osc copypac from project:devel:languages:haskell:ghc-9.10.x package:ghc-tls revision:4, using keep-link

OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=104
2025-01-28 10:11:51 +00:00 · 2025-01-28 10:11:51 +00:00 · 43b005b0c2
commit 43b005b0c2
8 changed files with 720 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
 ## Default LFS
 *.7z filter=lfs diff=lfs merge=lfs -text
 *.bsp filter=lfs diff=lfs merge=lfs -text
 *.bz2 filter=lfs diff=lfs merge=lfs -text
 *.gem filter=lfs diff=lfs merge=lfs -text
 *.gz filter=lfs diff=lfs merge=lfs -text
 *.jar filter=lfs diff=lfs merge=lfs -text
 *.lz filter=lfs diff=lfs merge=lfs -text
 *.lzma filter=lfs diff=lfs merge=lfs -text
 *.obscpio filter=lfs diff=lfs merge=lfs -text
 *.oxt filter=lfs diff=lfs merge=lfs -text
 *.pdf filter=lfs diff=lfs merge=lfs -text
 *.png filter=lfs diff=lfs merge=lfs -text
 *.rpm filter=lfs diff=lfs merge=lfs -text
 *.tbz filter=lfs diff=lfs merge=lfs -text
 *.tbz2 filter=lfs diff=lfs merge=lfs -text
 *.tgz filter=lfs diff=lfs merge=lfs -text
 *.ttf filter=lfs diff=lfs merge=lfs -text
 *.txz filter=lfs diff=lfs merge=lfs -text
 *.whl filter=lfs diff=lfs merge=lfs -text
 *.xz filter=lfs diff=lfs merge=lfs -text
 *.zip filter=lfs diff=lfs merge=lfs -text
 *.zst filter=lfs diff=lfs merge=lfs -text
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 .osc
--- a/ghc-tls.changes
+++ b/ghc-tls.changes
@ -0,0 +1,547 @@
 -------------------------------------------------------------------
 Sun Jan 26 03:30:15 UTC 2025 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.1.7.
  # Change log for "tls"
  ## Version 2.1.7
  * Introducing `Limit` parameter.
  * Implementing "Record Size Limit Extension for TLS" (RFC8449).
    Set `limitRecordSize` use it.
  * Implementing "TLS Certificate Compression" (RFC 8879).
    This feature is automatically used if the peer supports it.
  * More tests with `tlsfuzzer` especially for client authentication
    and 0-RTT.
  * Implementing a utility funcation, `validateClientCertificate`, for
    client authentication.
  * Bug fix for echo back logic of Cookie extension.
  * More pretty show for the internal `Handshake` structure for debugging.
 -------------------------------------------------------------------
 Tue Jan  7 00:19:23 UTC 2025 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.1.6.
  ## Version 2.1.6
  * Testing with "tlsfuzzer" again. Now don't send an alert agaist to
    peer's alert. Double locking (aka self dead-lock) is fixed. Sending
    an alert for known-but-cannot-parse extensions. Other corner cases
    are also fixed.
  * `tls-client -d` and `tls-server -d` pretty-prints `Handshake`.
 -------------------------------------------------------------------
 Mon Nov 18 02:13:36 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.1.5.
  ## Version 2.1.5
  * Removing the dependency on the async package.
  * Restore a few DHE_RSA ciphers.
    [#493](https://github.com/haskell-tls/hs-tls/pull/493)
  ## Version 2.1.4
  * Exporting defaultValidationCache.
  ## Version 2.1.3
  * Remove `data-default` version constraint.
    [#492](https://github.com/haskell-tls/hs-tls/pull/492)
  * Exporting default variables.
    [#448](https://github.com/haskell-tls/hs-tls/pull/488)
  ## Version 2.1.2
  * Using data-default instead of data-default-class.
  ## Version 2.1.1
  * `bye` directly calls `timeout recvHS13`, not spawning a thread for
    `timeout recvHS13`. So, `bye` can receive an exception if thrown.
