
 			end
 		end
 
@@ -229,7 +229,7 @@ feature -- Element change
 	set_is_secure (b: BOOLEAN)
 			-- Set `is_secure' to `b'.
 		do
-			if b and has_ssl_support then
+			if b and has_secure_support then
 				is_secure := True
 				if
 					http_server_port = 80
@@ -245,8 +245,8 @@ feature -- Element change
 				end
 			end
 		ensure
-			is_secure_set: has_ssl_support implies is_secure
-			is_not_secure: not has_ssl_support implies not is_secure
+			is_secure_set: has_secure_support implies is_secure
+			is_not_secure: not has_secure_support implies not is_secure
 		end
 
 	mark_secure
@@ -254,84 +254,84 @@ feature -- Element change
 		do
 			set_is_secure (True)
 		ensure
-			is_secure_set: has_ssl_support implies is_secure
-			-- http_server_port_set: has_ssl_support implies http_server_port = 443
-			is_not_secure: not has_ssl_support implies not is_secure
-			-- default_port: not has_ssl_support implies http_server_port = 80
+			is_secure_set: has_secure_support implies is_secure
+			-- http_server_port_set: has_secure_support implies http_server_port = 443
+			is_not_secure: not has_secure_support implies not is_secure
+			-- default_port: not has_secure_support implies http_server_port = 80
 		end
 
 feature -- Element change
 
-	set_ca_crt (a_value: detachable separate READABLE_STRING_GENERAL)
-			-- Set `ca_crt' from `a_value'.
+	set_secure_certificate (a_value: detachable separate READABLE_STRING_GENERAL)
+			-- Set `secure_certificate' from `a_value'.
 		do
 			if a_value /= Void then
-				create ca_crt.make_from_separate (a_value)
+				create secure_certificate.make_from_separate (a_value)
 			else
-				ca_crt := Void
+				secure_certificate := Void
 			end
 		end
 
-	set_ca_key (a_value: detachable separate READABLE_STRING_GENERAL)
-			-- Set `ca_key' with `a_value'.
+	set_secure_certificate_key (a_value: detachable separate READABLE_STRING_GENERAL)
+			-- Set `secure_certificate_key' with `a_value'.
 		do
 			if a_value /= Void then
-				create ca_key.make_from_separate (a_value)
+				create secure_certificate_key.make_from_separate (a_value)
 			else
-				ca_key := Void
+				secure_certificate_key := Void
 			end
 		end
 
-	set_ssl_protocol  (a_version: NATURAL)
-			-- Set `ssl_protocol' with `a_version'
+	set_secure_protocol (a_version: NATURAL)
+			-- Set `secure_protocol' with `a_version'
 		do
-			ssl_protocol := a_version
+			secure_protocol := a_version
 		ensure
-			ssl_protocol_set: ssl_protocol = a_version
+			secure_protocol_set: secure_protocol = a_version
 		end
 
-	set_ssl_protocol_from_string (a_ssl_version: READABLE_STRING_GENERAL)
-			-- Set `ssl_protocol' with `a_ssl_version'
+	set_secure_protocol_from_string (a_ssl_version: READABLE_STRING_GENERAL)
+			-- Set `secure_protocol' with `a_ssl_version'
 		do
 			if a_ssl_version.is_case_insensitive_equal ("ssl_2_3") then
-				set_ssl_protocol_to_ssl_2_or_3
+				set_secure_protocol_to_ssl_2_or_3
 			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_0") then
-				set_ssl_protocol_to_tls_1_0
+				set_secure_protocol_to_tls_1_0
 			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_1") then
-				set_ssl_protocol_to_tls_1_1
+				set_secure_protocol_to_tls_1_1
 			elseif a_ssl_version.is_case_insensitive_equal ("tls_1_2") then
-				set_ssl_protocol_to_tls_1_2
+				set_secure_protocol_to_tls_1_2
 			elseif a_ssl_version.is_case_insensitive_equal ("dtls_1_0") then
-				set_ssl_protocol_to_dtls_1_0
+				set_secure_protocol_to_dtls_1_0
 			else -- Default
-				set_ssl_protocol_to_tls_1_2
+				set_secure_protocol_to_tls_1_2
 			end
 		end
 
 feature -- SSL Helpers
 
-	set_ssl_protocol_to_ssl_2_or_3
-			-- Set `ssl_protocol' with `Ssl_23'.
+	set_secure_protocol_to_ssl_2_or_3
+			-- Set `secure_protocol' with `Ssl_23'.
 		deferred
 		end
 
