1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
module Network.TLS.PostHandshake (
requestCertificate,
requestCertificateServer,
postHandshakeAuthWith,
postHandshakeAuthClientWith,
postHandshakeAuthServerWith,
) where
import Network.TLS.Context.Internal
import Network.TLS.IO
import Network.TLS.Struct13
import Network.TLS.Handshake.Client
import Network.TLS.Handshake.Common
import Network.TLS.Handshake.Server
-- | Post-handshake certificate request with TLS 1.3. Returns 'True' if the
-- request was possible, i.e. if TLS 1.3 is used and the remote client supports
-- post-handshake authentication.
requestCertificate :: Context -> IO Bool
requestCertificate ctx =
withWriteLock ctx $
checkValid ctx >> doRequestCertificate_ (ctxRoleParams ctx) ctx
-- Handle a post-handshake authentication flight with TLS 1.3. This is called
-- automatically by 'recvData', in a context where the read lock is already
-- taken.
postHandshakeAuthWith :: Context -> Handshake13 -> IO ()
postHandshakeAuthWith ctx hs =
withWriteLock ctx $
handleException ctx $
doPostHandshakeAuthWith_ (ctxRoleParams ctx) ctx hs
|
