Safe Haskell | Safe-Inferred |
---|---|
Language | Haskell2010 |
Running an HTTP/2 client over TLS.
Synopsis
- run :: Settings -> HostName -> PortNumber -> Client a -> IO a
- runH2C :: Settings -> HostName -> PortNumber -> Client a -> IO a
- type Client a = SendRequest -> Aux -> IO a
- type HostName = String
- type Authority = String
- data PortNumber
- runTLS :: Settings -> HostName -> PortNumber -> ByteString -> (Context -> SockAddr -> SockAddr -> IO a) -> IO a
- data ClientConfig
- defaultClientConfig :: Settings -> Authority -> ClientConfig
- defaultAuthority :: HostName -> Authority
- runWithConfig :: ClientConfig -> Settings -> HostName -> PortNumber -> Client a -> IO a
- runH2CWithConfig :: ClientConfig -> Settings -> HostName -> PortNumber -> Client a -> IO a
- runTLSWithConfig :: ClientConfig -> Settings -> HostName -> PortNumber -> ByteString -> (Context -> SockAddr -> SockAddr -> IO a) -> IO a
- data Settings
- defaultSettings :: Settings
- settingsKeyLogger :: Settings -> String -> IO ()
- settingsValidateCert :: Settings -> Bool
- settingsCAStore :: Settings -> CertificateStore
- settingsAddrInfoFlags :: Settings -> [AddrInfoFlag]
- settingsCacheLimit :: Settings -> Int
- settingsConcurrentStreams :: Settings -> Int
- settingsConnectionWindowSize :: Settings -> Int
- settingsStreamWindowSize :: Settings -> Int
- settingsServerNameOverride :: Settings -> Maybe HostName
- settingsSessionManager :: Settings -> SessionManager
- settingsWantSessionResume :: Settings -> Maybe (SessionID, SessionData)
- settingsWantSessionResumeList :: Settings -> [(SessionID, SessionData)]
- settingsOpenClientSocket :: Settings -> AddrInfo -> IO Socket
- settingsUseEarlyData :: Settings -> Bool
- settingsOnServerFinished :: Settings -> Information -> IO ()
- settingsPingRateLimit :: Settings -> Int
- settingsEmptyFrameRateLimit :: Settings -> Int
- settingsSettingsRateLimit :: Settings -> Int
- settingsRstRateLimit :: Settings -> Int
Runners
type Client a = SendRequest -> Aux -> IO a #
Client type.
Either a host name e.g., "haskell.org"
or a numeric host
address string consisting of a dotted decimal IPv4 address or an
IPv6 address e.g., "192.168.0.1"
.
data PortNumber #
Port number.
Use the Num
instance (i.e. use a literal) to create a
PortNumber
value.
>>>
1 :: PortNumber
1>>>
read "1" :: PortNumber
1>>>
show (12345 :: PortNumber)
"12345">>>
50000 < (51000 :: PortNumber)
True>>>
50000 < (52000 :: PortNumber)
True>>>
50000 + (10000 :: PortNumber)
60000
Instances
:: Settings | |
-> HostName | |
-> PortNumber | |
-> ByteString | ALPN |
-> (Context -> SockAddr -> SockAddr -> IO a) | |
-> IO a |
Generalized API
data ClientConfig #
Client configuration
Instances
Show ClientConfig | |
Defined in Network.HTTP2.Client.Run showsPrec :: Int -> ClientConfig -> ShowS # show :: ClientConfig -> String # showList :: [ClientConfig] -> ShowS # | |
Eq ClientConfig | |
Defined in Network.HTTP2.Client.Run (==) :: ClientConfig -> ClientConfig -> Bool # (/=) :: ClientConfig -> ClientConfig -> Bool # |
defaultClientConfig :: Settings -> Authority -> ClientConfig Source #
defaultAuthority :: HostName -> Authority Source #
Default authority
When we connect to a server, we can distinguish between three names, all of which may be different:
- The
HostName
, used for the DNS lookup to get the server's IP - The HTTP2
:authority
pseudo-header - The TLS SNI (Server Name Indicator).
This is different from (2) only in exceptional circumstances, see
settingsServerNameOverride
.
