From 6b63c2b1e88b85ba884e41f92dc3047afc3b818cfe7649e58c010112c3b50e13 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Thu, 21 Dec 2017 20:04:57 +0000 Subject: [PATCH 1/8] osc copypac from project:devel:languages:haskell:lts:10 package:ghc-tls revision:3, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=35 --- ghc-tls.changes | 6 ++++++ ghc-tls.spec | 2 +- tls-1.3.11.tar.gz | 3 --- tls-1.4.0.tar.gz | 3 +++ 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 tls-1.3.11.tar.gz create mode 100644 tls-1.4.0.tar.gz diff --git a/ghc-tls.changes b/ghc-tls.changes index 2fc3b6d..1a9c50e 100644 --- a/ghc-tls.changes +++ b/ghc-tls.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Dec 21 19:10:36 UTC 2017 - psimons@suse.com + +- Update to version 1.4.0. + A more detailed change log is not available. + ------------------------------------------------------------------- Thu Aug 3 15:38:38 UTC 2017 - psimons@suse.com diff --git a/ghc-tls.spec b/ghc-tls.spec index 8b2715a..779fc17 100644 --- a/ghc-tls.spec +++ b/ghc-tls.spec @@ -19,7 +19,7 @@ %global pkg_name tls %bcond_with tests Name: ghc-%{pkg_name} -Version: 1.3.11 +Version: 1.4.0 Release: 0 Summary: TLS/SSL protocol native implementation (Server and Client) License: BSD-3-Clause diff --git a/tls-1.3.11.tar.gz b/tls-1.3.11.tar.gz deleted file mode 100644 index ad7dabe..0000000 --- a/tls-1.3.11.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3f008eb942874f8114f9a332f9669c44d72825ba39ce0fad89f0f8dfa6fb2703 -size 94342 diff --git a/tls-1.4.0.tar.gz b/tls-1.4.0.tar.gz new file mode 100644 index 0000000..9cfde25 --- /dev/null +++ b/tls-1.4.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:83290896640403b167d3ae4ea6075f69565a98a5198049a6d98ec35d6bf417ba +size 90106 From 947f57dd66604deebd717e12b05acab7612957a3f094e9478c0c9fdcbf462a54 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Thu, 8 Mar 2018 02:18:13 +0000 Subject: [PATCH 2/8] osc copypac from project:devel:languages:haskell:lts:10 package:ghc-tls revision:6, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=36 --- ghc-tls.changes | 6 ++++++ ghc-tls.spec | 4 ++-- tls-1.4.0.tar.gz | 3 --- tls-1.4.1.tar.gz | 3 +++ 4 files changed, 11 insertions(+), 5 deletions(-) delete mode 100644 tls-1.4.0.tar.gz create mode 100644 tls-1.4.1.tar.gz diff --git a/ghc-tls.changes b/ghc-tls.changes index 1a9c50e..9553f56 100644 --- a/ghc-tls.changes +++ b/ghc-tls.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Mar 5 03:01:38 UTC 2018 - psimons@suse.com + +- Update tls to version 1.4.1. + A more detailed change log is not available. + ------------------------------------------------------------------- Thu Dec 21 19:10:36 UTC 2017 - psimons@suse.com diff --git a/ghc-tls.spec b/ghc-tls.spec index 779fc17..a8c3d81 100644 --- a/ghc-tls.spec +++ b/ghc-tls.spec @@ -1,7 +1,7 @@ # # spec file for package ghc-tls # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %global pkg_name tls %bcond_with tests Name: ghc-%{pkg_name} -Version: 1.4.0 +Version: 1.4.1 Release: 0 Summary: TLS/SSL protocol native implementation (Server and Client) License: BSD-3-Clause diff --git a/tls-1.4.0.tar.gz b/tls-1.4.0.tar.gz deleted file mode 100644 index 9cfde25..0000000 --- a/tls-1.4.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:83290896640403b167d3ae4ea6075f69565a98a5198049a6d98ec35d6bf417ba -size 90106 diff --git a/tls-1.4.1.tar.gz b/tls-1.4.1.tar.gz new file mode 100644 index 0000000..b0f2b8a --- /dev/null +++ b/tls-1.4.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bbead1afc0b808bd5cff7bddaeae84ade37f18bbe72bd78d45a2fa4ac41908f8 +size 92647 From 5e011a7c315a7fb79e8ed312878ff882dda5db63450946f0cbc5b58b5d2d1be2 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 2 Apr 2018 15:06:32 +0000 Subject: [PATCH 3/8] osc copypac from project:devel:languages:haskell:lts:11 package:ghc-tls revision:3, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=37 --- ghc-tls.changes | 146 +----------------------------------------------- 1 file changed, 1 insertion(+), 145 deletions(-) diff --git a/ghc-tls.changes b/ghc-tls.changes index 9553f56..661de9f 100644 --- a/ghc-tls.changes +++ b/ghc-tls.changes @@ -1,150 +1,6 @@ ------------------------------------------------------------------- -Mon Mar 5 03:01:38 UTC 2018 - psimons@suse.com +Wed Mar 14 16:57:00 UTC 2018 - psimons@suse.com - Update tls to version 1.4.1. A more detailed change log is not available. -------------------------------------------------------------------- -Thu Dec 21 19:10:36 UTC 2017 - psimons@suse.com - -- Update to version 1.4.0. - A more detailed change log is not available. - -------------------------------------------------------------------- -Thu Aug 3 15:38:38 UTC 2017 - psimons@suse.com - -- Updated with latest spec-cleaner version 0.9.8-8-geadfbbf. - -------------------------------------------------------------------- -Fri Jun 30 03:01:57 UTC 2017 - psimons@suse.com - -- Update to version 