Safe Haskell | None |
---|---|
Language | Haskell2010 |
This module provides convenience functions for interfacing HsOpenSSL
.
ssl/SSL
here stand for HsOpenSSL
library, not the deprecated SSL 2.0/3.0 protocol.
This module is intended to be imported qualified
, e.g.:
import Data.Connection import qualified System.IO.Streams.OpenSSL as SSL
- type TLSConnection = Connection (SSL, SockAddr)
- connect :: SSLContext -> Maybe String -> HostName -> PortNumber -> IO TLSConnection
- connectWithVerifier :: SSLContext -> (Bool -> Maybe String -> Bool) -> HostName -> PortNumber -> IO TLSConnection
- sslToConnection :: (SSL, SockAddr) -> IO TLSConnection
- accept :: SSLContext -> Socket -> IO TLSConnection
- module Data.OpenSSLSetting
Documentation
type TLSConnection = Connection (SSL, SockAddr) Source #
Type alias for tls connection.
Normally you shouldn't use SSL
in connExtraInfo
directly.
client
:: SSLContext | SSL context, see the |
-> Maybe String | Optional certificate subject name, if set to |
-> HostName | hostname to connect to |
-> PortNumber | port number to connect to |
-> IO TLSConnection |
Convenience function for initiating an SSL connection to the given
(
combination.HostName
, PortNumber
)
This function will try to verify server's identity using a very simple algorithm, which may not suit your need:
matchDomain :: String -> String -> Bool matchDomain n1 n2 = let n1' = reverse (splitDot n1) n2' = reverse (splitDot n2) cmp src target = src == "*" || target == "*" || src == target in and (zipWith cmp n1' n2')
If the certificate or hostname is not verified, a ProtocolError
will be thrown.
:: SSLContext | SSL context. See the |
-> (Bool -> Maybe String -> Bool) | A verify callback, the first param is the result of certificate verification, the second param is the certificate's subject name |
-> HostName | hostname to connect to |
-> PortNumber | port number to connect to |
-> IO TLSConnection |
Connecting with a custom verification callback.
since 0.6.0.0
:: (SSL, SockAddr) | SSL connection object |
-> IO TLSConnection |
Given an existing HsOpenSSL SSL
connection, produces an InputStream
/
OutputStream
pair.
server
:: SSLContext | check Data.OpenSSLSetting |
-> Socket | the listening |
-> IO TLSConnection |
Accept a new connection from remote client, return a InputStream
/ OutputStream
pair and remote SockAddr
, you should call bindAndListen
first.
this operation will throw SomeSSLException
on failure.
re-export
module Data.OpenSSLSetting