packages feed

HsOpenSSL 0.11.7.6 → 0.11.7.7

raw patch · 7 files changed

+59/−13 lines, 7 filesdep ~networkdep ~time

Dependency ranges changed: network, time

Files

ChangeLog view
@@ -1,3 +1,16 @@+2024-06-11  Vladimir Shabanov  <dev@vshabanov.com>++	* HsOpenSSL.cabal (Version): Bump version to 0.11.7.7++	* Added generic functionality for adding extensions to X509 (#87)+	by Ishan Sharma @ishan-rep++	* Clear error stack after x509_verify validation failure (#91)+	by Paolo Capriotti @pcapriotti++	* Add withContextSetKeylogCallback: Allow any type inside action (#85)+	by Akshay Mankar @akshaymankar+ 2022-06-19  Vladimir Shabanov  <dev@vshabanov.com>  	* HsOpenSSL.cabal (Version): Bump version to 0.11.7.6
HsOpenSSL.cabal view
@@ -10,7 +10,7 @@     systems and stable. You may also be interested in the @tls@ package,     <http://hackage.haskell.org/package/tls>, which is a pure Haskell     implementation of SSL.-Version:       0.11.7.6+Version:       0.11.7.7 License:       PublicDomain License-File:  COPYING Author:        Adam Langley, Mikhail Vorozhtsov, PHO, Taru Karttunen@@ -74,9 +74,9 @@ Library     Build-Depends:         base       >= 4.8 && < 5,-        bytestring >= 0.9 && < 0.12,-        network    >= 2.1 && < 3.2,-        time       >= 1.5 && < 1.13+        bytestring >= 0.9 && < 0.13,+        network    >= 2.1 && < 3.3,+        time       >= 1.5 && < 1.15      Build-Tools: hsc2hs >= 0.67 @@ -163,7 +163,7 @@     Build-Depends:         HsOpenSSL,         base                 >= 4.8 && < 5,-        bytestring           >= 0.9 && < 0.12+        bytestring           >= 0.9 && < 0.13     Default-Language:         Haskell2010     GHC-Options:@@ -190,7 +190,7 @@     Build-Depends:         HsOpenSSL,         base                 >= 4.8 && < 5,-        bytestring           >= 0.9 && < 0.12+        bytestring           >= 0.9 && < 0.13     Default-Language:         Haskell2010     GHC-Options:@@ -204,7 +204,7 @@     Build-Depends:         HsOpenSSL,         base                 >= 4.8 && < 5,-        bytestring           >= 0.9 && < 0.12+        bytestring           >= 0.9 && < 0.13     Default-Language:         Haskell2010     GHC-Options:
OpenSSL/Session.hsc view
@@ -406,7 +406,7 @@ -- -- FIXME: Not re-entrant (ignores previous callback and resets it to -- nullFunPtr on exit)-withContextSetKeylogCallback :: SSLContext -> (String -> IO ()) -> IO () -> IO ()+withContextSetKeylogCallback :: SSLContext -> (String -> IO ()) -> IO a -> IO a withContextSetKeylogCallback context cb action = do   -- There doesn't seem to be a way to go from 'Ptr SSL_' to 'SSL', so let's   -- just ignore it in the haskell callback.
OpenSSL/Utils.hs view
@@ -4,11 +4,13 @@     , failIf     , failIf_     , raiseOpenSSLError+    , clearErrorStack     , toHex     , fromHex     , peekCStringCLen     )     where+import Control.Monad import Foreign.C.String import Foreign.C.Types import Foreign.Ptr@@ -40,6 +42,12 @@  raiseOpenSSLError :: IO a raiseOpenSSLError = getError >>= errorString >>= fail+++clearErrorStack :: IO ()+clearErrorStack = do+  e <- getError+  when (e /= 0) clearErrorStack  -- | Convert an integer to a hex string toHex :: (Num i, Bits i) => i -> String
OpenSSL/X509.hsc view
@@ -5,7 +5,7 @@ -- |An interface to X.509 certificate. module OpenSSL.X509     ( -- * Type-      X509+      X509(..)     , X509_        -- * Functions to manipulate certificate@@ -274,7 +274,9 @@     where       interpret :: CInt -> IO VerifyStatus       interpret 1 = return VerifySuccess-      interpret 0 = return VerifyFailure+      interpret 0 = do+        clearErrorStack+        return VerifyFailure       interpret _ = raiseOpenSSLError  -- |@'printX509' cert@ translates a certificate into human-readable
OpenSSL/X509/Request.hs view
@@ -32,6 +32,7 @@     , setPublicKey      , addExtensions+    , addExtensionToX509     )     where @@ -100,6 +101,8 @@ foreign import capi unsafe "openssl/x509.h X509_REQ_add_extensions"         _req_add_extensions :: Ptr X509_REQ -> Ptr STACK -> IO CInt +foreign import capi unsafe "openssl/x509.h X509_add_ext"+    _X509_add_ext :: Ptr Cert.X509_ -> Ptr X509_EXT -> CInt -> IO CInt  -- |@'newX509Req'@ creates an empty certificate request. You must set -- the following properties to and sign it (see 'signX509Req') to@@ -296,3 +299,23 @@          Cert.setPublicKey   cert =<< getPublicKey req           return cert++-- | Add Extensions to a certificate (when the Server accepting certs requires it)+-- E.g.:+--+-- > addExtensionToX509 cert1 87 "CA:FALSE"+-- > addExtensionToX509 cert1 85 "critical,serverAuth, clientAuth" -- when this extension field is critical+--+addExtensionToX509 :: X509 -> Int -> String -> IO Bool+addExtensionToX509 (Cert.X509 certFPtr) nid value = do+    -- Context and config pointers are set to nullPtr for simplicity.+    -- Depending on your use case, you might need to provide actual values.+    result <- withForeignPtr certFPtr $ \certPtr ->+              withCString value $ \cValue -> do+                  extPtr <- _ext_create nullPtr nullPtr (fromIntegral nid) cValue+                  if extPtr /= nullPtr+                      then do+                          res <- _X509_add_ext certPtr extPtr (-1)  -- Add to the end+                          return (res == 0)+                      else return False+    return result
examples/HelloWorld.hs view
@@ -15,9 +15,9 @@   main = withOpenSSL $-       do putStrLn "cipher: DES-CBC"-          des <- liftM fromJust $ getCipherByName "DES-CBC"-+       do putStrLn "cipher: DES3"+          des <- liftM fromJust $ getCipherByName "DES3"+                      putStrLn "generating RSA keypair..."           rsa <- generateRSAKey 512 65537 Nothing