úÎl•i@     NoneHAbstract type representing the configuration settings for a TLS server. Use   to obtain your  value, and    to update it. HAbstract type representing the configuration settings for a TLS client. Use  or  to obtain your   value. HPrimary certificate, private key and the rest of the certificate chain. Convert client  to the format expected by . Get the system default . See , for the for the default TLS settings used. Make defaults . 0The following TLS settings are used by default: Supported versions , , . Version reported during  ClientHello . Supported cipher suites$ In decreasing order of preference:  ,   ,  !,  ",  #,  $. )Update advanced TLS client configuration %.  See the  Network.TLS module for details. A # into the TLS client configuration %.  See the  Network.TLS and the lens package for details.  Make default . 0The following TLS settings are used by default: Supported versions , , . Supported cipher suites for  $ In decreasing order of preference:  ,   ,  !,  ",  #,  $. 3 The cipher suite preferred by the client is used. Supported cipher suites for  and  $ In decreasing order of preference:  ,   ,  !,  ". 3 The cipher suite preferred by the client is used. )Update advanced TLS server configuration %.  See the  Network.TLS module for details. A # into the TLS server configuration %.  See the  Network.TLS and the lens package for details. EStart a TLS-secured TCP server that accepts incoming connections and : handles each of them concurrently, in different threads. NAny acquired network resources are properly closed and discarded when done or K in case of exceptions. This function binds a listening socket, accepts an J incoming connection, performs a TLS handshake and then safely closes the 7 connection when done or in case of exceptions. You don't need to perform any  of those steps manually. BAccepts a single incomming TLS-secured TCP connection and use it. DA TLS handshake is performed immediately after establishing the TCP M connection and the TLS and TCP connections are properly closed when done or M in case of exceptions. If you need to manage the lifetime of the connection  resources yourself, then use  instead. Like 8, except it uses a different thread to performs the TLS * handshake and run the given computation. ;Connect to a TLS-secured TCP server and use the connection DA TLS handshake is performed immediately after establishing the TCP M connection and the TLS and TCP connections are properly closed when done or M in case of exceptions. If you need to manage the lifetime of the connection  resources yourself, then use  instead. BEstalbishes a TCP connection to a remote server and returns a TLS  &) configured on top of it using the given . * The remote end address is also returned. Prefer to use # if you will be using the obtained & within a  limited scope. 5You need to perform a TLS handshake on the resulting & before using E it for communication purposes, and gracefully close the TLS and TCP # connections afterwards using. The ,  and   can help you with that. Make a client-side TLS &' for the given settings, on top of the  given TCP ' connected to the remote end. 5Accepts an incoming TCP connection and returns a TLS & configured  on top of it using the given !. The remote end address is also  returned. Prefer to use # if you will be using the obtained & within a  limited scope. 5You need to perform a TLS handshake on the resulting & before using E it for communication purposes, and gracefully close the TLS and TCP # connections afterwards using. The ,  and   can help you with that. Make a server-side TLS &' for the given settings, on top of the  given TCP ' connected to the remote end. %Perform a TLS handshake on the given &, then perform the A given action and at last gracefully close the TLS session using (. FThis function does not close the underlying TCP connection when done.  Prefer to use  or  if you need that $ behavior. Otherwise, you must call ) yourself at some point. Like <, except it also fully closes the TCP connection when done.  Similar to ,, except it performs the all the IO actions  in a new thread. Use this instead of forking  yourself, as that won't give  the right behavior. (Receives decrypted bytes from the given & . Returns *  on EOF. Up to 16384A decrypted bytes will be received at once. The TLS connection is ! automatically renegotiated if a  ClientHello message is received. Encrypts the given strict + and sends it through the  &. ,$ was introduced in base==4.6.0.0. We'll use M our own version here for a while, until base==4.6.0.0 is widely establised. -Like ( from the  Network.TLS module, except it ignores . K errors which might happen if the remote peer closes the connection first. /Makes an TLS context 0 from a '. #12344Credentials to provide to the server, if requested. % The first one is used in case we can' t choose one . based on information provided by the server. +Explicit Server Name Identification (SNI). +CAs used to verify the server certificate.  Use 5 to obtain  the operating system' s defaults. Server credential. .CAs used to verify the client certificate. If 1 specified, then a valid client certificate will " be expected during on handshake. TLS settings. Preferred host to bind. Service port to bind. )Computation to run in a different thread 0 once an incomming connection is accepted and a 5 TLS-secured communication is established. Takes the 0 TLS connection context and remote end address. TLS settings. Listening and bound socket. )Computation to run in a different thread 0 once an incomming connection is accepted and a 5 TLS-secured communication is established. Takes the 0 TLS connection context and remote end address. TLS settings. Listening and bound socket. )Computation to run in a different thread 0 once an incomming connection is accepted and a 5 TLS-secured communication is established. Takes the 0 TLS connection context and remote end address. TLS settings. Server hostname. Server service port. 2Computation to run after establishing TLS-secured 4 TCP connection to the remote server. Takes the TLS , connection context and remote end address. TLS settings. Server hostname. Service port to bind. TLS settings. Listening and bound socket. 678,-/%9:';<=>?@&   1234 678,-/A    !"#$%&$'($')$'*+,-+,.+,/+,0+,1+,2$%3$%456$78$%9:;<=>?@:ABC$%D E FGHIJKLMNMO5P QR QS QT QU QVWnetwork-simple-tls-0.2.0Network.Simple.TCP.TLS Control.LensLensControl.Concurrent forkFinallynetwork-2.4.1.2Network.Socket.Internal withSocketsDonetwork-simple-0.3.0Network.Simple.TCPlistenServerSettingsClientSettings CredentialcredentialToCertListgetDefaultClientSettingsmakeClientSettingsupdateClientParams clientParamsmakeServerSettingsupdateServerParams serverParamsserveaccept acceptForkconnect connectTlsmakeClientContext acceptTlsmakeServerContextuseTlsuseTlsThenCloseuseTlsThenCloseForkrecvsend tls-1.1.5Network.TLS.Context pCertificatesNetwork.TLS.TypesTLS10TLS11TLS12tls-extra-0.6.5Network.TLS.Extra.Ciphercipher_AES256_SHA256cipher_AES256_SHA1cipher_AES128_SHA256cipher_AES128_SHA1cipher_RC4_128_SHA1cipher_RC4_128_MD5ParamsContextNetwork.Socket.TypesSocketNetwork.TLS.Corebye contextClosebase Data.MaybeNothingbytestring-0.10.0.2Data.ByteString.Internal ByteString silentByeForeign.C.ErrorePIPE socketBackendBackendunServerSettingsunClientSettingscertificate-1.3.8System.Certificate.X509.UnixgetSystemCertificateStore ciphers_RC4ciphers_AES_CBCpreferredCiphersNetwork.SocketHostName ServiceNameSockAddrNetwork.Simple.InternalHostAnyHostIPv4HostIPv6HostHostPreference