-	set_ssl_protocol_to_tls_1_0
-			-- Set `ssl_protocol' with `Tls_1_0'.
+	set_secure_protocol_to_tls_1_0
+			-- Set `secure_protocol' with `Tls_1_0'.
 		deferred
 		end
 
-	set_ssl_protocol_to_tls_1_1
-			-- Set `ssl_protocol' with `Tls_1_1'.
+	set_secure_protocol_to_tls_1_1
+			-- Set `secure_protocol' with `Tls_1_1'.
 		deferred
 		end
 
-	set_ssl_protocol_to_tls_1_2
-			-- Set `ssl_protocol' with `Tls_1_2'.
+	set_secure_protocol_to_tls_1_2
+			-- Set `secure_protocol' with `Tls_1_2'.
 		deferred
 		end
 
-	set_ssl_protocol_to_dtls_1_0
-			-- Set `ssl_protocol' with `Dtls_1_0'.
+	set_secure_protocol_to_dtls_1_0
+			-- Set `secure_protocol' with `Dtls_1_0'.
 		deferred
 		end
 

library/server/httpd/configuration/httpd_constants.e

@@ -9,6 +9,9 @@ note
 deferred class
 	HTTPD_CONSTANTS
 
+inherit
+	HTTP_SECURE_HELPER
+
 feature -- Default connection settings
 
 	default_http_server_port: INTEGER = 80

library/server/httpd/httpd-safe.ecf

@@ -65,4 +65,7 @@
 			</cluster>
 		</cluster>
 	</target>
+	<target name="httpd_ssl" extends="httpd">
+		<variable name="ssl_enabled" value="true" />
+	</target>
 </system>

library/server/httpd/httpd_request_handler_i.e

@@ -525,7 +525,7 @@ feature -- Parsing
 				if a_socket.was_error then
 					report_error ("Socket error")
 					if is_verbose then
-						log (request_header +"%N" + Result + "%N## was_error=False! ##", debug_level)
+						log (request_header +"%N" + Result + "%N## Network error: " + a_socket.error + " ##", debug_level)
 					end
 				end
 			else

library/server/httpd/httpd_server_i.e

@@ -113,7 +113,7 @@ feature -- Execution
 				log ("  - socket_recv_timeout = " + configuration.socket_recv_timeout.out + " seconds")
 				log ("  - keep_alive_timeout = " + configuration.keep_alive_timeout.out + " seconds")
 				log ("  - max_keep_alive_requests = " + configuration.max_keep_alive_requests.out)
-				if configuration.has_ssl_support then
+				if configuration.has_secure_support then
 					if configuration.is_secure then
 						log ("  - SSL = enabled")
 					else

library/server/httpd/network/httpd_socket_factory.e

@@ -11,7 +11,7 @@ feature -- Access
 	new_client_socket (a_is_secure: BOOLEAN): HTTPD_STREAM_SOCKET
 		do
 			if a_is_secure then
-				create {HTTPD_STREAM_SSL_SOCKET} Result.make_empty
+				create {HTTPD_STREAM_SECURE_SOCKET} Result.make_empty
 			else
 				create Result.make_empty
 			end

library/server/httpd/network/httpd_stream_secure_socket.e

@@ -6,10 +6,10 @@ note
 	revision: "$Revision$"
 
 class
-	HTTPD_STREAM_SSL_SOCKET
+	HTTPD_STREAM_SECURE_SOCKET
 
 inherit
-	HTTP_STREAM_SSL_SOCKET
+	HTTP_STREAM_SECURE_SOCKET
 
 	HTTPD_STREAM_SOCKET
 		undefine
@@ -27,7 +27,7 @@ inherit
 			read_stream_noexception,
 			read_into_pointer_noexception,
 			put_pointer_content_noexception,
-			is_ssl_supported
+			is_secure_connection_supported
 		end
 
 create

library/server/httpd/no_ssl/httpd_configuration.e

@@ -16,38 +16,38 @@ feature -- Status
 
 	Server_details: STRING_8 = "Server: Standalone Eiffel Server"
 
