pontarius-xmpp/source/Network/Xmpp/Tls.hs

{-# OPTIONS_HADDOCK hide #-}
{-# LANGUAGE DeriveDataTypeable #-}
{-# LANGUAGE OverloadedStrings #-}

module Network.Xmpp.Tls where

import qualified Control.Exception.Lifted as Ex
import           Control.Monad
import           Control.Monad.Error
import           Control.Monad.State.Strict

import qualified Data.ByteString as BS
import qualified Data.ByteString.Lazy as BL
import           Data.Conduit
import qualified Data.Conduit.Binary as CB
import           Data.Conduit.Tls as TLS
import           Data.Typeable
import           Data.XML.Types

import           Network.Xmpp.Connection
import           Network.Xmpp.Pickle(ppElement)
import           Network.Xmpp.Stream
import           Network.Xmpp.Types

mkBackend con = Backend { backendSend = \bs -> void (cSend con bs)
                        , backendRecv = cRecv con
                        , backendFlush = cFlush con
                        , backendClose = cClose con
                        }
  where
    cutBytes n = do
        liftIO $ putStrLn "awaiting"
        mbs <- await
        liftIO $ putStrLn "done awaiting"
        case mbs of
            Nothing -> return BS.empty
            Just bs -> do
                let (a, b) = BS.splitAt n bs
                liftIO . putStrLn $
                    "remaining" ++ (show $ BS.length b) ++ " of " ++ (show n)

                unless (BS.null b) $ leftover b
                return a


cutBytes n = do
    liftIO $ putStrLn "awaiting"
    mbs <- await
    liftIO $ putStrLn "done awaiting"
    case mbs of
        Nothing -> return False
        Just bs -> do
            let (a, b) = BS.splitAt n bs
            liftIO . putStrLn $
                "remaining" ++ (show $ BS.length b) ++ " of " ++ (show n)

            unless (BS.null b) $ leftover b
            return True


starttlsE :: Element
starttlsE = Element "{urn:ietf:params:xml:ns:xmpp-tls}starttls" [] []

exampleParams :: TLS.TLSParams
exampleParams = TLS.defaultParamsClient
    { pConnectVersion    = TLS.TLS10
    , pAllowedVersions   = [TLS.SSL3, TLS.TLS10, TLS.TLS11]
    , pCiphers           = [TLS.cipher_AES128_SHA1]
    , pCompressions      = [TLS.nullCompression]
    , pUseSecureRenegotiation = False -- No renegotiation
    , onCertificatesRecv = \_certificate ->
          return TLS.CertificateUsageAccept
    }

