Fields

• clientUseMaxFragmentLength :: Maybe MaxFragmentEnum
   
• clientServerIdentification :: (HostName, ByteString)

  Define the name of the server, along with an extra service identification blob. this is important that the hostname part is properly filled for security reason, as it allow to properly associate the remote side with the given certificate during a handshake.

  The extra blob is useful to differentiate services running on the same host, but that might have different certificates given. It's only used as part of the X509 validation infrastructure.

• clientUseServerNameIndication :: Bool

  Allow the use of the Server Name Indication TLS extension during handshake, which allow the client to specify which host name, it's trying to access. This is useful to distinguish CNAME aliasing (e.g. web virtual host).

• clientWantSessionResume :: Maybe (SessionID, SessionData)

  try to establish a connection using this session.

• clientShared :: Shared
   
• clientHooks :: ClientHooks
   
• clientSupported :: Supported

  In this element, you'll need to override the default empty value of of supportedCiphers with a suitable cipherlist.

• clientDebug :: DebugParams
   

Fields

• serverWantClientCert :: Bool

  request a certificate from client.

• serverCACertificates :: [SignedCertificate]

  This is a list of certificates from which the disinguished names are sent in certificate request messages. For TLS1.0, it should not be empty.

• serverDHEParams :: Maybe DHParams

  Server Optional Diffie Hellman parameters. Setting parameters is necessary for FFDHE key exchange when clients are not compatible with RFC 7919.

  Value can be one of the standardized groups from module Network.TLS.Extra.FFDHE or custom parameters generated with generateParams.

• serverShared :: Shared
   
• serverHooks :: ServerHooks
   
• serverSupported :: Supported
   
• serverDebug :: DebugParams
   

Fields

• debugSeed :: Maybe Seed

  Disable the true randomness in favor of deterministic seed that will produce a deterministic random from. This is useful for tests and debugging purpose. Do not use in production

• debugPrintSeed :: Seed -> IO ()

  Add a way to print the seed that was randomly generated. re-using the same seed will reproduce the same randomness with debugSeed

Fields

• onCertificateRequest :: ([CertificateType], Maybe [HashAndSignatureAlgorithm], [DistinguishedName]) -> IO (Maybe (CertificateChain, PrivKey))

  This action is called when the server sends a certificate request. The parameter is the information from the request. The action should select a certificate chain of one of the given certificate types where the last certificate in the chain should be signed by one of the given distinguished names. Each certificate should be signed by the following one, except for the last. At least the first of the certificates in the chain must have a corresponding private key, because that is used for signing the certificate verify message.

  Note that is is the responsibility of this action to select a certificate matching one of the requested certificate types. Returning a non-matching one will lead to handshake failure later.

  Returning a certificate chain not matching the distinguished names may lead to problems or not, depending whether the server accepts it.

• onServerCertificate :: CertificateStore -> ValidationCache -> ServiceID -> CertificateChain -> IO [FailedReason]

  Used by the client to validate the server certificate. The default implementation calls validateDefault which validates according to the default hooks and checks provided by Data.X509.Validation. This can be replaced with a custom validation function using different settings.

• onSuggestALPN :: IO (Maybe [ByteString])

  This action is called when the client sends ClientHello to determine ALPN values such as '["h2", "http/1.1"]'.

• onCustomFFDHEGroup :: DHParams -> DHPublic -> IO GroupUsage

  This action is called to validate DHE parameters when the server selected a finite-field group not part of the "Supported Groups Registry". See RFC 7919 section 3.1 for recommandations.

Fields

• onClientCertificate :: CertificateChain -> IO CertificateUsage

  This action is called when a client certificate chain is received from the client. When it returns a CertificateUsageReject value, the handshake is aborted.

• onUnverifiedClientCert :: IO Bool

  This action is called when the client certificate cannot be verified. Return True to accept the certificate anyway, or False to fail verification.

• onCipherChoosing :: Version -> [Cipher] -> Cipher

  Allow the server to choose the cipher relative to the the client version and the client list of ciphers.

  This could be useful with old clients and as a workaround to the BEAST (where RC4 is sometimes prefered with TLS < 1.1)

  The client cipher list cannot be empty.