-	has_ssl_support: BOOLEAN = False
+	has_secure_support: BOOLEAN = False
 			-- Precursor
 
 feature -- SSL Helpers
 
-	set_ssl_protocol_to_ssl_2_or_3
-			-- Set `ssl_protocol' with `Ssl_23'.
+	set_secure_protocol_to_ssl_2_or_3
+			-- Set `secure_protocol' with `Ssl_23'.
 		do
 				-- Ignored
 		end
 
 
-	set_ssl_protocol_to_tls_1_0
-			-- Set `ssl_protocol' with `Tls_1_0'.
+	set_secure_protocol_to_tls_1_0
+			-- Set `secure_protocol' with `Tls_1_0'.
 		do
 				-- Ignored
 		end
 
-	set_ssl_protocol_to_tls_1_1
-			-- Set `ssl_protocol' with `Tls_1_1'.
+	set_secure_protocol_to_tls_1_1
+			-- Set `secure_protocol' with `Tls_1_1'.
 		do
 				-- Ignored
 		end
 
-	set_ssl_protocol_to_tls_1_2
-			-- Set `ssl_protocol' with `Tls_1_2'.
+	set_secure_protocol_to_tls_1_2
+			-- Set `secure_protocol' with `Tls_1_2'.
 		do
 				-- Ignored
 		end
 
-	set_ssl_protocol_to_dtls_1_0
-			-- Set `ssl_protocol' with `Dtls_1_0'.
+	set_secure_protocol_to_dtls_1_0
+			-- Set `secure_protocol' with `Dtls_1_0'.
 		do
 				-- Ignored
 		end

library/server/httpd/ssl/httpd_configuration.e

@@ -21,48 +21,48 @@ feature {NONE} -- Initialization
 			-- Create a new instance and set ssl protocol to tls_1_2.
 		do
 			Precursor
-			set_ssl_protocol_to_tls_1_2
+			set_secure_protocol_to_tls_1_2
 		ensure then
-			ssl_protocol_set: ssl_protocol = {SSL_PROTOCOL}.tls_1_2
+			secure_protocol_set: secure_protocol = {SSL_PROTOCOL}.tls_1_2
 		end
 
 feature -- Access
 
-	Server_details: STRING_8 = "Server: Standalone Eiffel Server (https)"
+	Server_details: STRING_8 = "Server: Standalone Eiffel Server (secure)"
 
-	has_ssl_support: BOOLEAN = True
+	has_secure_support: BOOLEAN = True
 			-- Precursor		
 
 feature -- SSL Helpers
 
-	set_ssl_protocol_to_ssl_2_or_3
-			-- Set `ssl_protocol' with `Ssl_23'.
+	set_secure_protocol_to_ssl_2_or_3
+			-- Set `secure_protocol' with `Ssl_23'.
 		do
-			set_ssl_protocol ({SSL_PROTOCOL}.Ssl_23)
+			set_secure_protocol ({SSL_PROTOCOL}.Ssl_23)
 		end
 
-	set_ssl_protocol_to_tls_1_0
-			-- Set `ssl_protocol' with `Tls_1_0'.
+	set_secure_protocol_to_tls_1_0
+			-- Set `secure_protocol' with `Tls_1_0'.
 		do
-			set_ssl_protocol ({SSL_PROTOCOL}.Tls_1_0)
+			set_secure_protocol ({SSL_PROTOCOL}.Tls_1_0)
 		end
 
-	set_ssl_protocol_to_tls_1_1
-			-- Set `ssl_protocol' with `Tls_1_1'.
+	set_secure_protocol_to_tls_1_1
+			-- Set `secure_protocol' with `Tls_1_1'.
 		do
-			set_ssl_protocol ({SSL_PROTOCOL}.Tls_1_1)
+			set_secure_protocol ({SSL_PROTOCOL}.Tls_1_1)
 		end
 
-	set_ssl_protocol_to_tls_1_2
-			-- Set `ssl_protocol' with `Tls_1_2'.
+	set_secure_protocol_to_tls_1_2
+			-- Set `secure_protocol' with `Tls_1_2'.
 		do
-			set_ssl_protocol ({SSL_PROTOCOL}.Tls_1_2)
+			set_secure_protocol ({SSL_PROTOCOL}.Tls_1_2)
 		end
 
