Permalink
Browse files

OpenSSL/SSL/Option.hsc: Guard SSL_OP_SAFARI_ECDHE_ECDSA_BUG with #if …

…defined(), fixes #37
  • Loading branch information...
1 parent 45ce3f6 commit bc6b4e1f0116cec7b65e1ee3fc44dee3a771de68 @depressed-pho committed Jan 6, 2015
Showing with 12 additions and 1 deletion.
  1. +7 −0 ChangeLog
  2. +1 −1 HsOpenSSL.cabal
  3. +4 −0 OpenSSL/SSL/Option.hsc
View
@@ -1,3 +1,10 @@
+2015-01-06 PHO <pho@cielonegro.org>
+
+ * HsOpenSSL.cabal (Version): Bump version to 0.11.1.1
+
+ * OpenSSL/SSL/Option.hsc: Guard SSL_OP_SAFARI_ECDHE_ECDSA_BUG with
+ #if defined(), Reported by Leon Mergen (#37).
+
2014-12-31 PHO <pho@cielonegro.org>
* tests/DSA.hs: Rename to Test/OpenSSL/DSA.hs and make it a cabal
View
@@ -12,7 +12,7 @@ Description:
<http://hackage.haskell.org/package/tls>, which is a pure Haskell
implementation of SSL.
.
-Version: 0.11.1
+Version: 0.11.1.1
License: PublicDomain
License-File: COPYING
Author: Adam Langley, Mikhail Vorozhtsov, PHO, Taru Karttunen
View
@@ -25,10 +25,12 @@ data SSLOption
| SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
| SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
| SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+#if defined(SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
-- | Don't prefer ECDHE-ECDSA ciphers when the client appears to
-- be Safari on OS X. OS X 10.8..10.8.3 has broken support for
-- ECDHE-ECDSA ciphers.
| SSL_OP_SAFARI_ECDHE_ECDSA_BUG
+#endif
| SSL_OP_SSLEAY_080_CLIENT_DH_BUG
| SSL_OP_TLS_D5_BUG
| SSL_OP_TLS_BLOCK_PADDING_BUG
@@ -142,7 +144,9 @@ optionToIntegral SSL_OP_NETSCAPE_CHALLENGE_BUG = #const SSL_OP_N
optionToIntegral SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = #const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
optionToIntegral SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = #const SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
optionToIntegral SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = #const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+#if defined(SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
optionToIntegral SSL_OP_SAFARI_ECDHE_ECDSA_BUG = #const SSL_OP_SAFARI_ECDHE_ECDSA_BUG
+#endif
optionToIntegral SSL_OP_SSLEAY_080_CLIENT_DH_BUG = #const SSL_OP_SSLEAY_080_CLIENT_DH_BUG
optionToIntegral SSL_OP_TLS_D5_BUG = #const SSL_OP_TLS_D5_BUG
optionToIntegral SSL_OP_TLS_BLOCK_PADDING_BUG = #const SSL_OP_TLS_BLOCK_PADDING_BUG

0 comments on commit bc6b4e1

Please sign in to comment.