-- Pushes "<starttls/>, waits for "<proceed/>", performs the TLS handshake, and
-- restarts the stream.
startTls :: TLS.TLSParams -> Connection -> IO (Either TlsFailure ())
startTls params con = Ex.handle (return . Left . TlsError)
                      . flip withConnection con
                      . runErrorT $ do
    features <- lift $ gets sFeatures
    state <- gets sConnectionState
    case state of
        ConnectionPlain -> return ()
        ConnectionClosed -> throwError TlsNoConnection
        ConnectionSecured -> throwError TlsConnectionSecured
    con <- lift $ gets cHand
    when (stls features == Nothing) $ throwError TlsNoServerSupport
    lift $ pushElement starttlsE
    answer <- lift $ pullElement
    case answer of
        Element "{urn:ietf:params:xml:ns:xmpp-tls}proceed" [] [] -> return ()
        Element "{urn:ietf:params:xml:ns:xmpp-tls}failure" _ _ ->
            lift $ Ex.throwIO StreamOtherFailure
            -- TODO: find something more suitable
        e -> lift $ Ex.throwIO StreamOtherFailure
            -- TODO: Log: "Unexpected element: " ++ ppElement e
    (raw, _snk, psh, read, ctx) <- lift $ TLS.tlsinit debug params (mkBackend con)
    let newHand = Hand { cSend = catchPush . psh
                       , cRecv = read
                       , cFlush = contextFlush ctx
                       , cClose = bye ctx >> cClose con
                       }
    lift $ modify ( \x -> x {cHand = newHand})
    either (lift . Ex.throwIO) return =<< lift restartStream
    modify (\s -> s{sConnectionState = ConnectionSecured})
    return ()
shape documentation 13 years ago			`{-# OPTIONS_HADDOCK hide #-}`
added error handling to Stream, TLS switched to Strict State switched to mtl improved build script 14 years ago			`{-# LANGUAGE DeriveDataTypeable #-}`
minor formatting and documentation additions 14 years ago			`{-# LANGUAGE OverloadedStrings #-}`
inserted Haddock comments to hide the non-Network.XMPP modules, fixed some Haddock problems 15 years ago
Projects/Pontarius/Apply various minor fixes Started using double quotes instead of single quotes on XMLDecl, to conform to the quotations of the other XML. To conform with the Haskell style guidelines, `TLS' is now spelled `Tls', and `XML' is now spelled `Xml'. Updated library name in README file. 13 years ago			`module Network.Xmpp.Tls where`
cleaned up the TLS and Stream modules 15 years ago
added error handling to Stream, TLS switched to Strict State switched to mtl improved build script 14 years ago			`import qualified Control.Exception.Lifted as Ex`
warning clean 14 years ago			`import Control.Monad`
added error handling to Stream, TLS switched to Strict State switched to mtl improved build script 14 years ago			`import Control.Monad.Error`
			`import Control.Monad.State.Strict`
initial import, copy of darcs repository 15 years ago
Fix BufferedSource (couldn't handle leftovers and was therefore useless) Factor out connection from Session Abstract over connection type (remove mention of Handle) 13 years ago			`import qualified Data.ByteString as BS`
			`import qualified Data.ByteString.Lazy as BL`
			`import Data.Conduit`
			`import qualified Data.Conduit.Binary as CB`
Projects/Pontarius/Apply various minor fixes Started using double quotes instead of single quotes on XMLDecl, to conform to the quotations of the other XML. To conform with the Haskell style guidelines, `TLS' is now spelled `Tls', and `XML' is now spelled `Xml'. Updated library name in README file. 13 years ago			`import Data.Conduit.Tls as TLS`
added error handling to Stream, TLS switched to Strict State switched to mtl improved build script 14 years ago			`import Data.Typeable`
warning clean 14 years ago			`import Data.XML.Types`
initial import, copy of darcs repository 15 years ago
rename Network.Xmpp.Monad to Network.Xmpp.Connection 13 years ago			`import Network.Xmpp.Connection`
replace XMPP with Xmpp everywhere to unify style replace SASL with Sasl replace DIGEST_MD5 with DigestMD5 replace PLAIN with Plain 14 years ago			`import Network.Xmpp.Pickle(ppElement)`
			`import Network.Xmpp.Stream`
			`import Network.Xmpp.Types`
cleaned up the TLS and Stream modules 15 years ago
Fix BufferedSource (couldn't handle leftovers and was therefore useless) Factor out connection from Session Abstract over connection type (remove mention of Handle) 13 years ago			`mkBackend con = Backend { backendSend = \bs -> void (cSend con bs)`
			`, backendRecv = cRecv con`
			`, backendFlush = cFlush con`
			`, backendClose = cClose con`
			`}`
			`where`
			`cutBytes n = do`
			`liftIO $ putStrLn "awaiting"`
			`mbs <- await`
			`liftIO $ putStrLn "done awaiting"`
			`case mbs of`
			`Nothing -> return BS.empty`
			`Just bs -> do`
			`let (a, b) = BS.splitAt n bs`
			`liftIO . putStrLn $`
			`"remaining" ++ (show $ BS.length b) ++ " of " ++ (show n)`

			`unless (BS.null b) $ leftover b`
			`return a`


			`cutBytes n = do`
			`liftIO $ putStrLn "awaiting"`
			`mbs <- await`
			`liftIO $ putStrLn "done awaiting"`
			`case mbs of`
			`Nothing -> return False`
			`Just bs -> do`
			`let (a, b) = BS.splitAt n bs`
			`liftIO . putStrLn $`
			`"remaining" ++ (show $ BS.length b) ++ " of " ++ (show n)`