-	set_ssl_protocol_to_dtls_1_0
-			-- Set `ssl_protocol' with `Dtls_1_0'.
+	set_secure_protocol_to_dtls_1_0
+			-- Set `secure_protocol' with `Dtls_1_0'.
 		do
-			set_ssl_protocol ({SSL_PROTOCOL}.Dtls_1_0)
+			set_secure_protocol ({SSL_PROTOCOL}.Dtls_1_0)
 		end
 
 

library/server/httpd/ssl/httpd_server.e

@@ -1,6 +1,6 @@
 note
 	description: "[
-			SSL enabled server
+			SECURE enabled server
 		]"
 	date: "$Date$"
 	revision: "$Revision$"
@@ -21,24 +21,24 @@ feature {NONE} -- Factory
 
 	new_listening_socket (a_addr: detachable INET_ADDRESS; a_http_port: INTEGER): HTTPD_STREAM_SOCKET
 		local
-			s_ssl: HTTPD_STREAM_SSL_SOCKET
+			s_secure: HTTPD_STREAM_SECURE_SOCKET
 		do
 			if configuration.is_secure then
 				if a_addr /= Void then
-					create s_ssl.make_server_by_address_and_port (a_addr, a_http_port)
-					Result := s_ssl
+					create s_secure.make_server_by_address_and_port (a_addr, a_http_port)
+					Result := s_secure
 				else
-					create s_ssl.make_server_by_port (a_http_port)
+					create s_secure.make_server_by_port (a_http_port)
 				end
-				s_ssl.set_tls_protocol (configuration.ssl_protocol)
-				if attached configuration.ca_crt as l_crt then
-					s_ssl.set_certificate_file_name (l_crt)
+				s_secure.set_tls_protocol (configuration.secure_protocol)
+				if attached configuration.secure_certificate as l_crt then
+					s_secure.set_certificate_file_name (l_crt)
 				end
-				if attached configuration.ca_key as l_key then
-					s_ssl.set_key_file_name (l_key)
+				if attached configuration.secure_certificate_key as l_key then
+					s_secure.set_key_file_name (l_key)
 				end
 
-				Result := s_ssl
+				Result := s_secure
 			else
 				Result := Precursor (a_addr, a_http_port)
 			end

library/server/wsf/connector/standalone/wsf_standalone_service_launcher.e

@@ -116,10 +116,16 @@ feature {NONE} -- Initialization
 				max_keep_alive_requests := opts.option_integer_value ("max_keep_alive_requests", max_keep_alive_requests)
 
 				if
-					opts.option_boolean_value ("ssl_enabled", ssl_enabled) and then
+					opts.option_boolean_value ("is_secure", is_secure) and then
+					attached opts.option_string_32_value ("secure_protocol", "tls_1_2") as l_secure_prot
+				then
+					secure_settings := [l_secure_prot, opts.option_string_32_value ("secure_certificate", Void), opts.option_string_32_value ("secure_certificate_key", Void)]
+				elseif
+						-- OBSOLETE: backward compatible with old settings name [oct/2016].
+					opts.option_boolean_value ("ssl_enabled", is_secure) and then
 					attached opts.option_string_32_value ("ssl_protocol", "tls_1_2") as ssl_prot
 				then
-					ssl_settings := [ssl_prot, opts.option_string_32_value ("ssl_ca_crt", Void), opts.option_string_32_value ("ssl_ca_key", Void)]
+					secure_settings := [ssl_prot, opts.option_string_32_value ("ssl_ca_crt", Void), opts.option_string_32_value ("ssl_ca_key", Void)]
 				end
 			end
 
@@ -143,7 +149,7 @@ feature -- Execution
 		do
 			cfg.set_is_verbose (verbose)
 			cfg.set_verbose_level (verbose_level)
-			cfg.set_ssl_settings (ssl_settings)
+			cfg.set_secure_settings (secure_settings)
 			cfg.set_http_server_name (server_name)
 			cfg.http_server_port := port_number
 			cfg.set_max_concurrent_connections (max_concurrent_connections)
@@ -165,7 +171,7 @@ feature -- Execution
 			debug ("ew_standalone")
 				if verbose then
 					io.error.put_string ("Launching standalone web server on port " + port_number.out)
-					if ssl_enabled then
+					if is_secure then
 						io.error.put_string ("%N https://")
 					else
 						io.error.put_string ("%N http://")
@@ -213,26 +219,36 @@ feature {NONE} -- Implementation
 			-- Help defining the verbosity.
 			-- The higher, the more output.
 
