quic 0.2.18 → 0.2.19
raw patch · 6 files changed
+33/−5 lines, 6 filesdep +crypton-x509-store
Dependencies added: crypton-x509-store
Files
- ChangeLog.md +5/−0
- Network/QUIC/Client/Run.hs +8/−2
- Network/QUIC/Config.hs +3/−0
- Network/QUIC/Server/Run.hs +7/−1
- Network/QUIC/TLS.hs +8/−1
- quic.cabal +2/−1
ChangeLog.md view
@@ -1,5 +1,10 @@ # ChangeLog +## 0.2.19++* Compare the minimum packet size on packet size determination.+ [#81](https://github.com/kazu-yamamoto/quic/pull/81)+ ## 0.2.18 * Don't print debug information on stdout as a daemon has already
Network/QUIC/Client/Run.hs view
@@ -158,8 +158,14 @@ let ver = chosenVersion verInfo initializeCoder conn InitialLevel $ initialSecrets ver peerCID setupCryptoStreams conn -- fixme: cleanup- let pktSiz0 = fromMaybe 0 ccPacketSize- pktSiz = (defaultPacketSize peersa `max` pktSiz0) `min` maximumPacketSize peersa+ -- RFC9000 \S14.2+ -- "In the absence of these mechanisms, QUIC endpoints SHOULD+ -- NOT send datagrams larger than the smallest allowed maximum+ -- datagram size."+ --+ -- Thus use 1200 bytes for minimum packet size.+ let pktSiz0 = fromMaybe (defaultPacketSize peersa) ccPacketSize+ pktSiz = (defaultQUICPacketSize `max` pktSiz0) `min` maximumPacketSize peersa setMaxPacketSize conn pktSiz setInitialCongestionWindow (connLDCC conn) pktSiz setAddressValidated pathInfo
Network/QUIC/Config.hs view
@@ -4,6 +4,7 @@ module Network.QUIC.Config where import Data.IP+import Data.X509.CertificateStore (CertificateStore) import Data.X509.Validation (validateDefault) import Network.Socket import Network.TLS hiding (@@ -88,6 +89,7 @@ -- -- Default: 'True' , ccOnServerCertificate :: OnServerCertificate+ , ccCAStore :: CertificateStore , ccResumption :: ResumptionInfo -- ^ Use resumption on the 2nd connection if possible. , ccPacketSize :: Maybe Int@@ -134,6 +136,7 @@ , ccALPN = \_ -> return Nothing , ccValidate = True , ccOnServerCertificate = validateDefault+ , ccCAStore = mempty , ccResumption = defaultResumptionInfo , ccPacketSize = Nothing , ccDebugLog = False
Network/QUIC/Server/Run.hs view
@@ -181,8 +181,14 @@ initializeCoder conn InitialLevel $ initialSecrets ver cid setupCryptoStreams conn -- fixme: cleanup let peersa = accPeerSockAddr+ -- RFC9000 \S14.2+ -- "In the absence of these mechanisms, QUIC endpoints SHOULD+ -- NOT send datagrams larger than the smallest allowed maximum+ -- datagram size."+ --+ -- Thus use 1200 bytes for minimum packet size. pktSiz =- (defaultPacketSize peersa `max` accPacketSize)+ (defaultQUICPacketSize `max` accPacketSize) `min` maximumPacketSize peersa setMaxPacketSize conn pktSiz setInitialCongestionWindow (connLDCC conn) pktSiz
Network/QUIC/TLS.hs view
@@ -6,6 +6,7 @@ serverHandshaker, ) where +import Data.X509.CertificateStore (isEmptyCertificateStore) import Network.TLS hiding (Version, defaultSupported) import Network.TLS.QUIC import System.X509@@ -27,7 +28,13 @@ -> Bool -> IO () clientHandshaker callbacks ClientConfig{..} ver myAuthCIDs establish use0RTT = do- caStore <- if ccValidate then getSystemCertificateStore else return mempty+ caStore <-+ if ccValidate+ then+ if isEmptyCertificateStore ccCAStore+ then getSystemCertificateStore+ else return ccCAStore+ else return mempty tlsQUICClient (cparams caStore) callbacks where sni = fromMaybe ccServerName ccServerNameOverride
quic.cabal view
@@ -1,6 +1,6 @@ cabal-version: >=1.10 name: quic-version: 0.2.18+version: 0.2.19 license: BSD3 license-file: LICENSE maintainer: kazu@iij.ad.jp@@ -137,6 +137,7 @@ crypto-token >=0.1.2 && <0.2, crypton >=0.34, crypton-x509 >=1.7.6 && <1.8,+ crypton-x509-store >=1.6.11 && <1.7, crypton-x509-system >=1.6.7 && <1.7, crypton-x509-validation >=1.6 && <1.7, fast-logger >=3.2.2 && <3.3,