Vincent Hanquez
693891ad0c
add a dedicated fromJust
...
compared to the normal fromJust, it take an extra string to report
what kind of fromJust we were doing. it's quite valuable when
shuffling code and assertion break.
at some point, it need to be removed completely in favor of better types
that better reflect the actual state on the connection.
2011-02-20 08:37:19 +00:00
Vincent Hanquez
22ea02ffe4
move to certificate >= 0.6
2011-02-20 08:35:14 +00:00
Vincent Hanquez
4458931597
prepend which side (client/server) had an exception
2011-02-20 08:21:02 +00:00
Vincent Hanquez
a3ea15886f
use AES in cryptocipher 0.2.5
2011-02-20 08:13:53 +00:00
Vincent Hanquez
af02dd0839
add stricter partition(3|6) utils that doesn't use wire (and thus no binary)
2011-01-05 09:24:58 +00:00
Vincent Hanquez
857a4a06b8
add some assertion checking
2011-01-05 09:24:58 +00:00
Vincent Hanquez
a78162e298
add support for ciphers without encryption.
2011-01-05 09:24:58 +00:00
Vincent Hanquez
54640db618
add cipher 0x1 and 0x2 (no encryption with RSA)
2011-01-05 09:24:46 +00:00
Vincent Hanquez
e5e331fdf1
move to certificate 0.5
2011-01-02 09:49:21 +00:00
Vincent Hanquez
4cd29853a6
bump version to 0.3.2
2010-12-15 11:55:40 +00:00
Vincent Hanquez
8aa4fdc3ea
certificate upgrade to 0.4 and fixup tests
2010-12-14 23:27:02 +00:00
Vincent Hanquez
3020ba5c28
allow SSL3 in stunnel
2010-12-14 23:26:51 +00:00
Vincent Hanquez
18cf6a5392
test ciphers in a basic fashion for now.
2010-12-07 09:15:34 +00:00
Vincent Hanquez
4b3cd2c2f7
export key/iv
2010-12-07 09:15:22 +00:00
Vincent Hanquez
4b00c76e19
move supportedVersions and supportedCiphers in common
2010-12-07 09:02:38 +00:00
Vincent Hanquez
701643a863
remove old comment
2010-12-06 22:54:56 +00:00
Vincent Hanquez
4c3fe2fa64
actualize TODO
2010-12-06 22:54:18 +00:00
Vincent Hanquez
bec3255ff3
add a (non-valid) signature, otherwise test fail.
2010-12-06 08:18:16 +00:00
Vincent Hanquez
ebd5ad9937
add testing of certificates into the marshaller
2010-12-06 08:12:34 +00:00
Vincent Hanquez
06fddf5065
add a module to generate certificates
2010-12-06 08:07:05 +00:00
Vincent Hanquez
baa2baecfc
Test arbitrary clientstate and serverstate for protocol initiate
...
this gives a useful test coverage of possibles connections parameters
regarding versions, ciphers, etc that the user can choose, and check
that it all lead to a TLS connected state.
2010-12-04 13:10:49 +00:00
Vincent Hanquez
ccbd2f4ca4
move liftM6 into common
2010-12-04 13:09:42 +00:00
Vincent Hanquez
9796739ce0
add some instances of show for serverparams.
2010-12-04 13:09:02 +00:00
Vincent Hanquez
b3a8c1e1d6
add an instance of Eq for Ciphers. if two cipherID are eq then it's eq.
2010-12-04 13:08:38 +00:00
Vincent Hanquez
32913e0f0f
start factoring out helpers so that we can make more connection tests
2010-12-04 12:09:38 +00:00
Vincent Hanquez
a59a0d840c
minor quickcheck changes
2010-12-03 07:22:48 +00:00
Vincent Hanquez
07da6e5b06
Add monadic IO test that establish connection from a client and server.
...