-	ssl_settings: detachable TUPLE [protocol: READABLE_STRING_GENERAL; ca_crt, ca_key: detachable READABLE_STRING_GENERAL]
-
-	ssl_enabled: BOOLEAN
-			-- Is secure server? i.e using SSL?
-		do
-			Result := attached ssl_settings as ssl and then attached ssl.protocol as prot and then not prot.is_whitespace
-		end
-
 	max_concurrent_connections: INTEGER
-	max_tcp_clients: INTEGER
-	socket_timeout: INTEGER
-	socket_recv_timeout: INTEGER
-	keep_alive_timeout: INTEGER	
-	max_keep_alive_requests: INTEGER
 
 	single_threaded: BOOLEAN
 		do
 			Result := max_concurrent_connections = 0
 		end
 
+	max_tcp_clients: INTEGER
+	socket_timeout: INTEGER
+	socket_recv_timeout: INTEGER
+
+	keep_alive_timeout: INTEGER
+	max_keep_alive_requests: INTEGER
+
+	is_secure_connection_supported: BOOLEAN
+			-- Is SSL supported in current compiled system?
+		do
+			Result := {WGI_STANDALONE_CONSTANTS}.is_secure_connection_supported
+		end
+
+	is_secure: BOOLEAN
+			-- Is secure server? i.e using SSL?
+		do
+			Result := attached secure_settings as l_secure_settings and then
+					attached l_secure_settings.protocol as prot and then not prot.is_whitespace
+		end
+
+	secure_settings: detachable TUPLE [protocol: READABLE_STRING_GENERAL; ca_crt, ca_key: detachable READABLE_STRING_GENERAL]
+
+
 feature -- Status report
 
 	connector: WGI_STANDALONE_CONNECTOR [G]
@@ -244,7 +260,7 @@ feature -- Status report
 		end
 
 ;note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 	source: "[
 			Eiffel Software

library/server/wsf/connector/standalone/wsf_standalone_service_options.e

@@ -11,6 +11,14 @@ class
 inherit
 	WSF_SERVICE_LAUNCHER_OPTIONS
 
+feature -- Status report
+
+	is_secure_connection_supported: BOOLEAN
+			-- Is SSL/TLS supported by current compiled system?
+		do
+			Result := {WGI_STANDALONE_CONSTANTS}.is_secure_connection_supported
+		end
+
 feature -- Access: output
 
 	is_verbose: BOOLEAN
@@ -29,13 +37,13 @@ feature -- Access: output
 
 feature -- Access: connection			
 
-	port: INTEGER
+	port: INTEGER assign set_port
 			-- Listening port number.
 		do
 			Result := option_integer_value ("port", 0)
 		end
 
-	server_name: detachable READABLE_STRING_8
+	server_name: detachable READABLE_STRING_8 assign set_server_name
 			-- Listening only for connection on `server_name' if defined.
 		do
 			if attached {READABLE_STRING_GENERAL} option ("server_name") as l_server_name and then l_server_name.is_valid_as_string_8 then
@@ -43,21 +51,21 @@ feature -- Access: connection
 			end
 		end
 
-	base_url: detachable READABLE_STRING_8
+	base_url: detachable READABLE_STRING_8 assign set_base_url
 		do
 			if attached {READABLE_STRING_GENERAL} option ("base") as l_base and then l_base.is_valid_as_string_8 then
 				Result := l_base.to_string_8
 			end
 		end
 
-	max_concurrent_connections: INTEGER
+	max_concurrent_connections: INTEGER assign set_max_concurrent_connections
 			-- Maximum of concurrent connections.
 			-- Define the size of the concurrent pool.
 		do
 			Result := option_integer_value ("max_concurrent_connections", 0)
 		end
 
