Safe Haskell	None
Language	Haskell2010

System.IO.Streams.OpenSSL

Contents

client
server
helpers

Description

This module provides convenience functions for interfacing io-streams with HsOpenSSL. ssl/SSL here stand for HsOpenSSL library, not the deprecated SSL 2.0/3.0 protocol. the receive buffer size is 32752. sending is unbuffered, anything write into OutputStream will be immediately send to underlying socket.

You should handle IOError when you read/write these streams for safety.

Be sure to use withOpenSSL wrap your operation before using any functions here. otherwise a segmentation fault will happen.

Synopsis

client

connect Source #

Arguments

:: SSLContext	SSL context. See the `HsOpenSSL` documentation for information on creating this.
-> Maybe String	Optional certificate subject name, if set to `Nothing` then we will try to verify `HostName` as subject name.
-> HostName	hostname to connect to
-> PortNumber	port number to connect to
-> IO (InputStream ByteString, OutputStream ByteString, SSL)

Convenience function for initiating an SSL connection to the given (HostName, PortNumber) combination.

this function will try to verify server's identity, a CertificateVerifyFail will be thrown if fail. it may throw SomeSSLException too.

withConnection Source #

Arguments

:: SSLContext
-> Maybe String
-> HostName
-> PortNumber
-> (InputStream ByteString -> OutputStream ByteString -> SSL -> IO a)	Action to run with the new connection
-> IO a

Convenience function for initiating an SSL connection to the given (HostName, PortNumber) combination. The socket and SSL connection are closed and deleted after the user handler runs.

server

accept Source #

Arguments

:: SSLContext	check Data.OpenSSLSetting.
-> Socket	the listening `Socket`.
-> IO (InputStream ByteString, OutputStream ByteString, SSL, SockAddr)

accept a new connection from remote client, return a InputStream / OutputStream pair and remote SockAddr, you should call bindAndListen first.

this operation will throw SomeSSLException on failure.

helpers

withOpenSSL :: IO a -> IO a #

Computation of withOpenSSL action initializes the OpenSSL library as necessary, and computes action. Every application that uses HsOpenSSL must wrap any operations involving OpenSSL with withOpenSSL, or they might crash:

module Main where
import OpenSSL

main :: IO ()
main = withOpenSSL $
       do ...

Since 0.10.3.5, withOpenSSL is safe to be applied redundantly. Library authors may wish to wrap their functions not to force their users to think about initialization:

get :: URI -> IO Response
get uri = withOpenSSL $ internalImplementationOfGet uri

sslToStreams Source #

Arguments

:: SSL	SSL connection object
-> IO (InputStream ByteString, OutputStream ByteString)

Given an existing HsOpenSSL SSL connection, produces an InputStream / OutputStream pair.

closeSSL :: SSL -> IO () Source #

data CertificateVerifyFail Source #

Constructors

CertificateVerifyFail

Instances

Eq CertificateVerifyFail Source #
Methods (==) :: CertificateVerifyFail -> CertificateVerifyFail -> Bool # (/=) :: CertificateVerifyFail -> CertificateVerifyFail -> Bool #
Show CertificateVerifyFail Source #
Methods showsPrec :: Int -> CertificateVerifyFail -> ShowS # show :: CertificateVerifyFail -> String # showList :: [CertificateVerifyFail] -> ShowS #
Exception CertificateVerifyFail Source #
Methods toException :: CertificateVerifyFail -> SomeException # fromException :: SomeException -> Maybe CertificateVerifyFail # displayException :: CertificateVerifyFail -> String #