  ## Version 2.1.0
  * Breaking change: stop exporting constructors to maintain future
    compatibilities. Field names are still exported, and values can be updated
    with them using record syntax. Use `def` and `noSessionManager` as initial
    values.
  * `onServerFinished` is added to `ClientHooks`.
  * `clientWantSessionResumeList` is added to `ClientParams` to support
    multiple tickets for TLS 1.3.
 -------------------------------------------------------------------
 Wed May 22 04:38:33 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.6.
  ## Version 2.0.6
  * Setting `supportedCiphers` in `defaultSupported` to `ciphersuite_default`.
    So, users don't have to override this value anymore by exporting
    `Network.TLS.Extra.Cipher`.
    [#471](https://github.com/haskell-tls/hs-tls/pull/471)
  * `ciphersuite_default` is the same as `ciphersuite_strong`.
    So, the duplicated definition is removed.
  * Add missing modules for util/tls-client and util/tls-server.
 -------------------------------------------------------------------
 Fri Apr 26 05:59:56 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.5 revision 1.
  Upstream has revised the Cabal build instructions on Hackage.
 -------------------------------------------------------------------
 Mon Apr 22 06:16:57 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.5.
  ## Version 2.0.5
  * Fixing handshake13_0rtt_fallback
  * Client checks if the group of PSK is contained in Supported_Groups.
  * HRR is not allowed for 0-RTT.
 -------------------------------------------------------------------
 Fri Apr 19 10:33:27 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.4.
  ## Version 2.0.4
  * More fix for 0-RTT when application data is available while receiving CF.
  * New util/tls-client and util/tls-server.
 -------------------------------------------------------------------
 Thu Apr 18 05:42:44 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.3.
  ## Version 2.0.3
  * Fixing a bug where `timeout` in `bye` does not work.
  * util/client -> util/tls-client
  * util/server -> util/tls-server
 -------------------------------------------------------------------
 Thu Mar 28 04:03:13 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.2.
  ## Version 2.0.2
  * Client checks sessionMaxEarlyDataSize to decide 0-RTT
  * Client checks the resumption cipher properly.
 -------------------------------------------------------------------
 Tue Mar 26 05:57:23 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.1 revision 2.
  Upstream has revised the Cabal build instructions on Hackage.
 -------------------------------------------------------------------
 Fri Mar  1 03:31:34 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.1 revision 1.
  Upstream has revised the Cabal build instructions on Hackage.
 -------------------------------------------------------------------
 Sun Feb 18 22:15:12 UTC 2024 - Peter Simons <psimons@suse.com>
 - Update tls to version 2.0.1.
  ## Version 2.0.1
  * Fix a leak of pending data to be sent.
  ## Version 2.0.0
  * `tls` now only supports TLS 1.2 and TLS 1.3 with safe cipher suites.
  * Security: BREAKING CHANGE: TLS 1.0 and TLS 1.1 are removed.
  * Security: BREAKING CHANGE: all CBC cipher suite are removed.
  * Security: BREAKING CHANGE: RC4 and 3DES are removed.
  * Security: BREAKING CHANGE: DSS(digital signature standard) is removed.
  * Security: BREAKING CHANGE: TLS 1.2 servers require
    EMS(extended main secret) by default.
    `supportedExtendedMasterSec` is renamed to
    `supportedExtendedMainSecret`.
  * BREAKING CHANGE: the package is now complied with `Strict` and `StrictData`.
  * BREAKING CHANGE: Many data structures are re-defined with
   `PatternSynonyms` for extensibility.
  * BREAKING CHANGE: the structure of `SessionManager` is changed
    to support session tickets.
  * API: BREAKING CHANGE: `sendData` can send early data (0-RTT).
    `clientEarlyData` is removed.
    To send early data via `sendData`, set `clientUseEarlyData` to `True`.