In most cases, however, all three names are identical, and so the default
Authority
is simply equal to the ServerName
.
runWithConfig :: ClientConfig -> Settings -> HostName -> PortNumber -> Client a -> IO a Source #
Running an HTTP/2 client over TLS (over TCP).
runH2CWithConfig :: ClientConfig -> Settings -> HostName -> PortNumber -> Client a -> IO a Source #
Running an HTTP/2 client over TCP.
:: ClientConfig | |
-> Settings | |
-> HostName | |
-> PortNumber | |
-> ByteString | ALPN |
-> (Context -> SockAddr -> SockAddr -> IO a) | |
-> IO a |
Running a TLS client.
Settings
defaultSettings :: Settings Source #
Default settings.
settingsKeyLogger :: Settings -> String -> IO () Source #
Key logger (TLS and H2)
Applications may wish to set this depending on the SSLKEYLOGFILE environment variable.
Default: do nothing.
settingsValidateCert :: Settings -> Bool Source #
Should we validate TLS certificates? (TLS and H2)
>>>
settingsValidateCert defaultSettings
True
settingsCAStore :: Settings -> CertificateStore Source #
Certificate store used for validation. (TLS and H2)
Default: mempty
.
settingsAddrInfoFlags :: Settings -> [AddrInfoFlag] Source #
Obsoleted.
settingsCacheLimit :: Settings -> Int Source #
How many pushed responses are contained in the cache (H2 and H2c)
>>>
settingsCacheLimits defaultSettings
64
settingsConcurrentStreams :: Settings -> Int Source #
The maximum number of incoming streams on the net (H2 and H2c)
>>>
settingsConcurrentStreams defaultSettings
64
settingsConnectionWindowSize :: Settings -> Int Source #
The window size of a connection (H2 and H2c)
>>>
settingsConnectionWindowSize defaultSettings
1048575
settingsStreamWindowSize :: Settings -> Int Source #
The window size of incoming streams (H2 and H2c)
>>>
settingsStreamWindowSize defaultSettings
262144
settingsServerNameOverride :: Settings -> Maybe HostName Source #
Server name override (H2)
By default, the server name (for TLS SNI) is set based on the
authority
, corresponding to the HTTP2
:authority
pseudo-header. In rare circumstances these two values should
be different (for example in the case of domain fronting);
settingsServerNameOverride
can be used to give SNI a different value
than :authority
.
settingsSessionManager :: Settings -> SessionManager Source #
TLS session manager (H2 and TLS)
Default: noSessionManager
settingsWantSessionResume :: Settings -> Maybe (SessionID, SessionData) Source #
Try to resume a TLS session (H2 and TLS)
>>>
settingsWantSessionResume defaultSettings
Nothing
settingsWantSessionResumeList :: Settings -> [(SessionID, SessionData)] Source #
Try to resume a TLS session (H2 and TLS).
This takes precedence over settingsWantSessionResume
.
>>>
settingsWantSessionResumeList defaultSettings
[]
settingsOpenClientSocket :: Settings -> AddrInfo -> IO Socket Source #
Function to initialize the server socket (All)
Default: openClientSocket
settingsUseEarlyData :: Settings -> Bool Source #
Try to use 0-RTT (H2 and TLS)
This is only supported for tls >= 2.0
.
>>>
settingsUseEarlyData defaultSettings
False
settingsOnServerFinished :: Settings -> Information -> IO () Source #
Rate limits
settingsPingRateLimit :: Settings -> Int Source #
Maximum number of pings allowed per second (CVE-2019-9512)
>>>
settingsPingRateLimit defaultSettings
10
settingsEmptyFrameRateLimit :: Settings -> Int Source #
Maximum number of empty data frames allowed per second (CVE-2019-9518)
>>>
settingsEmptyFrameRateLimit defaultSettings
4
settingsSettingsRateLimit :: Settings -> Int Source #
Maximum number of settings frames allowed per second (CVE-2019-9515)
>>>
settingsSettingsRateLimit defaultSettings
4
settingsRstRateLimit :: Settings -> Int Source #
Maximum number of reset frames allowed per second (CVE-2023-44487)
>>>
settingsRstRateLimit
4