MIT licensed by Michael Snoyman
This version can be pinned in stack with:warp-tls-3.3.1@sha256:4dcdb804d298414968229bc674a26efd05efe1ec111bcf60bcc9009a92a24c13,1758
Module documentation for 3.3.1
Depends on 11 packages
(full list with versions):
base,
bytestring,
cryptonite,
data-default-class,
network,
streaming-commons,
tls,
tls-session-manager,
unliftio,
wai,
warp warp-tls
Serve WAI applications using the Warp webserver and the Haskell TLS library.
In order to generate a self-signed certificate for testing, try the following:
openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out certificate.csr
openssl x509 -req -in certificate.csr -signkey key.pem -out certificate.pem
3.3.1
- Move exception handling over to
unliftio
for better async exception support #845
- Cleanly close connection when client closes connection prematurely #844
3.3.0
- Breaking changes: certFile and keyFile are not exported anymore.
- Allow TLS credentials to be retrieved from an IORef.
#806
3.2.12
- A config field: tlsCredentials and tlsSessionManager.
#805
3.2.11
- Ignoring an exception from shutdown (gracefulClose).
3.2.10
- Passing client certificate, if any, to Warp
#783
3.2.9
- Cooperating setGracefulCloseTimeout1 and setGracefulCloseTimeout2 of Warp.
#782
3.2.8
- Using gracefullClose of network 3.1.1 or later if available.
3.2.7
- Relaxing version constraint.
3.2.6
- Using the Strict and StrictData language extensions for GHC >8.
#752
3.2.5
- When tls 1.5.0 is available, TLS 1.3 is automatically supported.
3.2.4.3
3.2.4.2
- Ignore socket errors while sending
close_notify
#640
3.2.4
- Using tls-session-manager.
3.2.3
- Stop using obsoleted APIs of network.
3.2.2
- New settting parameter: tlsServerDHEParams #556
- Preventing socket leakage #559
3.2.1
- Removing dependency to cprng-aes.
3.2.0
- Major version up due to breaking changes.
- runHTTP2TLS and runHTTP2TLSSocket were removed.
3.1.4
- Add an option to disable HTTP2 #450
3.1.3
- Removing SHA 512 and SHA 384 from supportedCiphers to rescue Safari and golang. #429
3.1.2
3.1.1
- Converting “send: resource vanished (Broken pipe)” to ConnectionClosedByPeer. #421
3.1.0
- Supporting HTTP/2 #399
- Removing RC4 #400
3.0.4.2
3.0.4.1
3.0.4
- Replace
acceptSafe
with accept
, see #361
3.0.3
3.0.2
- Allow warp-tls to request client certificates. #337
3.0.1.4
Add additional Diffie-Hellman RSA and DSA ciphers to warp-tls.
3.0.1.3
Unable to allow insecure connections with warp-tls #324
3.0.1.2
Make sure Timer is tickled in sendfile. #323
3.0.1
Support for in-memory certificates and keys