diff --git a/http-client-tls/http-client-tls.cabal b/http-client-tls/http-client-tls.cabal index 35e1c663..862b6dad 100644 --- a/http-client-tls/http-client-tls.cabal +++ b/http-client-tls/http-client-tls.cabal @@ -46,6 +46,8 @@ test-suite spec , http-client-tls , http-types , crypton-connection + , data-default + , tls benchmark benchmark main-is: Bench.hs diff --git a/http-client-tls/test/Spec.hs b/http-client-tls/test/Spec.hs index dfea83fe..38d8ca81 100644 --- a/http-client-tls/test/Spec.hs +++ b/http-client-tls/test/Spec.hs @@ -1,13 +1,28 @@ +{-# LANGUAGE CPP #-} {-# LANGUAGE OverloadedStrings #-} import Test.Hspec import Network.Connection import Network.HTTP.Client -import Network.HTTP.Client.TLS +import Network.HTTP.Client.TLS hiding (tlsManagerSettings) import Network.HTTP.Types import Control.Monad (join) +import Data.Default +import qualified Network.TLS as TLS main :: IO () main = hspec $ do + let tlsSettings = def + -- We have this becuase since the relases of the `tls` package 2.0.0, + -- the default value for the supportedExtendedMainSecret is `RequireEMS`, + -- that is required for every server speaking the TLS 1.2 protocol. + -- The badssl.com does not yet support TLS 1.2 with EMS, so what we could do, + -- for now, is to switch back to `AllowEMS`. +#if MIN_VERSION_crypton_connection(0,4,0) + {settingClientSupported = def {TLS.supportedExtendedMainSecret = TLS.AllowEMS}} +#endif + + let tlsManagerSettings = mkManagerSettings tlsSettings Nothing + it "make a TLS connection" $ do manager <- newManager tlsManagerSettings withResponse "https://httpbin.org/status/418" manager $ \res -> @@ -52,13 +67,13 @@ main = hspec $ do -- https://github.com/snoyberg/http-client/issues/289 it "accepts TLS settings" $ do let - tlsSettings = TLSSettingsSimple + tlsSettings' = tlsSettings { settingDisableCertificateValidation = True , settingDisableSession = False , settingUseServerName = False } socketSettings = Nothing - managerSettings = mkManagerSettings tlsSettings socketSettings + managerSettings = mkManagerSettings tlsSettings' socketSettings manager <- newTlsManagerWith managerSettings let url = "https://wrong.host.badssl.com" request <- parseRequest url