| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
System.IO.Streams.OpenSSL
Description
This module provides convenience functions for interfacing io-streams
with HsOpenSSL. ssl/SSL here stand for HsOpenSSL library, not the
deprecated SSL 2.0/3.0 protocol. the receive buffer size is 32752.
sending is unbuffered, anything write into OutputStream will be immediately
send to underlying socket.
The same exceptions rule which applied to TCP apply here, with addtional
SomeSSLException to be watched out.
This module is intended to be imported qualified, e.g.:
import qualified System.IO.Streams.OpenSSL as SSL
- connect :: SSLContext -> Maybe String -> HostName -> PortNumber -> IO (InputStream ByteString, OutputStream ByteString, SSL)
- connectWithVerifier :: SSLContext -> (Bool -> Maybe String -> Bool) -> HostName -> PortNumber -> IO (InputStream ByteString, OutputStream ByteString, SSL)
- withConnection :: SSLContext -> Maybe String -> HostName -> PortNumber -> (InputStream ByteString -> OutputStream ByteString -> SSL -> IO a) -> IO a
- accept :: SSLContext -> Socket -> IO (InputStream ByteString, OutputStream ByteString, SSL, SockAddr)
- sslToStreams :: SSL -> IO (InputStream ByteString, OutputStream ByteString)
- close :: SSL -> IO ()
- module Data.OpenSSLSetting
client
Arguments
| :: SSLContext | SSL context. See the |
| -> Maybe String | Optional certificate subject name, if set to |
| -> HostName | hostname to connect to |
| -> PortNumber | port number to connect to |
| -> IO (InputStream ByteString, OutputStream ByteString, SSL) |
Convenience function for initiating an SSL connection to the given
( combination.HostName, PortNumber)
This function will try to verify server's identity using a very simple algorithm, which may not suit your need:
matchDomain :: String -> String -> Bool
matchDomain n1 n2 =
let n1' = reverse (splitDot n1)
n2' = reverse (splitDot n2)
cmp src target = src == "*" || target == "*" || src == target
in and (zipWith cmp n1' n2')
If the certificate or hostname is not verified, a ProtocolError will be thrown.
Arguments
| :: SSLContext | SSL context. See the |
| -> (Bool -> Maybe String -> Bool) | A verify callback, the first param is the result of certificate verification, the second param is the certificate's subject name. |
| -> HostName | hostname to connect to |
| -> PortNumber | port number to connect to |
| -> IO (InputStream ByteString, OutputStream ByteString, SSL) |
Connecting with a custom verification callback.
since 0.6.0.0
Arguments
| :: SSLContext | |
| -> Maybe String | |
| -> HostName | |
| -> PortNumber | |
| -> (InputStream ByteString -> OutputStream ByteString -> SSL -> IO a) | Action to run with the new connection |
| -> IO a |
Convenience function for initiating an SSL connection to the given
( combination. The socket and SSL connection are
closed and deleted after the user handler runs.HostName, PortNumber)
server
Arguments
| :: SSLContext | check Data.OpenSSLSetting. |
| -> Socket | the listening |
| -> IO (InputStream ByteString, OutputStream ByteString, SSL, SockAddr) |
Accept a new connection from remote client, return a InputStream / OutputStream
pair and remote SockAddr, you should call bindAndListen first.
this operation will throw SomeSSLException on failure.
helpers
Arguments
| :: SSL | SSL connection object |
| -> IO (InputStream ByteString, OutputStream ByteString) |
Given an existing HsOpenSSL SSL connection, produces an InputStream /
OutputStream pair.
re-export helpers
module Data.OpenSSLSetting