packages feed

secure-sockets 1.2.1 → 1.2.3

raw patch · 3 files changed

+32/−18 lines, 3 filesdep +processdep −HSHdep ~directory

Dependencies added: process

Dependencies removed: HSH

Dependency ranges changed: directory

Files

Network/Secure/Connection.hs view
@@ -67,12 +67,11 @@ -- 'PeerIdentity'. connect :: LocalIdentity -> [PeerIdentity] -> (HostName, ServiceName)         -> IO Connection-connect myId peerIds (host, port) = bracketOnError newSock sClose tryConnect-  where-    tryConnect sock = do+connect myId peerIds (host, port) =+  do info <- getSockAddr (Just host) port+     bracketOnError (newSock info) sClose $ \sock -> do         setSocketOption sock ReuseAddr 1-        addr <- getSockAddr (Just host) port-        Network.Socket.connect sock addr+        Network.Socket.connect sock (addrAddress info)         connectSSL myId peerIds False sock  -- |Read at most 'n' bytes from the given connection.@@ -94,10 +93,10 @@ newServer :: (Maybe HostName, ServiceName)           -> IO Network.Secure.Connection.Socket newServer (host, port) = do-    addr <- getSockAddr host port-    sock <- newSock+    info <- getSockAddr host port+    sock <- newSock info     setSocketOption sock ReuseAddr 1-    bindSocket sock addr+    bindSocket sock (addrAddress info)     listen sock 10     return $ S sock @@ -116,11 +115,13 @@         sock <- fst <$> Network.Socket.accept (unSocket listenSock)         connectSSL myId peerIds True sock -getSockAddr :: Maybe HostName -> ServiceName -> IO SockAddr+getSockAddr :: Maybe HostName -> ServiceName -> IO Network.Socket.AddrInfo getSockAddr hn sn = do-    let hints = defaultHints { addrFlags = [AI_PASSIVE, AI_ADDRCONFIG] }+    let hints = defaultHints { addrFlags = [AI_PASSIVE, AI_ADDRCONFIG]+                             , addrSocketType = Stream+                             }     info <- getAddrInfo (Just hints) hn (Just sn)-    return . addrAddress . head $ info+    return (head info)  connectSSL :: LocalIdentity -> [PeerIdentity] -> Bool -> Network.Socket.Socket            -> IO Connection@@ -145,8 +146,8 @@                then OpenSSL.Session.accept                else OpenSSL.Session.connect -newSock :: IO Network.Socket.Socket-newSock = socket AF_INET Stream defaultProtocol+newSock :: Network.Socket.AddrInfo -> IO Network.Socket.Socket+newSock i = socket (addrFamily i) (addrSocketType i) (addrProtocol i)  newSSLContext :: LocalIdentity -> [PeerIdentity] -> IO SSLContext newSSLContext localId validCerts = do
Network/Secure/Identity.hs view
@@ -18,9 +18,9 @@ import Control.Monad (when) import Control.Monad.IO.Class (MonadIO, liftIO) import Data.ByteString (ByteString, append, hPut)+import qualified Data.ByteString as BS import Data.ByteString.Char8 (pack, unpack) import Data.Maybe (fromJust, isNothing)-import HSH import OpenSSL.EVP.PKey (toKeyPair) import OpenSSL.PEM (PemPasswordSupply(PwNone), readPrivateKey,                     writePKCS8PrivateKey, readX509, writeX509)@@ -31,6 +31,8 @@ import System.Directory (getTemporaryDirectory, removeFile) import System.IO (openBinaryTempFile, hFlush) import System.IO.Unsafe (unsafePerformIO)+import System.Process(runInteractiveProcess,waitForProcess)+import System.Exit(ExitCode(..))  -- |An identity, public or private. class Identity a where@@ -130,11 +132,22 @@   where     mkKeyFile = getTemporaryDirectory >>= flip openBinaryTempFile "key.pem"     rmKeyFile = removeFile . fst-    genKey = "openssl genrsa 4096 2>/dev/null"+    genKey    = ("openssl", ["genrsa", "4096"])     genCert p = ("openssl", ["req", "-batch", "-new", "-x509",                              "-key", p, "-nodes",                              "-subj", "/CN=" ++ commonName,                              "-days", show days])++run :: (String,[String]) -> IO ByteString+run (x,xs) =+  do (_,o,_,h) <- runInteractiveProcess x xs Nothing Nothing+     s   <- BS.hGetContents o+     res <- waitForProcess h+     case res of+       ExitSuccess   -> return s+       ExitFailure n -> fail ("External program failed with " ++ show n)++  certMatchesKey :: X509 -> RSAKeyPair -> IO Bool certMatchesKey cert key = do
secure-sockets.cabal view
@@ -1,5 +1,5 @@ Name:                secure-sockets-Version:             1.2.1+Version:             1.2.3 Synopsis:            Secure point-to-point connectivity library Description:     This library simplifies the task of securely connecting two@@ -22,8 +22,8 @@                        Network.Secure.Connection   Build-depends:       base ==4.*,                        bytestring ==0.9.*,-                       directory ==1.0.*,-                       HSH ==2.0.*,+                       directory >= 1,+                       process >= 1 && < 2,                        HsOpenSSL >0.8 && <0.10,                        network ==2.*,                        transformers ==0.2.*