-	max_tcp_clients: INTEGER
+	max_tcp_clients: INTEGER assign set_max_tcp_clients
 			-- Listen on socket for at most `queue' connections.	
 		do
 			Result := option_integer_value ("max_tcp_clients", 0)
@@ -65,7 +73,7 @@ feature -- Access: connection
 
 feature -- Access: network
 
-	socket_timeout: INTEGER
+	socket_timeout: INTEGER assign set_socket_timeout
 			-- Amount of seconds that the server waits for receipts and transmissions during communications.
 			-- note: with timeout of 0, socket can wait for ever.
 			-- By default: {HTTPD_CONFIGURATION_I}.default_socket_timeout seconds, which is appropriate for most situations.
@@ -73,7 +81,7 @@ feature -- Access: network
 			Result := option_integer_value ("socket_timeout", 0)
 		end
 
-	socket_recv_timeout: INTEGER
+	socket_recv_timeout: INTEGER assign set_socket_recv_timeout
 			-- Amount of seconds that the server waits for receiving data during communications.
 			-- note: with timeout of 0, socket can wait for ever.
 			-- By default: {HTTPD_CONFIGURATION_I}.default_socket_recv_timeout seconds.	
@@ -83,7 +91,7 @@ feature -- Access: network
 
 feature -- Access: persistent connection	
 
-	keep_alive_timeout: INTEGER
+	keep_alive_timeout: INTEGER assign set_keep_alive_timeout
 			-- Persistent connection timeout.
 			-- Number of seconds the server waits after a request has been served before it closes the connection.
 			-- Timeout unit in Seconds.
@@ -92,7 +100,7 @@ feature -- Access: persistent connection
 			Result := option_integer_value ("keep_alive_timeout", 0)
 		end
 
-	max_keep_alive_requests: INTEGER
+	max_keep_alive_requests: INTEGER assign set_max_keep_alive_requests
 			-- Maximum number of requests allowed per persistent connection.
 			-- Recommended a high setting.
 			-- To disable KeepAlive, set `max_keep_alive_requests' to 0.
@@ -103,32 +111,32 @@ feature -- Access: persistent connection
 
 feature -- Access: SSL	
 
-	ssl_enabled: BOOLEAN
+	is_secure: BOOLEAN assign set_is_secure
 			 -- Is SSL/TLS session?
 		do
-			Result := option_boolean_value ("ssl_enabled", False)
+			Result := option_boolean_value ("is_secure", False)
 		end
 
-	ssl_protocol: detachable READABLE_STRING_GENERAL
+	secure_protocol: detachable READABLE_STRING_GENERAL assign set_secure_protocol
 			-- SSL protocol name, by default TLS 1.2
 		do
-			if attached {READABLE_STRING_GENERAL} option ("ssl_protocol") as l_prot and then l_prot.is_valid_as_string_8 then
+			if attached {READABLE_STRING_GENERAL} option ("secure_protocol") as l_prot and then l_prot.is_valid_as_string_8 then
 				Result := l_prot.to_string_8
 			end
 		end
 
-	ssl_ca_crt: detachable READABLE_STRING_GENERAL
+	secure_certificate: detachable READABLE_STRING_GENERAL assign set_secure_certificate
 			-- Signed certificate.	
 		do
-			if attached {READABLE_STRING_GENERAL} option ("ssl_ca_crt") as l_ssl_ca_crt then
+			if attached {READABLE_STRING_GENERAL} option ("secure_certificate") as l_ssl_ca_crt then
 				Result := l_ssl_ca_crt
 			end
 		end
 
-	ssl_ca_key: detachable READABLE_STRING_GENERAL
+	secure_certificate_key: detachable READABLE_STRING_GENERAL assign set_secure_certificate_key
 			-- Private key for the certificate.
 		do
-			if attached {READABLE_STRING_GENERAL} option ("ssl_ca_key") as l_ssl_ca_key then
+			if attached {READABLE_STRING_GENERAL} option ("secure_certificate_key") as l_ssl_ca_key then
 				Result := l_ssl_ca_key
 			end
 		end
@@ -156,6 +164,11 @@ feature -- Element change
 			set_string_option ("server_name", v)
 		end
 
+	set_base_url (v: detachable READABLE_STRING_8)
+		do
+			set_string_option ("base_url", v)
+		end
+
 	set_max_tcp_clients (v: like max_tcp_clients)
 			-- Set `max_tcp_clients' with `v'.
 		do
@@ -192,60 +205,69 @@ feature -- Element change
 			set_numeric_option ("max_keep_alive_requests", nb)
 		end
 
