yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
347 commits 1 branch 11 tags 1.7 MiB
Commit graph

89 commits

Author SHA1 Message Date
Vincent Hanquez
da3a3e7e4b Remove TLS prefix in a few types. 
Add compatibility types aliases definitions to the new names.
 2012-03-14 08:56:28 +00:00
Vincent Hanquez
4b28c5735f Create a backend abstraction that facilitate moving arguments around. 2012-03-12 08:48:03 +00:00
Vincent Hanquez
7e8f0d0cf9 use record pattern match syntax. 2012-03-12 07:11:21 +00:00
Joey Adams
3d0071d952 Fix spelling of negotiate/negotiation in documentation 2012-03-10 16:04:44 -05:00
Joey Adams
cbfe10e9f6 Add links to the 'BufferMode' type in 'client' and 'server' 2012-03-10 15:51:46 -05:00
Vincent Hanquez
5c4a0d345b rename more Bytes to B.ByteString. 2012-02-11 10:50:41 +00:00
Vincent Hanquez
e0610c7f66 use ByteString instead of Bytes which is not exported. 2012-02-11 08:49:49 +00:00
Vincent Hanquez
08ddc1523c make recvData use strict bytestring as this more natural to the tls code. 
also add a recvData' to get the same behavior as before.
 2012-02-07 20:45:22 +00:00
Vincent Hanquez
db362230ec more documentation 2012-02-07 06:26:26 +00:00
Vincent Hanquez
4f450935f5 reorganize sendData slightly 2012-01-25 16:03:31 +00:00
Vincent Hanquez
80998d0bb5 track in the context if the tls pipe is established or not. 
raise exception ConnectionNotEstablished in sendData and recvData if
trying to use an invalid Context.
 2012-01-25 16:01:55 +00:00
Vincent Hanquez
3e7a6c5c17 export the content of HandshakeFailed 2012-01-19 05:31:31 +00:00
Vincent Hanquez
c846d9a360 Switch handshake to exception instead of returning a bool. 
Bool return value doesn't provide any information on why the handshake failed,
hence remove the Bool value, and return (), and in case of handshake failure,
raise a HandshakeFailed exception with the TLSError associated with it.
 2012-01-18 06:29:29 +00:00
Vincent Hanquez
aad62f89a7 catch exception during certificate callback and returns a certificate rejection on exception. 2012-01-16 12:36:45 +00:00
Vincent Hanquez
89ad99004b properly call/switch things in server when trying to resume session. 2011-12-20 07:51:12 +00:00
Vincent Hanquez
98427b4fae switch client to process Server hello explicitely. 
also switch everything properly when receiving a server hello with session.
 2011-12-20 07:51:07 +00:00
Vincent Hanquez
8ff0d85a0e send session if the user says so (through sessionResumeWith) in client. 
and properly switch to session resuming packet flow if resuming.
 2011-12-20 07:43:43 +00:00
Vincent Hanquez
13b3873b82 add an helper to create a new session. 2011-12-20 07:42:13 +00:00
Vincent Hanquez
be3ab515de rename processServerHello to onServerHello. 2011-12-20 07:41:53 +00:00
Vincent Hanquez
b3b7051129 callback to user when a session has been successfully established. 
it's up to the user to store the session id + session data for later recovery.
 2011-12-20 07:39:24 +00:00
Vincent Hanquez
34b186b852 differentiate set master secret from a premaster secret or an already existing master secret 2011-12-20 07:30:19 +00:00
Vincent Hanquez
5601170a1f clean up handshake states after handshake is done. 2011-12-12 08:43:52 +00:00
Vincent Hanquez
ccb94cea50 Merge branch 'master' into session 2011-12-06 00:23:18 +00:00
Vincent Hanquez
86335f18ce split context structure and accessor out of Core. 2011-12-06 00:15:00 +00:00
Vincent Hanquez
a269d84256 fix client side encoding of client key exchange on RSA. 2011-12-06 00:12:00 +00:00
Vincent Hanquez
4ef7b0098f Merge branch 'master' into session 
Conflicts:
	Network/TLS/Core.hs
 2011-12-01 22:33:53 +00:00
Vincent Hanquez
9ec505a59a Merge branch 'hsm' 
Conflicts:
	Network/TLS/Core.hs
 2011-12-01 08:55:44 +00:00
Vincent Hanquez
adf45a537d handle digest update after processing the packet 2011-12-01 08:42:43 +00:00
Vincent Hanquez
e1fea031af consider clientkeyxchg as an opaque structure in internal layers, and make/process the content in higher layer. 2011-12-01 08:41:01 +00:00
Vincent Hanquez
eba62f6f74 append actual raised exception in the error. 2011-12-01 08:36:56 +00:00
Vincent Hanquez
3bdad41e21 consume ServerKeyExchange if it show up. 2011-12-01 08:34:41 +00:00
Vincent Hanquez
d6a198dad5 split recvRecord out of recvPacket. 2011-11-30 22:01:31 +00:00
Vincent Hanquez
2a685b2601 remove the state machine is favor of a straightforward pattern matching state machine. 
simplify code massively and make it easy to support other packet flow later.
 2011-11-29 08:59:41 +00:00
Vincent Hanquez
0f4c6a0c47 refactor to be able to modify state machine mechanism 2011-11-28 08:01:19 +00:00
Vincent Hanquez
23113e3d3b separate code path on client to be able to handle session resume 2011-11-13 11:12:26 +00:00
Vincent Hanquez
63110fb5ce add a wrapper to recvPacket to only receive handshake types. 2011-11-13 11:11:39 +00:00
Vincent Hanquez
0f4c448bf2 move comment where it should be. 2011-11-13 08:53:00 +00:00
Vincent Hanquez
ba4a2de730 separate code path on server when doing a session resume. 2011-11-12 16:15:05 +00:00
Vincent Hanquez
297f0d351b Check handshake policy on server during a new client handshake. 
It allows server to detect clients that want to abuse single handledly
the server resources by issuing handshakes.

