tls-extra 0.1.3 → 0.1.4
raw patch · 2 files changed
+20/−2 lines, 2 files
Files
- Network/TLS/Extra/Certificate.hs +17/−1
- tls-extra.cabal +3/−1
Network/TLS/Extra/Certificate.hs view
@@ -1,4 +1,4 @@-{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE OverloadedStrings, CPP #-} -- | -- Module : Network.TLS.Extra.Certificate -- License : BSD-style@@ -23,6 +23,21 @@ import qualified Crypto.Cipher.RSA as RSA import qualified Crypto.Cipher.DSA as DSA +#if defined(NOCERTVERIFY)++# warning "********certificate verify chain doesn't yet work on your platform *************"+# warning "********please consider contributing to the certificate to fix this issue *************"+# warning "********getting trusted system certificate is platform dependant *************"++{- on windows and OSX, the trusted certificates are not yet accessible,+ - for now, print a big fat warning (better than nothing) and returns true -}+certificateVerifyChain :: [X509] -> IO Bool+certificateVerifyChain _ = do+ putStrLn "****************** certificate verify chain doesn't yet work on your platform **********************"+ putStrLn "please consider contributing to the certificate package to fix this issue"+ return True++#else -- | verify a certificates chain using the system certificates available. -- -- each certificate of the list is verified against the next certificate, until@@ -45,6 +60,7 @@ let x = certSubjectDN syscert let y = certIssuerDN cert x == y+#endif -- | verify a certificate against another one. -- the first certificate need to be signed by the second one for this function to succeed.
tls-extra.cabal view
@@ -1,5 +1,5 @@ Name: tls-extra-Version: 0.1.3+Version: 0.1.4 Description: a set of extra definitions, default values and helpers for tls. License: BSD3@@ -42,6 +42,8 @@ Network.TLS.Extra.Compression Network.TLS.Extra.Thread ghc-options: -Wall -fno-warn-missing-signatures+ if os(windows) || os(osx)+ cpp-options: -DNOCERTVERIFY Executable stunnel Main-is: Examples/Stunnel.hs