add support for overriding the TLS clientSupported member in TLSSetti…

…ngsSimple

This is so we can manipulate these TLS settings even when using a connection
manager like the http-client package does. See
kazu-yamamoto#2 for details.

Network/Connection.hs

@@ -123,7 +123,10 @@ initConnectionContext = ConnectionContext <$> getSystemCertificateStore
 makeTLSParams :: ConnectionContext -> ConnectionID -> TLSSettings -> TLS.ClientParams
 makeTLSParams cg cid ts@(TLSSettingsSimple {}) =
     (TLS.defaultParamsClient (fst cid) portString)
-        { TLS.clientSupported = def { TLS.supportedCiphers = TLS.ciphersuite_default }
+        { TLS.clientSupported =
+            case settingClientSupported ts of
+              Nothing -> def { TLS.supportedCiphers = TLS.ciphersuite_default }
+              Just cs -> cs
         , TLS.clientShared    = def
             { TLS.sharedCAStore         = globalCertificateStore cg
             , TLS.sharedValidationCache = validationCache

Network/Connection/Types.hs

@@ -75,12 +75,15 @@ data TLSSettings
                                                            --   will always re-established their context.
                                                            --   Not Implemented Yet.
              , settingUseServerName                :: Bool -- ^ Use server name extension. Not Implemented Yet.
+             , settingClientSupported              :: Maybe TLS.Supported
+                                                           -- ^ Override defaults for the 'TLS.clientSupported'
+                                                           --   member of 'TLS.ClientParams'.
              } -- ^ Simple TLS settings. recommended to use.
     | TLSSettings TLS.ClientParams -- ^ full blown TLS Settings directly using TLS.Params. for power users.
     deriving (Show)
 
 instance Default TLSSettings where
-    def = TLSSettingsSimple False False False
+    def = TLSSettingsSimple False False False Nothing
 
 type ConnectionID = (HostName, PortNumber)