warp-tls

HTTP over TLS support for Warp via the TLS package

http://github.com/yesodweb/wai

Version on this page:3.3.2
LTS Haskell 22.14:3.4.4
Stackage Nightly 2024-03-28:3.4.4
Latest on Hackage:3.4.4

See all snapshots warp-tls appears in

MIT licensed by Michael Snoyman
Maintained by [email protected]
This version can be pinned in stack with:warp-tls-3.3.2@sha256:6dcedd709889833679f42ea22560a419f8f808be2048a23c8e10511920630251,1796

Module documentation for 3.3.2

warp-tls

Serve WAI applications using the Warp webserver and the Haskell TLS library.

In order to generate a self-signed certificate for testing, try the following:

openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out certificate.csr
openssl x509 -req -in certificate.csr -signkey key.pem -out certificate.pem

Changes

3.3.2

  • Providing the Internal module. #841

3.3.1

  • Move exception handling over to unliftio for better async exception support #845
  • Cleanly close connection when client closes connection prematurely #844

3.3.0

  • Breaking changes: certFile and keyFile are not exported anymore.
  • Allow TLS credentials to be retrieved from an IORef. #806

3.2.12

  • A config field: tlsCredentials and tlsSessionManager. #805

3.2.11

  • Ignoring an exception from shutdown (gracefulClose).

3.2.10

  • Passing client certificate, if any, to Warp #783

3.2.9

  • Cooperating setGracefulCloseTimeout1 and setGracefulCloseTimeout2 of Warp. #782

3.2.8

  • Using gracefullClose of network 3.1.1 or later if available.

3.2.7

  • Relaxing version constraint.

3.2.6

  • Using the Strict and StrictData language extensions for GHC >8. #752

3.2.5

  • When tls 1.5.0 is available, TLS 1.3 is automatically supported.

3.2.4.3

  • Using warp >= 3.2.17.

3.2.4.2

  • Ignore socket errors while sending close_notify #640

3.2.4

  • Using tls-session-manager.

3.2.3

  • Stop using obsoleted APIs of network.

3.2.2

  • New settting parameter: tlsServerDHEParams #556
  • Preventing socket leakage #559

3.2.1

  • Removing dependency to cprng-aes.

3.2.0

  • Major version up due to breaking changes.
  • runHTTP2TLS and runHTTP2TLSSocket were removed.

3.1.4

  • Add an option to disable HTTP2 #450

3.1.3

  • Removing SHA 512 and SHA 384 from supportedCiphers to rescue Safari and golang. #429

3.1.2

3.1.1

  • Converting “send: resource vanished (Broken pipe)” to ConnectionClosedByPeer. #421

3.1.0

  • Supporting HTTP/2 #399
  • Removing RC4 #400

3.0.4.2

  • tls 1.3 support #390

3.0.4.1

  • Fix for leaked FDs #378

3.0.4

  • Replace acceptSafe with accept, see #361

3.0.3

  • Support chain certs #349

3.0.2

  • Allow warp-tls to request client certificates. #337

3.0.1.4

Add additional Diffie-Hellman RSA and DSA ciphers to warp-tls.

3.0.1.3

Unable to allow insecure connections with warp-tls #324

3.0.1.2

Make sure Timer is tickled in sendfile. #323

3.0.1

Support for in-memory certificates and keys