    [#466](https://github.com/haskell-tls/hs-tls/issues/466)
  * API: `handshake` can receive an alert of client authentication failure
    for TLS 1.3.
    [#463](https://github.com/haskell-tls/hs-tls/pull/463)
  * API: `bye` can receive NewSessionTicket for TLS 1.3.
  * Channel binding: `getFinished` and `getPeerFinished` are deprecated.
    Use `getTLSUnique` instead.
    [#462](https://github.com/haskell-tls/hs-tls/pull/462)
  * Channel binding: `getTLSExporter` and `getTLSServerEndPoint` are provided.
    [#462](https://github.com/haskell-tls/hs-tls/pull/462)
  * Refactoring: the monolithic `handshake` is divided to follow
    the diagram of TLS 1.2 and 1.3 for readability.
  * Refactoring: test cases are refactored for maintenability
    and readablity. `hspec` is used instead of `tasty`.
  * Code format: `fourmolu` is used as an official formatter.
  * Catching up RFC8446bis-09.
    [#467](https://github.com/haskell-tls/hs-tls/issues/467)
 -------------------------------------------------------------------
 Tue Sep  5 05:49:20 UTC 2023 - Peter Simons <psimons@suse.com>
 - Update tls to version 1.9.0.
  ## Version 1.9.0
  * BREAKING CHANGE: The type of the `Error_Protocol` constructor of `TLSError` has changed.
    The "warning" case has been split off into a new `Error_Protocol_Warning` constructor.
    [#460](https://github.com/haskell-tls/hs-tls/pull/460)
  ## Version 1.8.0
  * BREAKING CHANGE: Remove `Exception` instance for `TLSError`.
    The library now throws `TLSException` only.
    If you need to change your code, please refer to
    [this example](https://github.com/snoyberg/http-client/commit/73d1a4eb451c089878ba95e96371d0b18287ffb8) first.
    [#457](https://github.com/haskell-tls/hs-tls/pull/457)
  ## Version 1.7.1
  * NOP on UserCanceled event
    [#454](https://github.com/haskell-tls/hs-tls/pull/454)
  ## Version 1.7.0
  * Major version up because "crypton" is used instead of "cryptonite"
 -------------------------------------------------------------------
 Thu Mar 30 17:08:41 UTC 2023 - Peter Simons <psimons@suse.com>
 - Updated spec file to conform with ghc-rpm-macros-2.5.2.
 -------------------------------------------------------------------
 Mon Jun  6 02:45:15 UTC 2022 - Peter Simons <psimons@suse.com>
 - Update tls to version 1.6.0.
  ## Version 1.6.0
  - Major version up because of disabling SSL3
  - Some fixes against tlsfuzzer
  ## Version 1.5.8
  - Require mtl-2.2.1 or newer
    [#448](https://github.com/haskell-tls/hs-tls/pull/448)
 -------------------------------------------------------------------
 Thu Jan 20 00:35:33 UTC 2022 - Peter Simons <psimons@suse.com>
 - Update tls to version 1.5.7.
  ## Version 1.5.7
  - New APIs: getFinished and getPeerFinished
    [#445](https://github.com/vincenthz/hs-tls/pull/445)
  ## Version 1.5.6
  - Dynamically setting enctypted extensions
    [#444](https://github.com/vincenthz/hs-tls/pull/444)
 -------------------------------------------------------------------
 Mon Feb  8 22:08:42 UTC 2021 - psimons@suse.com
 - Update tls to version 1.5.5.
