packages feed

diohsc 0.1.14.6 → 0.1.14.7

raw patch · 5 files changed

+19/−16 lines, 5 filesdep ~networkdep ~tls

Dependency ranges changed: network, tls

Files

ClientSessionManager.hs view
@@ -38,6 +38,7 @@     (\_ -> return Nothing)     insert     delete+    True     where     insert sid sd@SessionData{ sessionClientSNI = Just sni } = do         now <- timeCurrent@@ -45,7 +46,8 @@         modifyMVar_ sess $ return .             Map.insert (sni, fp) (expire,(sid,sd)) .             fromAscList . filter (\(_,(t,(_,_))) -> t >= now) . toAscList-    insert _ _ = return ()+        return Nothing+    insert _ _ = return Nothing     delete sid =         modifyMVar_ sess $ return .             fromAscList . filter (\(_,(_,(sid',_))) -> sid /= sid') . toAscList
GeminiProtocol.hs view
@@ -214,11 +214,11 @@                 , clientShared = def                     { sharedCAStore = certStore                     , sharedSessionManager = sessionManager }-                , clientEarlyData = Just requestBytes  -- ^Send early data (RTT0) if server session allows it+                , clientUseEarlyData = True  -- ^Send early data (RTT0) if server session allows it                 , clientWantSessionResume = session                 }         (sock,context) <- do-            let retryNoResume (HandshakeFailed (Error_Protocol (_,_,HandshakeFailure)))+            let retryNoResume (HandshakeFailed (Error_Protocol _ HandshakeFailure))                         | isJust session = do                     -- Work around a mysterious problem seen with dezhemini+libssl:                     displayWarning [ "Handshake failure when resuming TLS session; retrying with full handshake." ]@@ -229,8 +229,7 @@             sock <- openSocket             c <- TLS.contextNew sock params             handle retryNoResume $ handshake c >> return (sock,c)-        sentEarly <- (== Just True) . (infoIsEarlyDataAccepted <$>) <$> contextGetInformation context-        unless sentEarly . sendData context $ BL.fromStrict requestBytes+        sendData context $ BL.fromStrict requestBytes         when verboseConnection . void . runMaybeT $ do             info <- MaybeT $ contextGetInformation context             lift . displayInfo $ [ "TLS version " ++ show (infoVersion info) ++@@ -456,6 +455,8 @@     -- |those ciphers from ciphersuite_default fitting the requirements     -- recommended by the gemini "best practices" document:     -- require ECDHE/DHE (for PFS), and >=SHA2, and AES/CHACHA20.+    -- Some of these were subsequently commented out once tls-2.0 dropped+    -- support for them.     gemini_ciphersuite :: [Cipher]     gemini_ciphersuite =         [        -- First the PFS + GCM + SHA2 ciphers@@ -463,15 +464,15 @@         , cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256         , cipher_ECDHE_RSA_AES128GCM_SHA256, cipher_ECDHE_RSA_AES256GCM_SHA384         , cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256-        , cipher_DHE_RSA_AES128GCM_SHA256, cipher_DHE_RSA_AES256GCM_SHA384-        , cipher_DHE_RSA_CHACHA20POLY1305_SHA256+        --, cipher_DHE_RSA_AES128GCM_SHA256, cipher_DHE_RSA_AES256GCM_SHA384+        --, cipher_DHE_RSA_CHACHA20POLY1305_SHA256         ,        -- Next the PFS + CCM + SHA2 ciphers           cipher_ECDHE_ECDSA_AES128CCM_SHA256, cipher_ECDHE_ECDSA_AES256CCM_SHA256-        , cipher_DHE_RSA_AES128CCM_SHA256, cipher_DHE_RSA_AES256CCM_SHA256+        --, cipher_DHE_RSA_AES128CCM_SHA256, cipher_DHE_RSA_AES256CCM_SHA256                  -- Next the PFS + CBC + SHA2 ciphers-        , cipher_ECDHE_ECDSA_AES128CBC_SHA256, cipher_ECDHE_ECDSA_AES256CBC_SHA384-        , cipher_ECDHE_RSA_AES128CBC_SHA256, cipher_ECDHE_RSA_AES256CBC_SHA384-        , cipher_DHE_RSA_AES128_SHA256, cipher_DHE_RSA_AES256_SHA256+        --, cipher_ECDHE_ECDSA_AES128CBC_SHA256, cipher_ECDHE_ECDSA_AES256CBC_SHA384+        --, cipher_ECDHE_RSA_AES128CBC_SHA256, cipher_ECDHE_RSA_AES256CBC_SHA384+        --, cipher_DHE_RSA_AES128_SHA256, cipher_DHE_RSA_AES256_SHA256                 -- TLS13 (listed at the end but version is negotiated first)         , cipher_TLS13_AES128GCM_SHA256         , cipher_TLS13_AES256GCM_SHA384
Makefile view
@@ -1,4 +1,4 @@-VERSION=0.1.14.6+VERSION=0.1.14.7  GHCOPTS=-threaded -DICONV -DMAGIC -ignore-package regex-compat-tdfa 
Version.hs view
@@ -16,4 +16,4 @@ programName = "diohsc"  version :: String-version = "0.1.14.6"+version = "0.1.14.7"
diohsc.cabal view
@@ -1,6 +1,6 @@ cabal-version:      1.18 name:               diohsc-version:            0.1.14.6+version:            0.1.14.7 license:            GPL-3 license-file:       COPYING maintainer:         mbays@sdf.org@@ -104,7 +104,7 @@         mime >=0.4.0.2 && <0.5,         mtl >=2.1.3.1 && <2.4,         memory >=0.14 && <0.19,-        network >=2.4.2.3 && <3.2,+        network >=2.4.2.3 && <3.3,         network-simple >=0.4.3 && <0.5,         network-uri >=2.6.3.0 && <2.8,         parsec >=3.1.5 && <3.2,@@ -116,7 +116,7 @@         temporary ==1.3.*,         terminal-size >=0.3.2.1 && <0.4,         text >=1.1.0.0 && <2.2,-        tls >=1.5.4 && <1.10,+        tls >=1.5.4 && <2.1,         transformers >=0.3.0.0 && <0.7,         crypton-x509 >=1.7.5 && <1.8,         crypton-x509-store >=1.6.7 && <1.7,