The test establish a TLS connection on a socketpair, and then
check that by injecting arbitrary data in the client we receive
the exact same thing on the server side.
The test need more sophistication in general, as to arbitrarily test
TLS versions, different ciphers & key exchange, certificates, etc.
2010-11-30 08:31:09 +00:00
Vincent Hanquez
bc638906f2
move the marshal test into a specific file.
2010-11-30 08:26:22 +00:00
Vincent Hanquez
c9f4cbbd70
create a common test file
2010-11-30 08:21:10 +00:00
Vincent Hanquez
2f9563b2cd
increase warning levels for stunnel
2010-11-30 08:19:38 +00:00
Vincent Hanquez
c09f90316f
Improve stunnel example to behave more like a stunnel program.
...
The client side is behaving like a real stunnel now, waiting local connection
and relaying it through the TLS connection and back to the local connection.
The server side is improved, however it doesn't properly relay it to the local
port on the server. For now it prints the message to stdout and reply a constant
to a client. it waits for EOF from the client before finishing.
2010-11-30 08:12:49 +00:00
Vincent Hanquez
a2896bce31
add options to bind to unix socket or file descriptor
2010-11-28 11:50:55 +00:00
Vincent Hanquez
95c94749d2
use cmdargs in stunnel instead of GetArgs
...
prepare options for the implementation of an actual stunnel program,
where data are relayed from encrypted to normal connection and vice versa.
2010-11-28 11:37:36 +00:00
Vincent Hanquez
d787160713
rename connect in client module to initiate.
...
add a deprecated pragma for connect and keep it for compatibility
2010-11-28 10:30:05 +00:00
Vincent Hanquez
e48584cbbb
bump version to 0.3.1
2010-11-07 10:21:57 +00:00
Vincent Hanquez
03a5a8c3c9
certificate need at least 0.3.2 and cereal 0.3.
2010-11-07 10:21:32 +00:00
Vincent Hanquez
d061b37730
remove RandomGen generator and provide a reseed functions to regenerate the RNG.
2010-11-07 10:19:12 +00:00
Vincent Hanquez
c25f1ae72d
bump version to 0.3
2010-11-04 19:12:00 +00:00
Vincent Hanquez
a95dd8f45e
Generalize key exchange and use in-house RSA.
...
Remove need for spoon, since RSA will fails gracefully.
Add support for full private key format for fast decryption.
Generalization of key exchange to add future support for DH, etc.
2010-11-04 19:10:00 +00:00
Vincent Hanquez
65942b945f
massive change on the RNG and add support for CryptoRandomGen
...
use an inline AES counter system to generate random data.
2010-11-04 19:05:36 +00:00
Vincent Hanquez
c8d3931c83
add cereal and depends on crypto-api
2010-11-04 19:02:04 +00:00
Vincent Hanquez
e5aebd8ad5
move back to mtl
2010-11-04 19:01:38 +00:00
Vincent Hanquez
863c09e0d4
put the throwError inside the runGet instead of outside.
...
related to a monad either overlapping report.
2010-11-03 23:06:04 +00:00
Vincent Hanquez
f4841baa80
add support for quickcheck 2.3
2010-11-03 23:04:03 +00:00
Vincent Hanquez
721f07ec0a
align base between library and executable
2010-11-02 08:26:50 +00:00
Vincent Hanquez
6314709a84
put back the upper limit
2010-11-02 08:06:32 +00:00
Vincent Hanquez
0d342a68f7
use monads-fd instead of mtl
2010-10-24 12:02:45 +01:00
Vincent Hanquez
7a5139c5ce
depends on cryptohash 0.6 and adapt to the new modules location.
2010-10-24 12:02:41 +01:00
Vincent Hanquez
3210758258
update cabal file and bump version to 0.2
2010-10-06 09:21:20 +01:00
Vincent Hanquez
a1469322e4
don't check padding content in SSL3 mode
2010-10-06 09:15:36 +01:00