  ## Version 1.5.5
  - QUIC support
    [#419](https://github.com/vincenthz/hs-tls/pull/419)
    [#427](https://github.com/vincenthz/hs-tls/pull/427)
    [#428](https://github.com/vincenthz/hs-tls/pull/428)
    [#430](https://github.com/vincenthz/hs-tls/pull/430)
    [#433](https://github.com/vincenthz/hs-tls/pull/433)
    [#441](https://github.com/vincenthz/hs-tls/pull/441)
  - Server ECDSA for P-256
    [#436](https://github.com/vincenthz/hs-tls/pull/436)
  - Sort ciphersuites based on hardware-acceleration support
    [#439](https://github.com/vincenthz/hs-tls/pull/439)
  - Sending no_application_protocol
    [#440](https://github.com/vincenthz/hs-tls/pull/440)
  - Internal improvements
    [#426](https://github.com/vincenthz/hs-tls/pull/426)
    [#431](https://github.com/vincenthz/hs-tls/pull/431)
 -------------------------------------------------------------------
 Thu Dec 17 12:20:00 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com>
 - disable %{ix86} build
 -------------------------------------------------------------------
 Tue Aug 18 10:46:20 UTC 2020 - Peter Simons <psimons@suse.com>
 - Replace %setup -q with the more modern %autosetup macro.
 -------------------------------------------------------------------
 Tue Jun 16 11:14:43 UTC 2020 - Peter Simons <psimons@suse.com>
 - Re-generate file with latest version of spec-cleaner.
 -------------------------------------------------------------------
 Thu Feb 27 14:16:56 UTC 2020 - psimons@suse.com
 - Update tls to version 1.5.4.
  ## Version 1.5.4
  - Restore interoperability with early Java 6
    [#422](https://github.com/vincenthz/hs-tls/pull/422)
  - Test cleanups for timeout and async usage
    [#416](https://github.com/vincenthz/hs-tls/pull/416)
 -------------------------------------------------------------------
 Thu Jan  9 03:03:11 UTC 2020 - psimons@suse.com
 - Update tls to version 1.5.3.
  ## Version 1.5.3
  - Additional verification regarding EC signatures
    [#412](https://github.com/vincenthz/hs-tls/pull/412)
  - Fixing ALPN
    [#411](https://github.com/vincenthz/hs-tls/pull/411)
  - Check SSLv3 padding length
    [#410](https://github.com/vincenthz/hs-tls/pull/410)
  - Exposing getClientCertificateChain
    [#407](https://github.com/vincenthz/hs-tls/pull/407)
  - Extended Master Secret
    [#406](https://github.com/vincenthz/hs-tls/pull/406)
  - Brushing up the documentation
    [#404](https://github.com/vincenthz/hs-tls/pull/404)
    [#408](https://github.com/vincenthz/hs-tls/pull/408)
  - Improving tests
    [#403](https://github.com/vincenthz/hs-tls/pull/403)
  - Avoid calling onServerNameIndication twice with HRR
    [#402](https://github.com/vincenthz/hs-tls/pull/402)
  - Enable X448 and FFDHE groups
    [#401](https://github.com/vincenthz/hs-tls/pull/401)
  - Refactoring
    [#400](https://github.com/vincenthz/hs-tls/pull/400)
    [#399](https://github.com/vincenthz/hs-tls/pull/399)
 -------------------------------------------------------------------
 Fri Nov  8 16:15:03 UTC 2019 - Peter Simons <psimons@suse.com>
 - Drop obsolete group attributes.
 -------------------------------------------------------------------
 Tue Oct 15 02:03:13 UTC 2019 - psimons@suse.com
 - Update tls to version 1.5.2.
  Upstream has edited the change log file since the last release in
  a non-trivial way, i.e. they did more than just add a new entry
  at the top. You can review the file at:
  http://hackage.haskell.org/package/tls-1.5.2/src/CHANGELOG.md
 -------------------------------------------------------------------
 Sun Jul 28 02:01:08 UTC 2019 - psimons@suse.com
 - Update tls to version 1.5.1.
  ## Version 1.5.1
  - Post-handshake authentication [#363](https://github.com/vincenthz/hs-tls/pull/363)
  - Fixing memory leak [#366](https://github.com/vincenthz/hs-tls/pull/366)
  - Improve version negotiation [#368](https://github.com/vincenthz/hs-tls/pull/368)
  - Don't send 0-RTT data when ticket is expired [#370](https://github.com/vincenthz/hs-tls/pull/370)
  - Handshake packet fragmentation [#371](https://github.com/vincenthz/hs-tls/pull/371)
 -------------------------------------------------------------------
 Sun Jun  2 02:01:34 UTC 2019 - psimons@suse.com
 - Update tls to version 1.5.0.
