tls 0.9.6 → 0.9.7
raw patch · 3 files changed
+16/−1 lines, 3 filesPVP ok
version bump matches the API change (PVP)
API changes (from Hackage documentation)
Files
- Network/TLS/Core.hs +9/−0
- Network/TLS/State.hs +6/−0
- tls.cabal +1/−1
Network/TLS/Core.hs view
@@ -167,10 +167,19 @@ -- | Send one packet to the context sendPacket :: MonadIO m => TLSCtx c -> Packet -> m () sendPacket ctx pkt = do+ -- in ver <= TLS1.0, block ciphers using CBC are using CBC residue as IV, which can be guessed+ -- by an attacker. Hence, an empty packet is sent before a normal data packet, to+ -- prevent guessability.+ withEmptyPacket <- usingState_ ctx needEmptyPacket+ when (isNonNullAppData pkt && withEmptyPacket) $ sendPacket ctx $ AppData B.empty+ liftIO $ (loggingPacketSent $ ctxLogging ctx) (show pkt) dataToSend <- usingState_ ctx $ writePacket pkt liftIO $ (loggingIOSent $ ctxLogging ctx) dataToSend liftIO $ connectionSend ctx dataToSend+ where+ isNonNullAppData (AppData b) = B.null b+ isNonNullAppData _ = False -- | Create a new Client context with a configuration, a RNG, a generic connection and the connection operation. clientWith :: (MonadIO m, CryptoRandomGen g)
Network/TLS/State.hs view
@@ -39,6 +39,7 @@ , setSession , getSession , getSessionData+ , needEmptyPacket , isSessionResuming , switchTxEncryption , switchRxEncryption@@ -267,6 +268,11 @@ isSessionResuming :: MonadState TLSState m => m Bool isSessionResuming = gets stSessionResuming++needEmptyPacket :: MonadState TLSState m => m Bool+needEmptyPacket = gets f+ where f st = (stVersion st <= TLS10)+ && (maybe False (\c -> bulkBlockSize (cipherBulk c) > 0) (stCipher st)) setKeyBlock :: MonadState TLSState m => m () setKeyBlock = do
tls.cabal view
@@ -1,5 +1,5 @@ Name: tls-Version: 0.9.6+Version: 0.9.7 Description: Native Haskell TLS and SSL protocol implementation for server and client. .