gemini-server 0.2.0.0 → 0.3.0.0
raw patch · 3 files changed
+15/−11 lines, 3 filesdep ~HsOpenSSLdep ~basedep ~bytestringPVP ok
version bump matches the API change (PVP)
Dependency ranges changed: HsOpenSSL, base, bytestring, network, network-run, text
API changes (from Hackage documentation)
- Network.Gemini.Server: runServer :: Maybe HostName -> ServiceName -> FilePath -> (Request -> IO Response) -> IO ()
+ Network.Gemini.Server: runServer :: Maybe HostName -> ServiceName -> FilePath -> FilePath -> (Request -> IO Response) -> IO ()
Files
- CHANGELOG.md +5/−1
- Network/Gemini/Server.hs +7/−5
- gemini-server.cabal +3/−5
CHANGELOG.md view
@@ -1,5 +1,10 @@ # Revision history for gemini-server +## 0.3.0.0 -- 2021-03-19++* Allow different paths for key and cert+* Fix TLS session resumption by setting a session id context+ ## 0.2.0.0 -- 2021-02-22 * SSL/TLS support, including client certificates.@@ -7,4 +12,3 @@ ## 0.1.0.0 -- 2020-07-24 * First version. Released on an unsuspecting world.-
Network/Gemini/Server.hs view
@@ -63,12 +63,13 @@ runServer :: Maybe HostName -> ServiceName -> FilePath -- ^ Path to the server certificate+ -> FilePath -- ^ Path to the private key -> (Request -> IO Response) -- ^ Request handler -> IO ()-runServer host service cert handler = withOpenSSL $ do+runServer host service cert key handler = withOpenSSL $ do updateGlobalLogger "Network.Gemini.Server" $ setLevel INFO -- MAYBE server config- sslCtx <- setupSSL cert+ sslCtx <- setupSSL cert key runTCPServer host service $ \sock -> do peer <- getPeerName sock catch -- the ssl session may fail@@ -78,16 +79,17 @@ (talk handler peer)) (\e -> logM "Network.Gemini.Server" ERROR $ show (e :: SomeException)) -setupSSL :: FilePath -> IO SSL.SSLContext-setupSSL cert = do+setupSSL :: FilePath -> FilePath -> IO SSL.SSLContext+setupSSL cert key = do sslCtx <- SSL.context SSL.contextSetDefaultCiphers sslCtx SSL.contextSetCertificateFile sslCtx cert- SSL.contextSetPrivateKeyFile sslCtx cert+ SSL.contextSetPrivateKeyFile sslCtx key SSL.contextSetVerificationMode sslCtx $ SSL.VerifyPeer False True $ -- Accept all certificates, since we don't really care about validity wrt CAs -- but only about the public key Just $ \_ _ -> pure True+ SSL.contextSetSessionIdContext sslCtx $ fromString "gemini-server" pure sslCtx acceptSSL :: SSL.SSLContext -> Socket -> IO SSL
gemini-server.cabal view
@@ -1,13 +1,11 @@ cabal-version: 2.2 name: gemini-server-version: 0.2.0.0+version: 0.3.0.0 synopsis: A lightweight server for the Gemini protocol description: This package contains a server for the Gemini (<https://gemini.circumlunar.space/>) protocol.- There is no tls support yet, so you'll need a tls terminator like stunnel- in front of it. For a higher level interface, see the gemini-router package. homepage: https://sr.ht/~fgaz/haskell-gemini/ bug-reports: https://todo.sr.ht/~fgaz/haskell-gemini@@ -25,7 +23,7 @@ library exposed-modules: Network.Gemini.Server- build-depends: base ^>=4.12.0.0 || ^>=4.13.0.0 || ^>=4.14.0.0+ build-depends: base ^>=4.12.0.0 || ^>=4.13.0.0 || ^>=4.14.0.0 || ^>=4.15.0.0 , network ^>=3.1.1.1 , network-run ^>=0.2.3 , network-uri ^>=2.6.3.0 || ^>=2.7.0.0@@ -33,6 +31,6 @@ , utf8-string ^>=1.0.1.1 , bytestring ^>=0.10.10.0 , hslogger ^>=1.3.1.0- , HsOpenSSL ^>=0.11.5.1+ , HsOpenSSL ^>=0.11.6 ghc-options: -Wall default-language: Haskell2010