MIT licensed by Michael Snoyman
This version can be pinned in stack with:warp-tls-3.4.9@sha256:a081e20e12583bd2a0628f97eafd2f1a3ba077eed26e313a53f8389a8bcb1a3f,1816
Module documentation for 3.4.9
Depends on 11 packages
(full list with versions):
base,
bytestring,
data-default,
network,
recv,
streaming-commons,
tls,
tls-session-manager,
unliftio,
wai,
warp warp-tls
Serve WAI applications using the Warp webserver and the Haskell TLS library.
In order to generate a self-signed certificate for testing, try the following:
openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out certificate.csr
openssl x509 -req -in certificate.csr -signkey key.pem -out certificate.pem
ChangeLog
3.4.9
- Using
timeout for handshake to prevent thread leaks.
3.4.8
- Substituted
data-default-class for data-default #1010
3.4.7
- Expose
attachConn to use post-handshake TLS connection.
#1007
3.4.6
3.4.5
- Making mkConn of WarpTLS interruptible
#984
3.4.4
3.4.3
- Install shutdown handlers passed via
Settings to run... functions
3.4.2
3.4.1
3.4.0
- Major version up to deprecate v3.3.7 due to the incompatibility
against cryptonite.
3.3.7
- Using crypton instead of cryptonite.
#931
3.3.6
- Setting FD_CLOEXEC on the listening socket.
#923
3.3.5
- Switching the version of the “recv” package from 0.0.x to 0.1.x.
3.3.4
- Integrated customizable
accept hook from Network.Wai.Handler.Warp.Settings (cf. setAccept)
#912
- Adjusted
httpOverTls because of the factoring out of Network.Wai.Handler.Warp.Recv to its own package recv in the warp package.
#899
3.3.3
- Creating a bigger buffer when the current one is too small to fit the Builder
#895
- Expose TLS.supportedHashSignatures via TLSSettings
#872
3.3.2
- Providing the Internal module.
#841
3.3.1
- Move exception handling over to
unliftio for better async exception support #845
- Cleanly close connection when client closes connection prematurely #844
3.3.0
- Breaking changes: certFile and keyFile are not exported anymore.
- Allow TLS credentials to be retrieved from an IORef.
#806
3.2.12
- A config field: tlsCredentials and tlsSessionManager.
#805
3.2.11
- Ignoring an exception from shutdown (gracefulClose).
3.2.10
- Passing client certificate, if any, to Warp
#783
3.2.9
- Cooperating setGracefulCloseTimeout1 and setGracefulCloseTimeout2 of Warp.
#782
3.2.8
- Using gracefullClose of network 3.1.1 or later if available.
3.2.7
- Relaxing version constraint.
3.2.6
- Using the Strict and StrictData language extensions for GHC >8.
#752
3.2.5
- When tls 1.5.0 is available, TLS 1.3 is automatically supported.
3.2.4.3
3.2.4.2
- Ignore socket errors while sending
close_notify #640
3.2.4
- Using tls-session-manager.
3.2.3
- Stop using obsoleted APIs of network.
3.2.2
- New settting parameter: tlsServerDHEParams #556
- Preventing socket leakage #559
3.2.1
- Removing dependency to cprng-aes.
3.2.0
- Major version up due to breaking changes.
- runHTTP2TLS and runHTTP2TLSSocket were removed.
3.1.4
- Add an option to disable HTTP2 #450
3.1.3
- Removing SHA 512 and SHA 384 from supportedCiphers to rescue Safari and golang. #429
3.1.2
3.1.1
- Converting “send: resource vanished (Broken pipe)” to ConnectionClosedByPeer. #421
3.1.0
- Supporting HTTP/2 #399
- Removing RC4 #400
3.0.4.2
3.0.4.1
3.0.4
- Replace
acceptSafe with accept, see #361
3.0.3
3.0.2
- Allow warp-tls to request client certificates. #337
3.0.1.4
Add additional Diffie-Hellman RSA and DSA ciphers to warp-tls.
3.0.1.3
Unable to allow insecure connections with warp-tls #324
3.0.1.2
Make sure Timer is tickled in sendfile. #323
3.0.1
Support for in-memory certificates and keys
