pontarius-xmpp/Source/Network/XMPP/TLS.hs

-- Copyright © 2010-2011 Jon Kristensen. See the LICENSE file in the Pontarius
-- XMPP distribution for more details.

-- TODO: TLS12 when supported in tls; TODO: TLS11 results in a read error - bug?
-- TODO: cipher_AES128_SHA1 = TLS_RSA_WITH_AES_128_CBC_SHA?
-- TODO: Compression?
-- TODO: Validate certificate

{-# OPTIONS_HADDOCK hide #-}

module Network.XMPP.TLS (tlsParams) where

import Network.TLS (TLSCertificateUsage (CertificateUsageAccept),
                    TLSParams (..), Version (SSL3, TLS10, TLS11),
                    defaultLogging, nullCompression)
import Network.TLS.Extra (cipher_AES128_SHA1)


tlsParams :: TLSParams

tlsParams = TLSParams { pConnectVersion    = TLS10
                      , pAllowedVersions   = [SSL3, TLS10,TLS11]
                      , pCiphers           = [cipher_AES128_SHA1]
                      , pCompressions      = [nullCompression]
                      , pWantClientCert    = False -- Used for servers
                      , pUseSecureRenegotiation = False -- No renegotiation
                      , pCertificates      = [] -- TODO
                      , pLogging           = defaultLogging -- TODO
                      , onCertificatesRecv = \ certificate ->
                                             return CertificateUsageAccept }
modified the headers to reflect the new license 15 years ago			`-- Copyright © 2010-2011 Jon Kristensen. See the LICENSE file in the Pontarius`
			`-- XMPP distribution for more details.`
inserted Haddock comments to hide the non-Network.XMPP modules, fixed some Haddock problems 15 years ago
cleaned up the TLS and Stream modules 15 years ago			`-- TODO: TLS12 when supported in tls; TODO: TLS11 results in a read error - bug?`
			`-- TODO: cipher_AES128_SHA1 = TLS_RSA_WITH_AES_128_CBC_SHA?`
			`-- TODO: Compression?`
			`-- TODO: Validate certificate`

inserted Haddock comments to hide the non-Network.XMPP modules, fixed some Haddock problems 15 years ago			`{-# OPTIONS_HADDOCK hide #-}`
initial import, copy of darcs repository 15 years ago
reduced the TLS module to just the TLSParams and improved the TLS handshake code 15 years ago			`module Network.XMPP.TLS (tlsParams) where`
initial import, copy of darcs repository 15 years ago
cleaned up the TLS and Stream modules 15 years ago			`import Network.TLS (TLSCertificateUsage (CertificateUsageAccept),`
			`TLSParams (..), Version (SSL3, TLS10, TLS11),`
			`defaultLogging, nullCompression)`
			`import Network.TLS.Extra (cipher_AES128_SHA1)`

initial import, copy of darcs repository 15 years ago
reduced the TLS module to just the TLSParams and improved the TLS handshake code 15 years ago			`tlsParams :: TLSParams`
updated TLS API, debug information on received certificates, added dependencies 15 years ago
cleaned up the TLS and Stream modules 15 years ago			`tlsParams = TLSParams { pConnectVersion = TLS10`
			`, pAllowedVersions = [SSL3, TLS10,TLS11]`
			`, pCiphers = [cipher_AES128_SHA1]`
			`, pCompressions = [nullCompression]`
reduced the TLS module to just the TLSParams and improved the TLS handshake code 15 years ago			`, pWantClientCert = False -- Used for servers`
cleaned up the TLS and Stream modules 15 years ago			`, pUseSecureRenegotiation = False -- No renegotiation`
reduced the TLS module to just the TLSParams and improved the TLS handshake code 15 years ago			`, pCertificates = [] -- TODO`
			`, pLogging = defaultLogging -- TODO`
cleaned up the TLS and Stream modules 15 years ago			`, onCertificatesRecv = \ certificate ->`
			`return CertificateUsageAccept }`