warp-tls 1.3.4 → 1.3.5
raw patch · 2 files changed
+14/−34 lines, 2 filesdep +crypto-random-apidep −crypto-apidep ~certificatedep ~cryptocipherdep ~pem
Dependencies added: crypto-random-api
Dependencies removed: crypto-api
Dependency ranges changed: certificate, cryptocipher, pem, tls, tls-extra, transformers
Files
- Network/Wai/Handler/WarpTLS.hs +6/−26
- warp-tls.cabal +8/−8
Network/Wai/Handler/WarpTLS.hs view
@@ -1,6 +1,5 @@ {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RankNTypes #-}-{-# LANGUAGE CPP #-} module Network.Wai.Handler.WarpTLS ( TLSSettings (..) , runTLS@@ -11,12 +10,11 @@ import Network.Wai.Handler.Warp import Network.Wai import Network.Socket-import Crypto.Random import qualified Data.ByteString.Lazy as L import Data.Conduit.Binary (sourceFileRange) import qualified Data.Conduit as C import qualified Data.Conduit.List as CL-import Control.Exception (bracket, handle, SomeException)+import Control.Exception (bracket) import qualified Network.TLS.Extra as TLSExtra import qualified Data.Certificate.X509 as X509 import qualified Data.ByteString as B@@ -29,6 +27,7 @@ import Data.Maybe (fromMaybe) import qualified Data.IORef as I import Control.Monad (unless)+import Crypto.Random.API (getSystemRandomGen) data TLSSettings = TLSSettings { certFile :: FilePath@@ -39,7 +38,6 @@ runTLSSocket tset set sock app = do certs <- readCertificates $ certFile tset pk <- readPrivateKey $ keyFile tset-#if MIN_VERSION_tls(1, 0, 0) let params = TLS.updateServerParams (\sp -> sp { TLS.serverWantClientCert = False }) $@@ -48,17 +46,9 @@ , TLS.pCiphers = ciphers , TLS.pCertificates = zip certs $ (Just pk):repeat Nothing }-#else- let params = TLS.defaultParams- { TLS.pWantClientCert = False- , TLS.pAllowedVersions = [TLS.SSL3,TLS.TLS10,TLS.TLS11,TLS.TLS12]- , TLS.pCiphers = ciphers- , TLS.pCertificates = zip certs $ (Just pk):repeat Nothing- }-#endif- runSettingsConnectionMaker set (getter params sock) app+ runSettingsConnectionMaker set (getter params) app where- getter params sock = do+ getter params = do (s, sa) <- acceptSafe sock let mkConn = do (fromClient, firstBS) <- sourceSocket s C.$$+ CL.peek@@ -71,8 +61,7 @@ return bs if maybe False ((== 0x16) . fst) (firstBS >>= B.uncons) then do- gen <- newGenIO-#if MIN_VERSION_tls(1, 0, 0)+ gen <- getSystemRandomGen ctx <- TLS.contextNew TLS.Backend { TLS.backendFlush = return ()@@ -81,16 +70,7 @@ , TLS.backendRecv = getNext . takeMost } params- (gen :: SystemRandom)-#else- ctx <- TLS.serverWith- params- (gen :: SystemRandom)- s- (return ()) -- flush- (\bs -> C.yield bs C.$$ toClient)- (getNext . takeMost)-#endif+ gen TLS.handshake ctx let conn = Connection { connSendMany = TLS.sendData ctx . L.fromChunks
warp-tls.cabal view
@@ -1,5 +1,5 @@ Name: warp-tls-Version: 1.3.4+Version: 1.3.5 Synopsis: SSL support for Warp via the TLS package License: MIT License-file: LICENSE@@ -17,15 +17,15 @@ , bytestring >= 0.9 , wai >= 1.3 && < 1.4 , warp >= 1.3.5 && < 1.4- , transformers >= 0.2 && < 0.4+ , transformers >= 0.2 , conduit >= 0.5 && < 0.6 , network-conduit >= 0.6 && < 0.7- , certificate >= 1.2 && < 1.4- , pem >= 0.1 && < 0.2- , cryptocipher >= 0.3 && < 0.4- , tls-extra >= 0.4.5 && < 0.6- , tls >= 0.9.6 && < 1.1- , crypto-api >= 0.8 && < 0.11+ , certificate >= 1.2+ , pem >= 0.1+ , cryptocipher >= 0.3+ , tls-extra >= 0.6+ , tls >= 1.1+ , crypto-random-api >= 0.2 , network >= 2.2.1 Exposed-modules: Network.Wai.Handler.WarpTLS ghc-options: -Wall