  Upstream has edited the change log file since the last release in
  a non-trivial way, i.e. they did more than just add a new entry
  at the top. You can review the file at:
  http://hackage.haskell.org/package/tls-1.5.0/src/CHANGELOG.md
 -------------------------------------------------------------------
 Sat Oct 20 11:32:09 UTC 2018 - Peter Simons <psimons@suse.com>
 - Use https URL to refer to bugs.opensuse.org.
 -------------------------------------------------------------------
 Wed Jul 18 14:26:45 UTC 2018 - psimons@suse.com
 - Cosmetic: replace tabs with blanks, strip trailing white space,
  and update copyright headers with spec-cleaner.
 -------------------------------------------------------------------
 Mon May 14 17:02:11 UTC 2018 - psimons@suse.com
 - Update tls to version 1.4.1.
  - Enable X25519 in default parameters [#265](https://github.com/vincenthz/hs-tls/pull/265)
  - Checking EOF in bye [#262] (https://github.com/vincenthz/hs-tls/pull/262)
  - Improving validation in DH key exchange [#256](https://github.com/vincenthz/hs-tls/pull/256)
  - Handle TCP reset during handshake [#251](https://github.com/vincenthz/hs-tls/pull/251)
  - Accepting hlint suggestions.
  - Wrap renegotiation failures with HandshakeFailed [#237](https://github.com/vincenthz/hs-tls/pull/237)
  - Improve selection of server certificate and use "signature_algorithms" extension [#236](https://github.com/vincenthz/hs-tls/pull/236)
  - Change Bytes to ByteString and deprecate the Bytes type alias [#230](https://github.com/vincenthz/hs-tls/pull/230)
  - Session compression and SNI [#223](https://github.com/vincenthz/hs-tls/pull/223)
  - Deprecating ciphersuite_medium. Putting WARNING to ciphersuite_all since this includes RC4 [#153](https://github.com/vincenthz/hs-tls/pull/153) [#222](https://github.com/vincenthz/hs-tls/pull/222)
  - Removing NPN [#214](https://github.com/vincenthz/hs-tls/pull/214)
  - Supporting RSAPSS defined in TLS 1.3 [#207](https://github.com/vincenthz/hs-tls/pull/207)
  - Supporting X25519 and X448 in the IES style. [#205](https://github.com/vincenthz/hs-tls/pull/205)
  - Strip leading zeros in DHE premaster secret [#201](https://github.com/vincenthz/hs-tls/pull/201)
  - RSASSA-PSS signatures can be enabled with `supportedHashSignatures`.  This
    uses assignments from TLS 1.3, for example `(HashIntrinsic, SignatureRSApssSHA256)`.
  - Diffie-Hellman with elliptic curves X25519 and X448: This can be enabled with
    `supportedGroups`, which also gives control over curve preference.
  - ECDH with curve P-256 now uses optimized C implementation from package `cryptonite`.
  API CHANGES:
  - Cipher list `ciphersuite_medium` is now deprecated, users are advised to use
    `ciphersuite_default` or `ciphersuite_strong`.  List `ciphersuite_all` is kept
    for compatibility with old servers but this is discouraged and generates a
    warning (this includes RC4 ciphers, see [#153](https://github.com/vincenthz/hs-tls/pull/153)
    for reference).
  - Support for NPN (Next Protocol Negotiation) has been removed. The replacement
    is ALPN (Application-Layer Protocol Negotiation).
  - Data type `SessionData` now contains fields for compression algorithm and
    client SNI.  A `SessionManager` implementation that serializes/deserializes
    `SessionData` values must deal with the new fields.
