Add SSL support for HttpServer and HttpClient on VM

[sethladd]

The Dart VM does not support SSL connections. SSL is very popular for modern web services, like the Amazon web services. It would be nice to use Dart to connect to and control AWS services.

[sethladd]

Question from Stack Overflow on this topic: http://stackoverflow.com/questions/10882158/does-dart-support-client-ssl-tls-connections-yet

[sgjesse]

Marked this as being blocked by #3950.

[whesse]

This bug is for SSL support in HttpServer and HttpClient. It is blocked on SSL support in Socket and ServerSocket, which needs to be there first.

---

Set owner to @whesse.
Added this to the M1 milestone.
Removed Type-Defect, Priority-Medium labels.
Added Type-Enhancement, Priority-High, Accepted labels.

[whesse]

Issue #2678 has been merged into this issue.

---

cc @madsager.

[DartBot]

This comment was originally written by [email protected]

---

I just wanted to comment to let you know that not having HTTPS was a show-stopper for a project my company just undertook. We were willing to experiment with Dart because of its promising future, but HTTPS is critical for this project. Had to go with another language.

[jmesserly]

Marked this as blocking #5191.

[madsager]

Removed this from the M1 milestone.
Added this to the M2 milestone.

[munificent]

Note that since pub uses dart:io, this is prevents pub from using HTTPS to download packages.

[madsager]

This is in active development. We have changed directions a couple of times, but Bill is getting close with a solution that will share code across all three platforms. Changing the status of the bug to started to reflect the fact that the work is well under way.

---

Added Started label.

[munificent]

Awesome!

[sgjesse]

Marked this as blocking #5468.

[DartBot]

This comment was originally written by [email protected]

---

Will this fix also allow for secure websockets on the client and server?

[sgjesse]

When HTTPS is supported secure websockets will also be supported as the websocket protocol is an upgrade of an already established HTTP/HTTPS connection.

[nex3]

This is critical for user-accessible package uploads for pub. The command-line pub client needs to use OAuth2 to authenticate with the server, which requires the use of HTTPS.

---

Removed Priority-High label.
Added Priority-Critical label.

[nex3]

Marked this as blocking #6177.

[madsager]

Work is in progress on this. It is taking longer than anticipated but we are having the initial code reviews for the client side out for review now. It will probably take a little while (a couple of weeks at least) before this is ready for use.

[nex3]

Unmarked this as blocking #6177.

[whesse]

This has been committed in r15452 and r15450. Examples of how to use them are in tests/standalone/io/https_client_test.dart and https_server_test.dart.
An upcoming change will allow SecureSocket.initialize() (renamed from SecureSocket.setCertificateDatabase(String database)) to omit the database argument,
and rely on the built-in root certificates.

---

Added Fixed label.

[sgjesse]

Unmarked this as blocking #5468.