crypton-connection 0.3.2 → 0.4.6
raw patch · 6 files changed
Files
- CHANGELOG.md +33/−1
- Network/Connection.hs +3/−4
- Network/Connection/Internal.hs +6/−0
- Network/Connection/Types.hs +46/−26
- Setup.hs +1/−0
- crypton-connection.cabal +9/−11
CHANGELOG.md view
@@ -1,3 +1,36 @@+# CHANGELOG++## Version 0.4.6++* Using tls v2.3 and crypton-x509* v1.9.++## Version 0.4.5++* Swap `crypton-socks` for unmaintained `socks` dependency.++## Version 0.4.4++* Remove unused packages.+ [#8](https://github.com/kazu-yamamoto/crypton-connection/pull/8)++## Version 0.4.3++* Creating the `Internal` module and export the `ConnectionContext` constructor.+ [#7](https://github.com/kazu-yamamoto/crypton-connection/pull/7)++## Version 0.4.2++* Using data-default.++## Version 0.4.1++* Preparing for tls v2.1++## Version 0.4.0++* Add support for overriding the TLS clientSupported member in TLSSettingsSimple+ [#3](https://github.com/kazu-yamamoto/crypton-connection/pull/3)+ ## Version 0.3.2 * Supporting tls v2.0.0.@@ -5,4 +38,3 @@ ## Version 0.3.1 * The first release to support crypton.-
Network/Connection.hs view
@@ -57,7 +57,6 @@ import qualified System.IO.Error as E (mkIOError, eofErrorType) import qualified Network.TLS as TLS-import qualified Network.TLS.Extra as TLS import System.X509 (getSystemCertificateStore) @@ -66,7 +65,7 @@ import qualified Network.Socket.ByteString as N import Data.Tuple (swap)-import Data.Default.Class+import Data.Default import Data.Data import Data.ByteString (ByteString) import qualified Data.ByteString as B@@ -97,7 +96,7 @@ instance E.Exception HostCannotConnect connectionSessionManager :: Manager -> TLS.SessionManager-connectionSessionManager mvar = TLS.SessionManager+connectionSessionManager mvar = TLS.noSessionManager { TLS.sessionResume = \sessionID -> withMVar mvar (return . M.lookup sessionID) , TLS.sessionEstablish = \sessionID sessionData -> modifyMVar_ mvar (return . M.insert sessionID sessionData)@@ -123,7 +122,7 @@ makeTLSParams :: ConnectionContext -> ConnectionID -> TLSSettings -> TLS.ClientParams makeTLSParams cg cid ts@(TLSSettingsSimple {}) = (TLS.defaultParamsClient (fst cid) portString)- { TLS.clientSupported = def { TLS.supportedCiphers = TLS.ciphersuite_default }+ { TLS.clientSupported = settingClientSupported ts , TLS.clientShared = def { TLS.sharedCAStore = globalCertificateStore cg , TLS.sharedValidationCache = validationCache
+ Network/Connection/Internal.hs view
@@ -0,0 +1,6 @@+module Network.Connection.Internal+ ( ConnectionContext (..)+ )+where++import Network.Connection.Types (ConnectionContext (..))
Network/Connection/Types.hs view
@@ -6,26 +6,26 @@ -- Portability : portable -- -- connection types--- module Network.Connection.Types- where+where import Control.Concurrent.MVar (MVar) -import Data.Default.Class-import Data.X509.CertificateStore import Data.ByteString (ByteString)+import Data.Default+import Data.X509.CertificateStore import Network.Socket (PortNumber, Socket) import qualified Network.TLS as TLS+import qualified Network.TLS.Extra as TLS import System.IO (Handle) -- | Simple backend enumeration, either using a raw connection or a tls connection.-data ConnectionBackend = ConnectionStream Handle- | ConnectionSocket Socket- | ConnectionTLS TLS.Context-+data ConnectionBackend+ = ConnectionStream Handle+ | ConnectionSocket Socket+ | ConnectionTLS TLS.Context -- | Hostname This could either be a name string (punycode encoded) or an ipv4/ipv6 type HostName = String@@ -40,10 +40,14 @@ -- If you need to connect through a SOCKS, you should make sure -- connectionUseSocks is correctly set. data ConnectionParams = ConnectionParams- { connectionHostname :: HostName -- ^ host name to connect to.- , connectionPort :: PortNumber -- ^ port number to connect to.- , connectionUseSecure :: Maybe TLSSettings -- ^ optional TLS parameters.- , connectionUseSocks :: Maybe ProxySettings -- ^ optional Proxy/Socks configuration.+ { connectionHostname :: HostName+ -- ^ host name to connect to.+ , connectionPort :: PortNumber+ -- ^ port number to connect to.