  - Module `Network.TLS` exports a type alias named `Bytes` which is now deprecated.
    The replacement is to use strict `ByteString` directly.
 -------------------------------------------------------------------
 Thu Aug  3 15:38:38 UTC 2017 - psimons@suse.com
 - Updated with latest spec-cleaner version 0.9.8-8-geadfbbf.
 -------------------------------------------------------------------
 Fri Jun 30 03:01:57 UTC 2017 - psimons@suse.com
 - Update to version 1.3.11.
 -------------------------------------------------------------------
 Wed Apr 26 15:04:39 UTC 2017 - psimons@suse.com
 - Update to version 1.3.10 revision 2 with cabal2obs.
 -------------------------------------------------------------------
 Mon Mar 27 12:38:43 UTC 2017 - psimons@suse.com
 - Update to version 1.3.10 revision 1 with cabal2obs.
 -------------------------------------------------------------------
 Wed Jan 18 09:00:21 UTC 2017 - psimons@suse.com
 - Update to version 1.3.9 with cabal2obs.
 -------------------------------------------------------------------
 Sun Jul 10 16:56:12 UTC 2016 - psimons@suse.com
 - Update to version 1.3.8 revision 0 with cabal2obs.
 -------------------------------------------------------------------
 Fri May 13 12:53:41 UTC 2016 - mimi.vx@gmail.com
 - update to 1.3.8
 -------------------------------------------------------------------
 Wed May 11 15:35:33 UTC 2016 - mimi.vx@gmail.com
 - update to 1.3.7
 * Disable SHA384 based cipher, as they don't work properly yet.
 -------------------------------------------------------------------
 Sun May  8 11:22:31 UTC 2016 - mimi.vx@gmail.com
 - update to 1.3.6
 * Add new ciphers
 * Improve some debugging and outputs
 -------------------------------------------------------------------
 Sun Apr 10 19:02:03 UTC 2016 - mimi.vx@gmail.com
 - update to 1.3.5
 * Fix a bug with ECDHE based cipher where serialization
 * Improve tests
 * Debugging: Add a way to print random seed and a way to side-load
    a seed for replayability
 -------------------------------------------------------------------
 Tue Dec 15 20:50:00 UTC 2015 - mimi.vx@gmail.com
 - update to 1.3.4
 * Add support for Hans (Haskell Network Stack)
 * Add support for ECDSA signature
 * Add support for ECDSA-ECDHE Cipher
 * Improve parsing of ECC related structure
 -------------------------------------------------------------------
 Mon Aug 31 08:14:19 UTC 2015 - mimi.vx@gmail.com
 - update to 1.3.2
 * Add cipher suites for forward secrecy on more clients (Aaron Friel)
 * Maintain more handshake information to be queried by protocol (Adam Wick)
 * handle SCSV on client and server side (Kazu Yamamoto)
 * Cleanup renegotiation logic (Kazu Yamamoto)
 * Various testing improvements with the openssl test parts
 * Cleanup AEAD handling for future support of other ciphers
 -------------------------------------------------------------------
 Thu Aug  6 20:43:26 UTC 2015 - mimi.vx@gmail.com
 - update to 1.3.1
 * Repair DHE RSA handling on the cipher by creating signature properly
 * modernize the crypto stack by using cryptonite.
 -------------------------------------------------------------------
 Sun Jun 21 16:56:51 UTC 2015 - mimi.vx@gmail.com
 - update to 1.2.18
 * add more tests (network, local)
 * cleanup cipher / bulk code, certificate verify / creation, and digitall signed handling
 * fix handling of DHE ciphers with MS SSL stack that serialize leading zero.
 -------------------------------------------------------------------
 Thu Apr 23 18:32:31 UTC 2015 - mimi.vx@gmail.com
 - update to 1.2.17
 * Fix an issue with stream cipher not correctly calculating the internal state,
      resulting systematically in bad record mac failure during handshake
 * support chain certificate in credentials
 * adding ALPN extension
 * adding support for AEAD, and particularly AES128-GCM
 * Adding support for ECDH
 * Do not support SSL3 by default for security reason.