			`unless (BS.null b) $ leftover b`
			`return True`


compiles... again 14 years ago			`starttlsE :: Element`
minor formatting and documentation additions 14 years ago			`starttlsE = Element "{urn:ietf:params:xml:ns:xmpp-tls}starttls" [] []`
initial 14 years ago
Merge branch 'xmpp-lib' Conflicts: LICENSE src/Network/XMPP.hs src/Network/XMPP/SASL.hs src/Network/XMPP/Session.hs src/Network/XMPP/Stream.hs src/Network/XMPP/TLS.hs src/Network/XMPP/Types.hs 14 years ago			`exampleParams :: TLS.TLSParams`
fix TLS code for hs-tls 1.0 13 years ago			`exampleParams = TLS.defaultParamsClient`
minor formatting and documentation additions 14 years ago			`{ pConnectVersion = TLS.TLS10`
			`, pAllowedVersions = [TLS.SSL3, TLS.TLS10, TLS.TLS11]`
			`, pCiphers = [TLS.cipher_AES128_SHA1]`
			`, pCompressions = [TLS.nullCompression]`
			`, pUseSecureRenegotiation = False -- No renegotiation`
			`, onCertificatesRecv = \_certificate ->`
			`return TLS.CertificateUsageAccept`
			`}`
Merge branch 'xmpp-lib' Conflicts: LICENSE src/Network/XMPP.hs src/Network/XMPP/SASL.hs src/Network/XMPP/Session.hs src/Network/XMPP/Stream.hs src/Network/XMPP/TLS.hs src/Network/XMPP/Types.hs 14 years ago
minor formatting and documentation additions 14 years ago			`-- Pushes "<starttls/>, waits for "<proceed/>", performs the TLS handshake, and`
Make the stream failure types more intuitive and clear StreamError has been renamed to StreamFailure, as it's neither an error or an exception, and since the term "stream error" is ambigous (it can also refer to the stream error element on the XMPP stream). Furthermore, XmppTLSError has been renamed to TLSFailure. The data types related to the above mentioned failures are now exported. We do no longer clutter the API with detailed error conditions such as StreamNotStreamElement. These kinds of conditions are such rare occurances, and details about them are better suited in the logging system (to be implemented soon). Stream failures can occur either when a `stream:error' first-level XML element is encountered, or if something unexpected happens in the stream. Currently, `StreamErrorFailure', `StreamEndFailure', and `StreamOtherFailure' are defined for these purposes, but additional exceptions can be added if that would be helpful for the developers. TLSFailure is moved to Types.hs and is now exported. Also temporarily removed findStreamErrors. 13 years ago			`-- restarts the stream.`
Projects/Pontarius/Apply various minor fixes Started using double quotes instead of single quotes on XMLDecl, to conform to the quotations of the other XML. To conform with the Haskell style guidelines, `TLS' is now spelled `Tls', and `XML' is now spelled `Xml'. Updated library name in README file. 13 years ago			`startTls :: TLS.TLSParams -> Connection -> IO (Either TlsFailure ())`
			`startTls params con = Ex.handle (return . Left . TlsError)`
refactor xmppConMonad 13 years ago			`. flip withConnection con`
			`. runErrorT $ do`
minor formatting and documentation additions 14 years ago			`features <- lift $ gets sFeatures`
Fix BufferedSource (couldn't handle leftovers and was therefore useless) Factor out connection from Session Abstract over connection type (remove mention of Handle) 13 years ago			`state <- gets sConnectionState`
			`case state of`
rename XmppConnectionState to ConnectionState 13 years ago			`ConnectionPlain -> return ()`
Projects/Pontarius/Apply various minor fixes Started using double quotes instead of single quotes on XMLDecl, to conform to the quotations of the other XML. To conform with the Haskell style guidelines, `TLS' is now spelled `Tls', and `XML' is now spelled `Xml'. Updated library name in README file. 13 years ago			`ConnectionClosed -> throwError TlsNoConnection`
			`ConnectionSecured -> throwError TlsConnectionSecured`
refactor xmppConMonad 13 years ago			`con <- lift $ gets cHand`
