| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
System.IO.Streams.OpenSSL
Description
This module provides convenience functions for interfacing HsOpenSSL.
ssl/SSL here stand for HsOpenSSL library, not the deprecated SSL 2.0/3.0 protocol.
This module is intended to be imported qualified, e.g.:
import Data.Connection import qualified System.IO.Streams.OpenSSL as SSL
- type TLSConnection = Connection (SSL, SockAddr)
- connect :: SSLContext -> Maybe String -> HostName -> PortNumber -> IO TLSConnection
- connectWithVerifier :: SSLContext -> (Bool -> Maybe String -> Bool) -> HostName -> PortNumber -> IO TLSConnection
- sslToConnection :: (SSL, SockAddr) -> IO TLSConnection
- accept :: SSLContext -> Socket -> IO TLSConnection
- module Data.OpenSSLSetting
Documentation
type TLSConnection = Connection (SSL, SockAddr) Source #
Type alias for tls connection.
Normally you shouldn't use SSL in connExtraInfo directly.
client
Arguments
| :: SSLContext | SSL context, see the |
| -> Maybe String | Optional certificate subject name, if set to |
| -> HostName | hostname to connect to |
| -> PortNumber | port number to connect to |
| -> IO TLSConnection |
Convenience function for initiating an SSL connection to the given
( combination.HostName, PortNumber)
This function will try to verify server's identity using a very simple algorithm, which may not suit your need:
matchDomain :: String -> String -> Bool
matchDomain n1 n2 =
let n1' = reverse (splitDot n1)
n2' = reverse (splitDot n2)
cmp src target = src == "*" || target == "*" || src == target
in and (zipWith cmp n1' n2')
If the certificate or hostname is not verified, a ProtocolError will be thrown.
Arguments
| :: SSLContext | SSL context. See the |
| -> (Bool -> Maybe String -> Bool) | A verify callback, the first param is the result of certificate verification, the second param is the certificate's subject name |
| -> HostName | hostname to connect to |
| -> PortNumber | port number to connect to |
| -> IO TLSConnection |
Connecting with a custom verification callback.
since 0.6.0.0
Arguments
| :: (SSL, SockAddr) | SSL connection object |
| -> IO TLSConnection |
Given an existing HsOpenSSL SSL connection, produces an InputStream /
OutputStream pair.
server
Arguments
| :: SSLContext | check Data.OpenSSLSetting |
| -> Socket | the listening |
| -> IO TLSConnection |
Accept a new connection from remote client, return a InputStream / OutputStream
pair and remote SockAddr, you should call bindAndListen first.
this operation will throw SomeSSLException on failure.
re-export
module Data.OpenSSLSetting