• onServerNameIndication :: Maybe HostName -> IO Credentials

  Allow the server to indicate additional credentials to be used depending on the host name indicated by the client.

  This is most useful for transparent proxies where credentials must be generated on the fly according to the host the client is trying to connect to.

  Returned credentials may be ignored if a client does not support the signature algorithms used in the certificate chain.

• onNewHandshake :: Measurement -> IO Bool

  at each new handshake, we call this hook to see if we allow handshake to happens.

• onALPNClientSuggest :: Maybe ([ByteString] -> IO ByteString)

  Allow the server to choose an application layer protocol suggested from the client through the ALPN (Application Layer Protocol Negotiation) extensions.

Fields

• supportedVersions :: [Version]

  Supported Versions by this context On the client side, the highest version will be used to establish the connection. On the server side, the highest version that is less or equal than the client version will be chosed.

• supportedCiphers :: [Cipher]

  Supported cipher methods. The default is empty, specify a suitable cipher list. ciphersuite_default is often a good choice.

• supportedCompressions :: [Compression]

  supported compressions methods

• supportedHashSignatures :: [HashAndSignatureAlgorithm]

  All supported hash/signature algorithms pair for client certificate verification and server signature in (EC)DHE, ordered by decreasing priority.

  This list is sent to the peer as part of the signature_algorithms extension. It is also used to restrict the choice of server credential, signature and hash algorithm, but only when the TLS version is 1.2 or above. In order to disable SHA-1 one must then also disable earlier protocol versions in supportedVersions.

• supportedSecureRenegotiation :: Bool

  Secure renegotiation defined in RFC5746. If True, clients send the renegotiation_info extension. If True, servers handle the extension or the renegotiation SCSV then send the renegotiation_info extension.

• supportedClientInitiatedRenegotiation :: Bool

  If True, renegotiation is allowed from the client side. This is vulnerable to DOS attacks. If False, renegotiation is allowed only from the server side via HelloRequest.

• supportedSession :: Bool

  Set if we support session.

• supportedFallbackScsv :: Bool

  Support for fallback SCSV defined in RFC7507. If True, servers reject handshakes which suggest a lower protocol than the highest protocol supported.

• supportedEmptyPacket :: Bool

  In ver <= TLS1.0, block ciphers using CBC are using CBC residue as IV, which can be guessed by an attacker. Hence, an empty packet is normally sent before a normal data packet, to prevent guessability. Some Microsoft TLS-based protocol implementations, however, consider these empty packets as a protocol violation and disconnect. If this parameter is False, empty packets will never be added, which is less secure, but might help in rare cases.

• supportedGroups :: [Group]

  A list of supported elliptic curves and finite-field groups in the preferred order. The default value is [X25519,P256,P384,P521]. X25519 and P256 provide 128-bit security which is strong enough until 2030. Both curves are fast because their backends are written in C.

Fields

• sharedCredentials :: Credentials
   
• sharedSessionManager :: SessionManager
   
• sharedCAStore :: CertificateStore
   
• sharedValidationCache :: ValidationCache
   

Fields

• hookRecvHandshake :: Handshake -> IO Handshake

  called at each handshake message received

• hookRecvCertificates :: CertificateChain -> IO ()

  called at each certificate chain message received

• hookLogging :: Logging

  hooks on IO and packets, receiving and sending.

Fields

• loggingPacketSent :: String -> IO ()
   
• loggingPacketRecv :: String -> IO ()
   
• loggingIOSent :: ByteString -> IO ()
   
• loggingIORecv :: Header -> ByteString -> IO ()
   

Fields

• nbHandshakes :: !Word32

  number of handshakes on this context

• bytesReceived :: !Word32

  bytes received since last handshake

• bytesSent :: !Word32

  bytes sent since last handshake

Fields

• sessionVersion :: Version
   
• sessionCipher :: CipherID
   
• sessionCompression :: CompressionID
   
• sessionClientSNI :: Maybe HostName
   
• sessionSecret :: ByteString
   

Fields

• sessionResume :: SessionID -> IO (Maybe SessionData)

  used on server side to decide whether to resume a client session.

