Hi everyone from 1.9.x to 2.0.x the tls package made a change to require EMS (extended main secret) by default. I must admit that I have no idea what this is about and I don't really care much. However, it turns out that for compatibility reasons I need to change it to the old behavior (which allowed but did not require it). So I wonder how to do that. The problem is that I am not using tls directly but only via http-conduit (we only need the http client side functionality and mostly for simple download of files). Any hints would be greatly appreciated. Cheers Ben -- I would rather have questions that cannot be answered, than answers that cannot be questioned. -- Richard Feynman
Am 13.05.24 um 10:15 schrieb Ben Franksen:
Hi everyone
from 1.9.x to 2.0.x the tls package made a change to require EMS (extended main secret) by default. I must admit that I have no idea what this is about and I don't really care much. However, it turns out that for compatibility reasons I need to change it to the old behavior (which allowed but did not require it). So I wonder how to do that.
The problem is that I am not using tls directly but only via http-conduit (we only need the http client side functionality and mostly for simple download of files). Any hints would be greatly appreciated.
Update: problem solved. Author of crypton-connection kindly accepted a PR that allows to override the default value for TLS.ClientSupported even in cases where generic connection manager (e.g. http-client-tls) is used. -- I would rather have questions that cannot be answered, than answers that cannot be questioned. -- Richard Feynman
participants (1)
-
Ben Franksen