update tls extra to the new tls.
This commit is contained in:
parent
4e5ff7f53d
commit
8985ae49cd
3 changed files with 1 additions and 48 deletions
|
@ -9,8 +9,6 @@ module Network.TLS.Extra
|
|||
(
|
||||
-- * Cipher related definition
|
||||
module Network.TLS.Extra.Cipher
|
||||
-- * Certificate helpers
|
||||
, module Network.TLS.Extra.Certificate
|
||||
-- * Connection helpers
|
||||
, module Network.TLS.Extra.Connection
|
||||
-- * File helpers
|
||||
|
@ -18,6 +16,5 @@ module Network.TLS.Extra
|
|||
) where
|
||||
|
||||
import Network.TLS.Extra.Cipher
|
||||
import Network.TLS.Extra.Certificate
|
||||
import Network.TLS.Extra.Connection
|
||||
import Network.TLS.Extra.File
|
||||
|
|
|
@ -1,40 +0,0 @@
|
|||
-- |
|
||||
-- Module : Network.TLS.Extra.Certificate
|
||||
-- License : BSD-style
|
||||
-- Maintainer : Vincent Hanquez <vincent@snarc.org>
|
||||
-- Stability : experimental
|
||||
-- Portability : unknown
|
||||
--
|
||||
module Network.TLS.Extra.Certificate
|
||||
( certificateChecks
|
||||
, certificateNoChecks
|
||||
, defaultChecks
|
||||
, Checks(..)
|
||||
) where
|
||||
|
||||
import Data.X509
|
||||
import Data.X509.Validation
|
||||
import Data.X509.CertificateStore
|
||||
import Network.TLS (CertificateUsage(..), CertificateRejectReason(..))
|
||||
|
||||
-- | Returns 'CertificateUsageAccept' if all the checks pass, or the first
|
||||
-- failure.
|
||||
certificateChecks :: Checks -> CertificateStore -> CertificateChain -> IO CertificateUsage
|
||||
certificateChecks checks store cc = do
|
||||
reasons <- validate checks store cc
|
||||
return $ case reasons of
|
||||
[] -> CertificateUsageAccept
|
||||
x:_ -> CertificateUsageReject (toRejectReason x)
|
||||
where toRejectReason Expired = CertificateRejectExpired
|
||||
toRejectReason InFuture = CertificateRejectExpired
|
||||
toRejectReason UnknownCA = CertificateRejectUnknownCA
|
||||
toRejectReason x = CertificateRejectOther (show x)
|
||||
|
||||
-- | Accept every certificate chain.
|
||||
--
|
||||
-- This function is for debug purpose. TLS is completely unsafe
|
||||
-- if the certificate have not been checked.
|
||||
--
|
||||
-- DO NOT USE in production code.
|
||||
certificateNoChecks :: CertificateChain -> IO CertificateUsage
|
||||
certificateNoChecks = return . const CertificateUsageAccept
|
|
@ -28,16 +28,12 @@ Library
|
|||
, vector
|
||||
, cipher-rc4
|
||||
, cipher-aes >= 0.2 && < 0.3
|
||||
, x509 >= 1.4.3 && < 1.5.0
|
||||
, x509-store >= 1.4.0 && < 1.5.0
|
||||
, x509-validation >= 1.4.2 && < 1.5.0
|
||||
, crypto-pubkey >= 0.2.0
|
||||
, crypto-random
|
||||
, pem >= 0.1.0 && < 0.3.0
|
||||
, time
|
||||
Exposed-modules: Network.TLS.Extra
|
||||
other-modules: Network.TLS.Extra.Certificate
|
||||
Network.TLS.Extra.Cipher
|
||||
other-modules: Network.TLS.Extra.Cipher
|
||||
Network.TLS.Extra.Compression
|
||||
Network.TLS.Extra.Connection
|
||||
Network.TLS.Extra.File
|
||||
|
|
Loading…
Reference in a new issue