+ , connectionUseSecure :: Maybe TLSSettings+ -- ^ optional TLS parameters.+ , connectionUseSocks :: Maybe ProxySettings+ -- ^ optional Proxy/Socks configuration. } -- | Proxy settings for the connection.@@ -54,8 +58,8 @@ -- -- That's for now the only settings in the SOCKS package, -- socks password, or any sort of other authentications is not yet implemented.-data ProxySettings =- SockSettingsSimple HostName PortNumber+data ProxySettings+ = SockSettingsSimple HostName PortNumber | SockSettingsEnvironment (Maybe String) | OtherProxy HostName PortNumber @@ -68,27 +72,43 @@ -- simple settings, you should use TLSSettingsSimple. data TLSSettings = TLSSettingsSimple- { settingDisableCertificateValidation :: Bool -- ^ Disable certificate verification completely,- -- this make TLS/SSL vulnerable to a MITM attack.- -- not recommended to use, but for testing.- , settingDisableSession :: Bool -- ^ Disable session management. TLS/SSL connections- -- will always re-established their context.- -- Not Implemented Yet.- , settingUseServerName :: Bool -- ^ Use server name extension. Not Implemented Yet.- } -- ^ Simple TLS settings. recommended to use.- | TLSSettings TLS.ClientParams -- ^ full blown TLS Settings directly using TLS.Params. for power users.+ { settingDisableCertificateValidation :: Bool+ -- ^ Disable certificate verification completely,+ -- this make TLS/SSL vulnerable to a MITM attack.+ -- not recommended to use, but for testing.+ , settingDisableSession :: Bool+ -- ^ Disable session management. TLS/SSL connections+ -- will always re-established their context.+ -- Not Implemented Yet.+ , settingUseServerName :: Bool+ -- ^ Use server name extension. Not Implemented Yet.+ , settingClientSupported :: TLS.Supported+ -- ^ Used for the 'TLS.clientSupported'+ -- member of 'TLS.ClientParams'.+ }+ | -- \^ Simple TLS settings. recommended to use.++ -- | full blown TLS Settings directly using TLS.Params. for power users.+ TLSSettings TLS.ClientParams deriving (Show) instance Default TLSSettings where- def = TLSSettingsSimple False False False+ def =+ TLSSettingsSimple+ False+ False+ False+ def{TLS.supportedCiphers = TLS.ciphersuite_default} type ConnectionID = (HostName, PortNumber) -- | This opaque type represent a connection to a destination. data Connection = Connection { connectionBackend :: MVar ConnectionBackend- , connectionBuffer :: MVar (Maybe ByteString) -- ^ this is set to 'Nothing' on EOF- , connectionID :: ConnectionID -- ^ return a simple tuple of the port and hostname that we're connected to.+ , connectionBuffer :: MVar (Maybe ByteString)+ -- ^ this is set to 'Nothing' on EOF+ , connectionID :: ConnectionID+ -- ^ return a simple tuple of the port and hostname that we're connected to. } -- | Shared values (certificate store, sessions, ..) between connections
Setup.hs view
@@ -1,2 +1,3 @@ import Distribution.Simple+ main = defaultMain
crypton-connection.cabal view
@@ -1,7 +1,7 @@ Name: crypton-connection-Version: 0.3.2+Version: 0.4.6 Description:- Simple network library for all your connection need.+ Simple network library for all your connection needs. . Features: Really simple to use, SSL/TLS, SOCKS. .@@ -12,7 +12,7 @@ Copyright: Vincent Hanquez <vincent@snarc.org> Author: Vincent Hanquez <vincent@snarc.org> Maintainer: Kazu Yamamoto <kazu@iij.ad.jp>-Synopsis: Simple and easy network connections API+Synopsis: Simple and easy network connection API Build-Type: Simple Category: Network stability: experimental@@ -24,18 +24,16 @@ Library Default-Language: Haskell2010 Build-Depends: base >= 3 && < 5- , basement , bytestring , containers- , data-default-class+ , data-default , network >= 2.6.3- , tls >= 1.7- , socks >= 0.6- , crypton-x509 >= 1.5- , crypton-x509-store >= 1.5- , crypton-x509-system >= 1.5- , crypton-x509-validation >= 1.5+ , tls >= 2.3.0 && < 2.4+ , crypton-socks >= 0.6+ , crypton-x509-store >= 1.9.0 && <1.10+ , crypton-x509-system >= 1.9.0 && <1.10 Exposed-modules: Network.Connection+ Network.Connection.Internal Other-modules: Network.Connection.Types ghc-options: -Wall