{-# LINE 1 "src/Hookup/OpenSSL.hsc" #-}
{-# LINE 10 "src/Hookup/OpenSSL.hsc" #-}
{-# LINE 11 "src/Hookup/OpenSSL.hsc" #-}
{-# LINE 12 "src/Hookup/OpenSSL.hsc" #-}
{-# LINE 16 "src/Hookup/OpenSSL.hsc" #-}
module Hookup.OpenSSL (installVerification) where
import Control.Monad (unless)
import Foreign.C (CString(..), CSize(..), CUInt(..), CInt(..), withCStringLen)
import Foreign.Ptr (Ptr)
import OpenSSL.Session (SSLContext, SSLContext_, withContext)
data X509_VERIFY_PARAM_
foreign import ccall unsafe "SSL_CTX_get0_param"
sslGet0Param ::
Ptr SSLContext_ ->
IO (Ptr X509_VERIFY_PARAM_)
foreign import ccall unsafe "X509_VERIFY_PARAM_set_hostflags"
x509VerifyParamSetHostflags ::
Ptr X509_VERIFY_PARAM_ ->
CUInt ->
IO ()
foreign import ccall unsafe "X509_VERIFY_PARAM_set1_host"
x509VerifyParamSet1Host ::
Ptr X509_VERIFY_PARAM_ ->
CString ->
CSize ->
IO CInt
installVerification :: SSLContext -> String -> IO ()
installVerification ctx host =
withContext ctx $ \ctxPtr ->
withCStringLen host $ \(ptr,len) ->
do param <- sslGet0Param ctxPtr
x509VerifyParamSetHostflags param
(4)
{-# LINE 60 "src/Hookup/OpenSSL.hsc" #-}
success <- x509VerifyParamSet1Host param ptr (fromIntegral len)
unless (success == 1) (fail "Unable to set verification host")