diff options
| author | Adrian Cochrane <adrian@openwork.nz> | 2020-10-11 21:05:09 +1300 |
|---|---|---|
| committer | Adrian Cochrane <adrian@openwork.nz> | 2020-10-11 21:05:09 +1300 |
| commit | 064298a3d450ee4dcaad24fa25d3c329232466dd (patch) | |
| tree | b23fed269e274743f1e132fa374217b5a73bedfb | |
| parent | ce8562b4fa89c09d4eccba73773e51b62d2dd7aa (diff) | |
| download | hurl-064298a3d450ee4dcaad24fa25d3c329232466dd.tar.gz hurl-064298a3d450ee4dcaad24fa25d3c329232466dd.tar.bz2 hurl-064298a3d450ee4dcaad24fa25d3c329232466dd.zip | |
Adjust OpenSSL settings (Help please!)
| -rw-r--r-- | src/Network/URI/Fetch.hs | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/Network/URI/Fetch.hs b/src/Network/URI/Fetch.hs index 062dda6..1767d95 100644 --- a/src/Network/URI/Fetch.hs +++ b/src/Network/URI/Fetch.hs @@ -107,14 +107,18 @@ newSession' :: String -> IO Session newSession' appname = do (ietfLocale, unixLocale) <- rfc2616Locale #ifdef WITH_HTTP_URI - managerHTTP' <- HTTP.newManager $ TLS.opensslManagerSettings TLS.context + httpsCtxt <- TLS.context + TLS.contextSetDefaultCiphers httpsCtxt + TLS.contextSetCADirectory httpsCtxt "/etc/ssl/certs" + TLS.contextSetVerificationMode httpsCtxt $ TLS.VerifyPeer True True Nothing + managerHTTP' <- HTTP.newManager $ TLS.opensslManagerSettings $ return httpsCtxt #endif #ifdef WITH_RAW_CONNECTIONS connCtxt <- TLS.context TLS.contextSetDefaultCiphers connCtxt TLS.contextSetCADirectory connCtxt "/etc/ssl/certs" TLS.contextSetVerificationMode connCtxt $ - TLS.VerifyPeer True True Nothing + TLS.VerifyPeer True True $ Just $ \valid _ -> return valid -- FIXME: Implement Trust-On-First-Use #endif #ifdef WITH_XDG apps' <- loadXDGConfig unixLocale |