The callback get some measurements on the number of bytes received and sent
since last handshake and also the number of handshake on this context.
 2011-11-12 11:05:12 +00:00
Vincent Hanquez
63fabf9956 add some measurements of bytes received/sent and number of handshakes per context. 2011-11-11 19:05:17 +00:00
Vincent Hanquez
905aff7564 fix typo in error message 2011-10-08 09:41:09 +01:00
Vincent Hanquez
273d5285c2 allow definition of client and server with different connection/operations type 2011-09-29 09:22:27 +01:00
Vincent Hanquez
dff8e03476 curry the connection 2011-09-29 09:14:02 +01:00
Vincent Hanquez
9b099fd0ff vectorized the actual connection type, so one could use Socket or Fd as long as handles. 2011-09-29 08:29:28 +01:00
Vincent Hanquez
7d6116c20b put TLS12 in default allowed versions 2011-09-29 08:27:55 +01:00
Vincent Hanquez
b6a1b3ed14 misc cleanup 2011-08-13 07:56:17 +01:00
Vincent Hanquez
3c02e9acfc Create a record type to help type safety 2011-08-12 18:41:49 +01:00
Vincent Hanquez
abc571223a Change compression API to work properly. 
- distinguish compression from decompression
- add a context
- move from a record structure to typeclass + wrapping data for hiding the existential quantification.
 2011-08-12 18:31:58 +01:00
Vincent Hanquez
28e04f8849 Use the encode function to encode the secure renegotiation extension. 
fix a bug on the client side when secure renegotiation is enabled on client and server.
 2011-06-19 21:23:01 +01:00
Vincent Hanquez
c27fc6187d properly encode/decode secure renegotiation extension 2011-06-13 08:33:14 +01:00