• sessionEstablish :: SessionID -> SessionData -> IO ()

  used when a session is established.

• sessionInvalidate :: SessionID -> IO ()

  used when a session is invalidated.

Fields

• backendFlush :: IO ()

  Flush the connection sending buffer, if any.

• backendClose :: IO ()

  Close the connection.

• backendSend :: ByteString -> IO ()

  Send a bytestring through the connection.

• backendRecv :: Int -> IO ByteString

  Receive specified number of bytes from the connection.

Fields

• infoVersion :: Version
   
• infoCipher :: Cipher
   
• infoCompression :: Compression
   
• infoMasterSecret :: Maybe ByteString
   
• infoClientRandom :: Maybe ClientRandom
   
• infoServerRandom :: Maybe ServerRandom
   

Fields

• bulkName :: String
   
• bulkKeySize :: Int
   
• bulkIVSize :: Int
   
• bulkExplicitIV :: Int
   
• bulkAuthTagLen :: Int
   
• bulkBlockSize :: Int
   
• bulkF :: BulkFunctions
   

Fields

• cipherID :: CipherID
   
• cipherName :: String
   
• cipherHash :: Hash
   
• cipherBulk :: Bulk
   
• cipherKeyExchange :: CipherKeyExchangeType
   
• cipherMinVer :: Maybe Version
   
• cipherPRFHash :: Maybe Hash
   

Fields

• checkTimeValidity :: Bool

  check time validity of every certificate in the chain. the make sure that current time is between each validity bounds in the certificate

• checkAtTime :: Maybe DateTime

  The time when the validity check happens. When set to Nothing, the current time will be used

• checkStrictOrdering :: Bool

  Check that no certificate is included that shouldn't be included. unfortunately despite the specification violation, a lots of real world server serves useless and usually old certificates that are not relevant to the certificate sent, in their chain.

• checkCAConstraints :: Bool

  Check that signing certificate got the CA basic constraint. this is absolutely not recommended to turn it off.

• checkExhaustive :: Bool

  Check the whole certificate chain without stopping at the first failure. Allow gathering a exhaustive list of failure reasons. if this is turn off, it's absolutely not safe to ignore a failed reason even it doesn't look serious (e.g. Expired) as other more serious checks would not have been performed.

• checkLeafV3 :: Bool

  Check that the leaf certificate is version 3. If disable, version 2 certificate is authorized in leaf position and key usage cannot be checked.

• checkLeafKeyUsage :: [ExtKeyUsageFlag]

  Check that the leaf certificate is authorized to be used for certain usage. If set to empty list no check are performed, otherwise all the flags is the list need to exists in the key usage extension. If the extension is not present, the check will pass and behave as if the certificate key is not restricted to any specific usage.

• checkLeafKeyPurpose :: [ExtKeyUsagePurpose]

  Check that the leaf certificate is authorized to be used for certain purpose. If set to empty list no check are performed, otherwise all the flags is the list need to exists in the extended key usage extension if present. If the extension is not present, then the check will pass and behave as if the certificate is not restricted to any specific purpose.

• checkFQHN :: Bool

  Check the top certificate names matching the fully qualified hostname (FQHN). it's not recommended to turn this check off, if no other name checks are performed.

Fields

• hookMatchSubjectIssuer :: DistinguishedName -> Certificate -> Bool

  check whether a given issuer DistinguishedName matches the subject DistinguishedName of a candidate issuer certificate.

• hookValidateTime :: DateTime -> Certificate -> [FailedReason]

  check whether the certificate in the second argument is valid at the time provided in the first argument. Return an empty list for success or else one or more failure reasons.

• hookValidateName :: HostName -> Certificate -> [FailedReason]

  validate the certificate leaf name with the DNS named used to connect

• hookFilterReason :: [FailedReason] -> [FailedReason]

  user filter to modify the list of failure reasons

Fields

• cacheQuery :: ValidationCacheQueryCallback

  cache querying callback

• cacheAdd :: ValidationCacheAddCallback

  cache adding callback