 * add EnumSafe8 and 16 for specific sized Enum instance that are safer
 * export signatureAndHash parser/encoder
 * add a "known" list of extensions
 * add SignatureAlgorithms extension
 * add Heartbeat extension
 * add support for EC curves and point format extensions
 * add preliminary SessionTicket extension
 * Propagate asynchronous exception
 * Export TLSParams and HasBackend type names
 * Added FlexibleContexts flag required by ghc-7.9
 * debug: add support for specifying the timeout length in milliseconds.
 * debug: add support for 3DES in simple client
 * add support for 3DES-EDE-CBC-SHA1 (cipher 0xa)
 * repair retrieve certificate validation, and improve fingerprints
 * remove groom from dependency
 * make RecordM an instance of Applicative
 * Fixes the Error_EOF partial pattern match error in exception handling
 * Fixed socket backend endless loop when the server does not close connection
     properly at the TLS level with the close notify alert.
 * Catch Error_EOF in recvData and return empty data.
 * Fixed Server key exchange data being parsed without the correct
    context, leading to not knowing how to parse the structure.
    The bug happens on efficient server that happens to send the ServerKeyXchg
    message together with the ServerHello in the same handshake packet.
    This trigger parsing of all the messages without having set the pending cipher.
    Delay parsing, when this happen, until we know what to do with it.
 * Fixed unrecognized name non-fatal alert after client hello.
 * Add SSL3 to the supported list of version by default.
 * Fixed handshake records not being able to span multiples records.
 -------------------------------------------------------------------
 Mon Oct  7 07:12:32 UTC 2013 - sbahling@suse.com
 - Initial package - version 1.1.5
--- a/ghc-tls.spec
+++ b/ghc-tls.spec
@ -0,0 +1,137 @@
 #
 # spec file for package ghc-tls
 #
 # Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
 # upon. The license for this file, and modifications and additions to the
 # file, is the same license as for the pristine package itself (unless the
 # license for the pristine package is not an Open Source License, in which
 # case the license is the MIT License). An "Open Source License" is a
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 # Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 %global pkg_name tls
 %global pkgver %{pkg_name}-%{version}
 %bcond_with tests
 Name:           ghc-%{pkg_name}
 Version:        2.1.7
 Release:        0
 Summary:        TLS protocol native implementation
 License:        BSD-3-Clause
 URL:            https://hackage.haskell.org/package/%{pkg_name}
 Source0:        https://hackage.haskell.org/package/%{pkg_name}-%{version}/%{pkg_name}-%{version}.tar.gz
 BuildRequires:  ghc-Cabal-devel
 BuildRequires:  ghc-asn1-encoding-devel
 BuildRequires:  ghc-asn1-encoding-prof
 BuildRequires:  ghc-asn1-types-devel
 BuildRequires:  ghc-asn1-types-prof
 BuildRequires:  ghc-base-devel
 BuildRequires:  ghc-base-prof
 BuildRequires:  ghc-base16-bytestring-devel
 BuildRequires:  ghc-base16-bytestring-prof
 BuildRequires:  ghc-bytestring-devel
 BuildRequires:  ghc-bytestring-prof
 BuildRequires:  ghc-cereal-devel
 BuildRequires:  ghc-cereal-prof
 BuildRequires:  ghc-crypton-devel
 BuildRequires:  ghc-crypton-prof
