asakul
/
pontarius-xmpp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

move TLS default parameters to Network.Xmpp.Types and add weaker AES-SHA1-based ciphers for compatibility with facebook

master
Philipp Balzarek 12 years ago
parent
1edaab5b92
commit
0e2a750004
2 changed files with 11 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      source/Network/Xmpp/Tls.hs
  2. 14
      source/Network/Xmpp/Types.hs

4
source/Network/Xmpp/Tls.hs
Unescape View File

@ -19,6 +19,7 @@ import Data.IORef
import Data.XML.Types import Data.XML.Types
import Network.DNS.Resolver (ResolvConf) import Network.DNS.Resolver (ResolvConf)
import Network.TLS import Network.TLS
import Network.TLS.Extra
import Network.Xmpp.Stream import Network.Xmpp.Stream
import Network.Xmpp.Types import Network.Xmpp.Types
import System.Log.Logger (debugM, errorM, infoM) import System.Log.Logger (debugM, errorM, infoM)
@ -111,9 +112,6 @@ client :: (MonadIO m, CPRG rng) => Params -> rng -> Backend -> m Context
client params gen backend = do client params gen backend = do
contextNew backend params gen contextNew backend params gen
xmppDefaultParams :: Params
xmppDefaultParams = defaultParamsClient
tlsinit :: (MonadIO m, MonadIO m1) => tlsinit :: (MonadIO m, MonadIO m1) =>
TLSParams TLSParams
-> Backend -> Backend

14
source/Network/Xmpp/Types.hs
Unescape View File

@ -48,6 +48,7 @@ module Network.Xmpp.Types
, StreamErrorInfo(..) , StreamErrorInfo(..)
, ConnectionDetails(..) , ConnectionDetails(..)
, StreamConfiguration(..) , StreamConfiguration(..)
, xmppDefaultParams
, Jid(..) , Jid(..)
#if WITH_TEMPLATE_HASKELL #if WITH_TEMPLATE_HASKELL
, jidQ , jidQ
@ -1032,6 +1033,14 @@ data StreamConfiguration =
, tlsParams :: TLSParams , tlsParams :: TLSParams
} }
-- | Default parameters for TLS. Those are the default client parameters from the tls package with the ciphers set to ciphersuite_strong
xmppDefaultParams :: Params
xmppDefaultParams = defaultParamsClient{ pCiphers = ciphersuite_strong
++ [ cipher_AES256_SHA1
, cipher_AES128_SHA1
]
}
instance Default StreamConfiguration where instance Default StreamConfiguration where
def = StreamConfiguration { preferredLang = Nothing def = StreamConfiguration { preferredLang = Nothing
, toJid = Nothing , toJid = Nothing
@ -1039,10 +1048,7 @@ instance Default StreamConfiguration where
, resolvConf = defaultResolvConf , resolvConf = defaultResolvConf
, establishSession = True , establishSession = True
, tlsBehaviour = PreferTls , tlsBehaviour = PreferTls
, tlsParams = defaultParamsClient { pConnectVersion = TLS10 , tlsParams = xmppDefaultParams
, pAllowedVersions = [TLS10, TLS11, TLS12]
, pCiphers = ciphersuite_strong
}
} }
-- | How the client should behave in regards to TLS. -- | How the client should behave in regards to TLS.

Write Preview
Loading…
Cancel
Save