Projects/Pontarius/Apply various minor fixes Started using double quotes instead of single quotes on XMLDecl, to conform to the quotations of the other XML. To conform with the Haskell style guidelines, `TLS' is now spelled `Tls', and `XML' is now spelled `Xml'. Updated library name in README file. 13 years ago			`when (stls features == Nothing) $ throwError TlsNoServerSupport`
renames (pushN -> pushElement, push -> pushStanza, pushOpen -> pushOpenElement, pullSink -> pullToSink, xpStreamEntity -> xpStreamStanza); minor formatting and documentation additions in Monad 14 years ago			`lift $ pushElement starttlsE`
minor formatting and documentation additions 14 years ago			`answer <- lift $ pullElement`
			`case answer of`
added error handling to Stream, TLS switched to Strict State switched to mtl improved build script 14 years ago			`Element "{urn:ietf:params:xml:ns:xmpp-tls}proceed" [] [] -> return ()`
minor formatting and documentation additions 14 years ago			`Element "{urn:ietf:params:xml:ns:xmpp-tls}failure" _ _ ->`
Make the stream failure types more intuitive and clear StreamError has been renamed to StreamFailure, as it's neither an error or an exception, and since the term "stream error" is ambigous (it can also refer to the stream error element on the XMPP stream). Furthermore, XmppTLSError has been renamed to TLSFailure. The data types related to the above mentioned failures are now exported. We do no longer clutter the API with detailed error conditions such as StreamNotStreamElement. These kinds of conditions are such rare occurances, and details about them are better suited in the logging system (to be implemented soon). Stream failures can occur either when a `stream:error' first-level XML element is encountered, or if something unexpected happens in the stream. Currently, `StreamErrorFailure', `StreamEndFailure', and `StreamOtherFailure' are defined for these purposes, but additional exceptions can be added if that would be helpful for the developers. TLSFailure is moved to Types.hs and is now exported. Also temporarily removed findStreamErrors. 13 years ago			`lift $ Ex.throwIO StreamOtherFailure`
minor formatting and documentation additions 14 years ago			`-- TODO: find something more suitable`
Make the stream failure types more intuitive and clear StreamError has been renamed to StreamFailure, as it's neither an error or an exception, and since the term "stream error" is ambigous (it can also refer to the stream error element on the XMPP stream). Furthermore, XmppTLSError has been renamed to TLSFailure. The data types related to the above mentioned failures are now exported. We do no longer clutter the API with detailed error conditions such as StreamNotStreamElement. These kinds of conditions are such rare occurances, and details about them are better suited in the logging system (to be implemented soon). Stream failures can occur either when a `stream:error' first-level XML element is encountered, or if something unexpected happens in the stream. Currently, `StreamErrorFailure', `StreamEndFailure', and `StreamOtherFailure' are defined for these purposes, but additional exceptions can be added if that would be helpful for the developers. TLSFailure is moved to Types.hs and is now exported. Also temporarily removed findStreamErrors. 13 years ago			`e -> lift $ Ex.throwIO StreamOtherFailure`
			`-- TODO: Log: "Unexpected element: " ++ ppElement e`
Fix BufferedSource (couldn't handle leftovers and was therefore useless) Factor out connection from Session Abstract over connection type (remove mention of Handle) 13 years ago			`(raw, _snk, psh, read, ctx) <- lift $ TLS.tlsinit debug params (mkBackend con)`
refactor xmppConMonad 13 years ago			`let newHand = Hand { cSend = catchPush . psh`
			`, cRecv = read`
			`, cFlush = contextFlush ctx`
			`, cClose = bye ctx >> cClose con`
			`}`
			`lift $ modify ( \x -> x {cHand = newHand})`
			`either (lift . Ex.throwIO) return =<< lift restartStream`
rename XmppConnectionState to ConnectionState 13 years ago			`modify (\s -> s{sConnectionState = ConnectionSecured})`
Add debug support (controlled by debug constant in Network.Xmpp.Monad) 14 years ago			`return ()`