 BuildRequires:  ghc-crypton-x509-devel
 BuildRequires:  ghc-crypton-x509-prof
 BuildRequires:  ghc-crypton-x509-store-devel
 BuildRequires:  ghc-crypton-x509-store-prof
 BuildRequires:  ghc-crypton-x509-validation-devel
 BuildRequires:  ghc-crypton-x509-validation-prof
 BuildRequires:  ghc-data-default-devel
 BuildRequires:  ghc-data-default-prof
 BuildRequires:  ghc-memory-devel
 BuildRequires:  ghc-memory-prof
 BuildRequires:  ghc-mtl-devel
 BuildRequires:  ghc-mtl-prof
 BuildRequires:  ghc-network-devel
 BuildRequires:  ghc-network-prof
 BuildRequires:  ghc-rpm-macros
 BuildRequires:  ghc-serialise-devel
 BuildRequires:  ghc-serialise-prof
 BuildRequires:  ghc-transformers-devel
 BuildRequires:  ghc-transformers-prof
 BuildRequires:  ghc-unix-time-devel
 BuildRequires:  ghc-unix-time-prof
 BuildRequires:  ghc-zlib-devel
 BuildRequires:  ghc-zlib-prof
 ExcludeArch:    %{ix86}
 %if %{with tests}
 BuildRequires:  ghc-QuickCheck-devel
 BuildRequires:  ghc-QuickCheck-prof
 BuildRequires:  ghc-async-devel
 BuildRequires:  ghc-async-prof
 BuildRequires:  ghc-hourglass-devel
 BuildRequires:  ghc-hourglass-prof
 BuildRequires:  ghc-hspec-devel
 BuildRequires:  ghc-hspec-prof
 %endif
 %description
 Native Haskell TLS 1.2/1.3 protocol implementation for servers and clients.
 %package devel
 Summary:        Haskell %{pkg_name} library development files
 Requires:       %{name} = %{version}-%{release}
 Requires:       ghc-compiler = %{ghc_version}
 Requires(post): ghc-compiler = %{ghc_version}
 Requires(postun): ghc-compiler = %{ghc_version}
 %description devel
 This package provides the Haskell %{pkg_name} library development files.
 %package -n ghc-%{pkg_name}-doc
 Summary:        Haskell %{pkg_name} library documentation
 Requires:       ghc-filesystem
 BuildArch:      noarch
 %description -n ghc-%{pkg_name}-doc
 This package provides the Haskell %{pkg_name} library documentation.
 %package -n ghc-%{pkg_name}-prof
 Summary:        Haskell %{pkg_name} profiling library
 Requires:       ghc-%{pkg_name}-devel = %{version}-%{release}
 Supplements:    (ghc-%{pkg_name}-devel and ghc-prof)
 %description -n ghc-%{pkg_name}-prof
 This package provides the Haskell %{pkg_name} profiling library.
 %prep
 %autosetup -n %{pkg_name}-%{version}
 %build
 %ghc_lib_build
 %install
 %ghc_lib_install
 %check
 %cabal_test
 %post devel
 %ghc_pkg_recache
 %postun devel
 %ghc_pkg_recache
 %files -f %{name}.files
 %license LICENSE
 %files devel -f %{name}-devel.files
 %doc CHANGELOG.md
 %files -n ghc-%{pkg_name}-doc -f ghc-%{pkg_name}-doc.files
 %license LICENSE
 %files -n ghc-%{pkg_name}-prof -f ghc-%{pkg_name}-prof.files
 %changelog
--- a/tls-2.0.6.tar.gz
+++ b/tls-2.0.6.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:a3eaba2d45172ac5311e5a0c3833d2947d92d38f090f5cef744e380926b49f1d
 size 160807
--- a/tls-2.1.5.tar.gz
+++ b/tls-2.1.5.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:a1db76fe10c8288ae9b30ce48ff6f933df1db616c06d0de856d53f1ed0281801
 size 163430
--- a/tls-2.1.6.tar.gz
+++ b/tls-2.1.6.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:a2d9571fb47ea1ca7f3009e09eac46ee0ca80d039bbbb092736d810931e03c38
 size 167464
--- a/tls-2.1.7.tar.gz
+++ b/tls-2.1.7.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:92b323450d7282f6c2b0ffcf8814222945e3e0658abca78e10dd5b2f84f8e364
 size 172969