warp-tls 1.2.0.1 → 1.2.0.2
raw patch · 2 files changed
+21/−19 lines, 2 filesdep +pemdep ~certificate
Dependencies added: pem
Dependency ranges changed: certificate
Files
- Network/Wai/Handler/WarpTLS.hs +18/−17
- warp-tls.cabal +3/−2
Network/Wai/Handler/WarpTLS.hs view
@@ -17,10 +17,12 @@ import Control.Exception (bracket, handle, SomeException) import qualified Network.TLS.Extra as TLSExtra import qualified Data.Certificate.X509 as X509-import qualified Data.Certificate.PEM as PEM import qualified Data.ByteString as B import qualified Data.Certificate.KeyRSA as KeyRSA import Data.Conduit.Network (bindPort)+import Data.Either (rights)+import Control.Applicative ((<$>))+import qualified Data.PEM as PEM data TLSSettings = TLSSettings { certFile :: FilePath@@ -75,22 +77,21 @@ readCertificate :: FilePath -> IO X509.X509 readCertificate filepath = do- content <- B.readFile filepath- certdata <-- case PEM.parsePEMCert content of- Nothing -> error "no valid certificate section"- Just x -> return x- case X509.decodeCertificate $ L.fromChunks [certdata] of- Left err -> error ("cannot decode certificate: " ++ err)- Right x -> return x+ certs <- rights . parseCerts . PEM.pemParseBS <$> B.readFile filepath+ case certs of+ [] -> error "no valid certificate found"+ (x:_) -> return x+ where parseCerts (Right pems) = map (X509.decodeCertificate . L.fromChunks . (:[]) . PEM.pemContent)+ $ filter (flip elem ["CERTIFICATE", "TRUSTED CERTIFICATE"] . PEM.pemName) pems+ parseCerts (Left err) = error $ "cannot parse PEM file: " ++ err readPrivateKey :: FilePath -> IO TLS.PrivateKey readPrivateKey filepath = do- content <- B.readFile filepath- pkdata <-- case PEM.parsePEMKeyRSA content of- Nothing -> error "no valid RSA key section"- Just x -> return (L.fromChunks [x])- case KeyRSA.decodePrivate pkdata of- Left err -> error ("cannot decode key: " ++ err)- Right (_pub, x) -> return $ TLS.PrivRSA x+ pk <- rights . parseKey . PEM.pemParseBS <$> B.readFile filepath+ case pk of+ [] -> error "no valid RSA key found"+ (x:_) -> return x++ where parseKey (Right pems) = map (fmap (TLS.PrivRSA . snd) . KeyRSA.decodePrivate . L.fromChunks . (:[]) . PEM.pemContent)+ $ filter ((== "RSA PRIVATE KEY") . PEM.pemName) pems+ parseKey (Left err) = error $ "Cannot parse PEM file: " ++ err
warp-tls.cabal view
@@ -1,5 +1,5 @@ Name: warp-tls-Version: 1.2.0.1+Version: 1.2.0.2 Synopsis: SSL support for Warp via the TLS package License: MIT License-file: LICENSE@@ -20,7 +20,8 @@ , transformers >= 0.2 && < 0.4 , conduit >= 0.4 && < 0.5 , network-conduit >= 0.4 && < 0.5- , certificate >= 1.1 && < 1.2+ , certificate >= 1.2 && < 1.3+ , pem >= 0.1 && < 0.2 , cryptocipher >= 0.3 && < 0.4 , tls-extra >= 0.4.3 && < 0.5 , tls >= 0.9 && < 0.10