-	set_ssl_enabled (b: BOOLEAN)
+	set_is_secure (b: BOOLEAN)
+			-- Set secured connection enabled to `b'.
+			-- i.e if connection is using SSL/TLS.
 		do
-			set_boolean_option ("ssl_enabled", b)
+			set_boolean_option ("is_secure", b)
 		end
 
-	set_ssl_protocol_to_ssl_2_or_3
+	set_secure_protocol_to_ssl_2_or_3
 			-- Set `ssl_protocol' with `Ssl_23'.
 		do
-			set_ssl_protocol ("ssl_2_3")
+			set_secure_protocol ("ssl_2_3")
 		end
 
-	set_ssl_protocol_to_tls_1_0
+	set_secure_protocol_to_tls_1_0
 			-- Set `ssl_protocol' with `Tls_1_0'.
 		do
-			set_ssl_protocol ("tls_1_0")
+			set_secure_protocol ("tls_1_0")
 		end
 
-	set_ssl_protocol_to_tls_1_1
+	set_secure_protocol_to_tls_1_1
 			-- Set `ssl_protocol' with `Tls_1_1'.
 		do
-			set_ssl_protocol ("tls_1_1")
+			set_secure_protocol ("tls_1_1")
 		end
 
-	set_ssl_protocol_to_tls_1_2
+	set_secure_protocol_to_tls_1_2
 			-- Set `ssl_protocol' with `Tls_1_2'.
 		do
-			set_ssl_protocol ("tls_1_2")
+			set_secure_protocol ("tls_1_2")
 		end
 
-	set_ssl_protocol_to_dtls_1_0
+	set_secure_protocol_to_dtls_1_0
 			-- Set `ssl_protocol' with `Dtls_1_0'.
 		do
-			set_ssl_protocol ("dtls_1_0")
+			set_secure_protocol ("dtls_1_0")
 		end
 
-	set_ssl_protocol (a_prot: detachable READABLE_STRING_GENERAL)
-			-- Set `ssl_protocol' with `a_version'
+	set_secure_protocol (a_prot: detachable READABLE_STRING_GENERAL)
+			-- Set `secure_protocol' with `a_version'
 		do
-			set_string_option ("ssl_protocol", a_prot)
+			set_string_option ("secure_protocol", a_prot)
 		end
 
-	set_ssl_ca_crt (a_value: detachable READABLE_STRING_GENERAL)
-			-- Set `ssl_ca_crt' from `a_value'.
+	set_secure_certificate (a_value: detachable READABLE_STRING_GENERAL)
+			-- Set `secure_certificate' from `a_value'.
 		do
-			set_string_option ("ssl_ca_crt", a_value)
+			set_string_option ("secure_certificate", a_value)
 		end
 
-	set_ssl_ca_key (a_value: detachable READABLE_STRING_GENERAL)
-			-- Set `ssl_ca_key' with `a_value'.
+	set_secure_certificate_key (a_value: detachable READABLE_STRING_GENERAL)
+			-- Set `secure_certificate_key' with `a_value'.
 		do
-			set_string_option ("ssl_ca_key", a_value)
+			set_string_option ("secure_certificate_key", a_value)
 		end
 
 note
-	copyright: "2011-2016, Javier Velilla, Jocelyn Fiat and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
+	source: "[
+			Eiffel Software
+			5949 Hollister Ave., Goleta, CA 93117 USA
+			Telephone 805-685-1006, Fax 805-685-6869
+			Website http://www.eiffel.com
+			Customer support http://support.eiffel.com
+		]"
 end

library/server/wsf/src/service/wsf_service_launcher_options.e

@@ -75,6 +75,12 @@ feature -- Merging
 			end
 		end
 
+	import_ini_file_options (a_filename: READABLE_STRING_GENERAL)
+			-- Import options from ini file `a_filename'.
+		do
+			append_options (create {WSF_SERVICE_LAUNCHER_OPTIONS_FROM_INI}.make_from_file (a_filename))
+		end
+
 feature -- Access
 
 	option (a_name: READABLE_STRING_GENERAL): detachable ANY