From ad0f652cb3b6d3b8bc50a4255837e55400b23c84 Mon Sep 17 00:00:00 2001 From: Kazu Yamamoto Date: Tue, 6 Nov 2018 16:44:56 +0900 Subject: [PATCH 1/2] using LTS 12.17 and http-client (>= 0.5) for Haskell TLS. --- stubs/haskell-http-client-tls/src/Main.hs | 10 ++++++---- stubs/haskell-http-client-tls/stack.yaml | 2 +- .../haskell-http-client-tls/test-http-client-tls.cabal | 2 +- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/stubs/haskell-http-client-tls/src/Main.hs b/stubs/haskell-http-client-tls/src/Main.hs index 905e565..0c88935 100644 --- a/stubs/haskell-http-client-tls/src/Main.hs +++ b/stubs/haskell-http-client-tls/src/Main.hs @@ -8,7 +8,9 @@ import Data.ByteString.Char8 (unpack) import System.Environment (getArgs, getProgName) import System.Exit (exitFailure, exitSuccess) -import Network.HTTP.Client (HttpException (..), httpLbs, +import Network.HTTP.Client (HttpException (..), + HttpExceptionContent(..), + httpLbs, newManager, parseRequest, responseStatus) import Network.HTTP.Client.TLS (mkManagerSettings) @@ -23,7 +25,7 @@ import Network.TLS (ClientParams, clientShared, clientSupported, defaultParamsClient, sharedCAStore, supportedCiphers) -import Network.TLS.Extra.Cipher (ciphersuite_all) +import Network.TLS.Extra.Cipher (ciphersuite_strong) main :: IO () main = do @@ -54,7 +56,7 @@ main = do _ <- catch (doGet request manager) (\exp' -> case exp' of - TlsExceptionHostPort e _ _ -> do + HttpExceptionRequest _req (InternalException e) -> do print e putStrLn "REJECT" exitSuccess @@ -84,6 +86,6 @@ injectCA caBundle p = injectCiphers :: ClientParams -> ClientParams injectCiphers p = - p { clientSupported = supported { supportedCiphers = ciphersuite_all } } + p { clientSupported = supported { supportedCiphers = ciphersuite_strong } } where supported = clientSupported p diff --git a/stubs/haskell-http-client-tls/stack.yaml b/stubs/haskell-http-client-tls/stack.yaml index 323812b..068a174 100644 --- a/stubs/haskell-http-client-tls/stack.yaml +++ b/stubs/haskell-http-client-tls/stack.yaml @@ -1 +1 @@ -resolver: lts-7.15 +resolver: lts-12.17 diff --git a/stubs/haskell-http-client-tls/test-http-client-tls.cabal b/stubs/haskell-http-client-tls/test-http-client-tls.cabal index c2ec61a..605a583 100644 --- a/stubs/haskell-http-client-tls/test-http-client-tls.cabal +++ b/stubs/haskell-http-client-tls/test-http-client-tls.cabal @@ -20,7 +20,7 @@ executable test-http-client-tls build-depends: base >= 4.7 && < 5 , bytestring , connection - , http-client + , http-client >= 0.5 , http-client-tls , http-types , tls From dc52217c04c1b0339fe6cc6cc0a57ea3397888a0 Mon Sep 17 00:00:00 2001 From: Kazu Yamamoto Date: Thu, 8 Nov 2018 12:49:28 +0900 Subject: [PATCH 2/2] using ciphersuite_default. --- stubs/haskell-http-client-tls/src/Main.hs | 4 ++-- stubs/haskell-http-client-tls/stack.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/stubs/haskell-http-client-tls/src/Main.hs b/stubs/haskell-http-client-tls/src/Main.hs index 0c88935..ea54b57 100644 --- a/stubs/haskell-http-client-tls/src/Main.hs +++ b/stubs/haskell-http-client-tls/src/Main.hs @@ -25,7 +25,7 @@ import Network.TLS (ClientParams, clientShared, clientSupported, defaultParamsClient, sharedCAStore, supportedCiphers) -import Network.TLS.Extra.Cipher (ciphersuite_strong) +import Network.TLS.Extra.Cipher (ciphersuite_default) main :: IO () main = do @@ -86,6 +86,6 @@ injectCA caBundle p = injectCiphers :: ClientParams -> ClientParams injectCiphers p = - p { clientSupported = supported { supportedCiphers = ciphersuite_strong } } + p { clientSupported = supported { supportedCiphers = ciphersuite_default } } where supported = clientSupported p diff --git a/stubs/haskell-http-client-tls/stack.yaml b/stubs/haskell-http-client-tls/stack.yaml index 068a174..a4a1889 100644 --- a/stubs/haskell-http-client-tls/stack.yaml +++ b/stubs/haskell-http-client-tls/stack.yaml @@ -1 +1,4 @@ resolver: lts-12.17 +packages: +- . +- /Users/kazu/work/hs-tls/core