Allow connection with disabled certificate validation

src/Network/HaskellNet/SSL.hs

@@ -6,9 +6,10 @@ module Network.HaskellNet.SSL
 import Network.Socket.Internal (PortNumber)
 
 data Settings = Settings
-              { sslPort          :: PortNumber
-              , sslMaxLineLength :: Int
-              , sslLogToConsole  :: Bool
+              { sslPort                        :: PortNumber
+              , sslMaxLineLength               :: Int
+              , sslLogToConsole                :: Bool
+              , sslDisableCertficateValidation :: Bool
               }
 
 defaultSettingsWithPort :: PortNumber -> Settings
@@ -16,4 +17,5 @@ defaultSettingsWithPort p = Settings
   { sslPort = p
   , sslMaxLineLength = 10000
   , sslLogToConsole = False
+  , sslDisableCertficateValidation = False
   }

src/Network/HaskellNet/SSL/Internal.hs

@@ -41,13 +41,15 @@ connectSSL :: String -> Settings -> IO BSStream
 connectSSL hostname cfg = do
     c <- initConnectionContext >>= flip connectTo params
     return $ connectionToStream c cfg
-  where params = ConnectionParams hostname port (Just def) Nothing
+  where params = ConnectionParams hostname port (Just tlsCfg) Nothing
         port = sslPort cfg
+        tlsCfg = def { settingDisableCertificateValidation = sslDisableCertficateValidation cfg }
 
 connectPlain :: String -> Settings -> IO (BSStream, STARTTLS)
 connectPlain hostname cfg = do
     ctx <- initConnectionContext
     c <- connectTo ctx params
-    return (connectionToStream c cfg, connectionSetSecure ctx c def)
+    return (connectionToStream c cfg, connectionSetSecure ctx c tlsCfg)
   where params = ConnectionParams hostname port Nothing Nothing
         port = sslPort cfg
+        tlsCfg = def { settingDisableCertificateValidation = sslDisableCertficateValidation cfg }