Vincent Hanquez
c1a20efe74
move sendData to core
2011-03-01 20:01:40 +00:00
Vincent Hanquez
43a2ae9dae
remove language extensions not needed anymore
2011-03-01 20:01:40 +00:00
Vincent Hanquez
353783abdf
put server/client in core
2011-03-01 20:01:40 +00:00
Vincent Hanquez
f4cc8999db
move 'close' api to core and rename to 'bye' to avoid a meaning conflict with unix close.
2011-03-01 20:01:40 +00:00
Vincent Hanquez
f260c5b9cf
modify client API to be like the server API.
2011-03-01 20:01:40 +00:00
Vincent Hanquez
5481816e0e
remove old import
2011-03-01 20:01:40 +00:00
Vincent Hanquez
5e8d2fa776
move server to the new split API and have the server function in a monadIO monad.
...
the state mvar is for now mostly useless, although completly harmeless; it will
be useful to be able to use the ctx in a threaded context.
2011-03-01 20:01:40 +00:00
Vincent Hanquez
c997045372
remove old code
2011-03-01 20:01:40 +00:00
Vincent Hanquez
6a0578ad0c
simplify state manipulation
...
separate the pure state manipulation from the monad doing the IO.
add some duplicate helpers to use the new monad.
2011-03-01 20:01:40 +00:00
Vincent Hanquez
9586b05395
unify clientparams and serverparams
2011-03-01 20:01:40 +00:00
Vincent Hanquez
fc420e13f8
add nullCompression and an instance of show for compression data.
2011-03-01 20:01:40 +00:00
Vincent Hanquez
bafea87656
bump tls version to 0.3.3
2011-02-20 17:43:10 +00:00
Vincent Hanquez
ccfc30c2df
bump certificate version to 0.7 minimum
2011-02-20 17:43:10 +00:00
Vincent Hanquez
d592c7aad7
update for latest certificate 0.7
2011-02-20 17:43:10 +00:00
Vincent Hanquez
deb8082647
misc change to arbitrary stuff
2011-02-20 17:43:09 +00:00
Vincent Hanquez
cffafdb421
stylistic change in cabal file.
2011-02-20 17:35:09 +00:00
Vincent Hanquez
c6154ae126
fix a bug with SSL3 during the creation of crypt state.
...
The test for partition was too strict, and the SSL3 generator
is quite likely to generate more data whereas the TLS generator
generate the correct amount every time.
now bigger bytestring than necessary are now valid as well.
2011-02-20 08:49:23 +00:00
Vincent Hanquez
90b7a0fd9b
remove the need for CPP using stdArgs instead of Args
2011-02-20 08:49:08 +00:00
Vincent Hanquez
0132190eb9
bump crypto-api to >= 0.5
2011-02-20 08:37:31 +00:00
Vincent Hanquez
693891ad0c
add a dedicated fromJust
...
compared to the normal fromJust, it take an extra string to report
what kind of fromJust we were doing. it's quite valuable when
shuffling code and assertion break.
at some point, it need to be removed completely in favor of better types
that better reflect the actual state on the connection.
2011-02-20 08:37:19 +00:00
Vincent Hanquez
22ea02ffe4
move to certificate >= 0.6
2011-02-20 08:35:14 +00:00
Vincent Hanquez
4458931597
prepend which side (client/server) had an exception
2011-02-20 08:21:02 +00:00
Vincent Hanquez
a3ea15886f
use AES in cryptocipher 0.2.5
2011-02-20 08:13:53 +00:00
Vincent Hanquez
af02dd0839
add stricter partition(3|6) utils that doesn't use wire (and thus no binary)
2011-01-05 09:24:58 +00:00
Vincent Hanquez
857a4a06b8
add some assertion checking
2011-01-05 09:24:58 +00:00
Vincent Hanquez
a78162e298
add support for ciphers without encryption.
2011-01-05 09:24:58 +00:00
Vincent Hanquez
54640db618
add cipher 0x1 and 0x2 (no encryption with RSA)
2011-01-05 09:24:46 +00:00
Vincent Hanquez
e5e331fdf1
move to certificate 0.5
2011-01-02 09:49:21 +00:00
Vincent Hanquez
4cd29853a6
bump version to 0.3.2
2010-12-15 11:55:40 +00:00
Vincent Hanquez
8aa4fdc3ea
certificate upgrade to 0.4 and fixup tests
2010-12-14 23:27:02 +00:00
Vincent Hanquez
3020ba5c28
allow SSL3 in stunnel
2010-12-14 23:26:51 +00:00
Vincent Hanquez
18cf6a5392
test ciphers in a basic fashion for now.
2010-12-07 09:15:34 +00:00
Vincent Hanquez
4b3cd2c2f7
export key/iv
2010-12-07 09:15:22 +00:00
Vincent Hanquez
4b00c76e19
move supportedVersions and supportedCiphers in common
2010-12-07 09:02:38 +00:00
Vincent Hanquez
701643a863
remove old comment
2010-12-06 22:54:56 +00:00
Vincent Hanquez
4c3fe2fa64
actualize TODO
2010-12-06 22:54:18 +00:00
Vincent Hanquez
bec3255ff3
add a (non-valid) signature, otherwise test fail.
2010-12-06 08:18:16 +00:00
Vincent Hanquez
ebd5ad9937
add testing of certificates into the marshaller
2010-12-06 08:12:34 +00:00
Vincent Hanquez
06fddf5065
add a module to generate certificates
2010-12-06 08:07:05 +00:00
Vincent Hanquez
baa2baecfc
Test arbitrary clientstate and serverstate for protocol initiate
...
this gives a useful test coverage of possibles connections parameters
regarding versions, ciphers, etc that the user can choose, and check
that it all lead to a TLS connected state.
2010-12-04 13:10:49 +00:00
Vincent Hanquez
ccbd2f4ca4
move liftM6 into common
2010-12-04 13:09:42 +00:00
Vincent Hanquez
9796739ce0
add some instances of show for serverparams.
2010-12-04 13:09:02 +00:00
Vincent Hanquez
b3a8c1e1d6
add an instance of Eq for Ciphers. if two cipherID are eq then it's eq.
2010-12-04 13:08:38 +00:00
Vincent Hanquez
32913e0f0f
start factoring out helpers so that we can make more connection tests
2010-12-04 12:09:38 +00:00
Vincent Hanquez
a59a0d840c
minor quickcheck changes
2010-12-03 07:22:48 +00:00
Vincent Hanquez
07da6e5b06
Add monadic IO test that establish connection from a client and server.
...
The test establish a TLS connection on a socketpair, and then
check that by injecting arbitrary data in the client we receive
the exact same thing on the server side.
The test need more sophistication in general, as to arbitrarily test
TLS versions, different ciphers & key exchange, certificates, etc.
2010-11-30 08:31:09 +00:00
Vincent Hanquez
bc638906f2
move the marshal test into a specific file.
2010-11-30 08:26:22 +00:00
Vincent Hanquez
c9f4cbbd70
create a common test file
2010-11-30 08:21:10 +00:00
Vincent Hanquez
2f9563b2cd
increase warning levels for stunnel
2010-11-30 08:19:38 +00:00
Vincent Hanquez
c09f90316f
Improve stunnel example to behave more like a stunnel program.
...
The client side is behaving like a real stunnel now, waiting local connection
and relaying it through the TLS connection and back to the local connection.
The server side is improved, however it doesn't properly relay it to the local
port on the server. For now it prints the message to stdout and reply a constant
to a client. it waits for EOF from the client before finishing.
2010-11-30 08:12:49 +00:00