1.3.11. - -------------------------------------------------------------------- -Wed Apr 26 15:04:39 UTC 2017 - psimons@suse.com - -- Update to version 1.3.10 revision 2 with cabal2obs. - -------------------------------------------------------------------- -Mon Mar 27 12:38:43 UTC 2017 - psimons@suse.com - -- Update to version 1.3.10 revision 1 with cabal2obs. - -------------------------------------------------------------------- -Wed Jan 18 09:00:21 UTC 2017 - psimons@suse.com - -- Update to version 1.3.9 with cabal2obs. - -------------------------------------------------------------------- -Sun Jul 10 16:56:12 UTC 2016 - psimons@suse.com - -- Update to version 1.3.8 revision 0 with cabal2obs. - -------------------------------------------------------------------- -Fri May 13 12:53:41 UTC 2016 - mimi.vx@gmail.com - -- update to 1.3.8 - -------------------------------------------------------------------- -Wed May 11 15:35:33 UTC 2016 - mimi.vx@gmail.com - -- update to 1.3.7 -* Disable SHA384 based cipher, as they don't work properly yet. - -------------------------------------------------------------------- -Sun May 8 11:22:31 UTC 2016 - mimi.vx@gmail.com - -- update to 1.3.6 -* Add new ciphers -* Improve some debugging and outputs - -------------------------------------------------------------------- -Sun Apr 10 19:02:03 UTC 2016 - mimi.vx@gmail.com - -- update to 1.3.5 -* Fix a bug with ECDHE based cipher where serialization -* Improve tests -* Debugging: Add a way to print random seed and a way to side-load - a seed for replayability - -------------------------------------------------------------------- -Tue Dec 15 20:50:00 UTC 2015 - mimi.vx@gmail.com - -- update to 1.3.4 -* Add support for Hans (Haskell Network Stack) -* Add support for ECDSA signature -* Add support for ECDSA-ECDHE Cipher -* Improve parsing of ECC related structure - -------------------------------------------------------------------- -Mon Aug 31 08:14:19 UTC 2015 - mimi.vx@gmail.com - -- update to 1.3.2 -* Add cipher suites for forward secrecy on more clients (Aaron Friel) -* Maintain more handshake information to be queried by protocol (Adam Wick) -* handle SCSV on client and server side (Kazu Yamamoto) -* Cleanup renegotiation logic (Kazu Yamamoto) -* Various testing improvements with the openssl test parts -* Cleanup AEAD handling for future support of other ciphers - -------------------------------------------------------------------- -Thu Aug 6 20:43:26 UTC 2015 - mimi.vx@gmail.com - -- update to 1.3.1 -* Repair DHE RSA handling on the cipher by creating signature properly -* modernize the crypto stack by using cryptonite. - -------------------------------------------------------------------- -Sun Jun 21 16:56:51 UTC 2015 - mimi.vx@gmail.com - -- update to 1.2.18 -* add more tests (network, local) -* cleanup cipher / bulk code, certificate verify / creation, and digitall signed handling -* fix handling of DHE ciphers with MS SSL stack that serialize leading zero. - -------------------------------------------------------------------- -Thu Apr 23 18:32:31 UTC 2015 - mimi.vx@gmail.com - -- update to 1.2.17 -* Fix an issue with stream cipher not correctly calculating the internal state, - resulting systematically in bad record mac failure during handshake -* support chain certificate in credentials -* adding ALPN extension -* adding support for AEAD, and particularly AES128-GCM -* Adding support for ECDH -* Do not support SSL3 by default for security reason. -* add EnumSafe8 and 16 for specific sized Enum instance that are safer -* export signatureAndHash parser/encoder -* add a "known" list of extensions -* add SignatureAlgorithms extension -* add Heartbeat extension -* add support for EC curves and point format extensions -* add preliminary SessionTicket extension -* Propagate asynchronous exception -* Export TLSParams and HasBackend type names -* Added FlexibleContexts flag required by ghc-7.9 -* debug: add support for specifying the timeout length in milliseconds. -* debug: add support for 3DES in simple client -* add support for 3DES-EDE-CBC-SHA1 (cipher 0xa) -* repair retrieve certificate validation, and improve fingerprints -* remove groom from dependency -* make RecordM an instance of Applicative -* Fixes the Error_EOF partial pattern match error in exception handling -* Fixed socket backend endless loop when the server does not close connection - properly at the TLS level with the close notify alert. -* Catch Error_EOF in recvData and return empty data. -* Fixed Server key exchange data being parsed without the correct - context, leading to not knowing how to parse the structure. - The bug happens on efficient server that happens to send the ServerKeyXchg - message together with the ServerHello in the same handshake packet. - This trigger parsing of all the messages without having set the pending cipher. - Delay parsing, when this happen, until we know what to do with it. -* Fixed unrecognized name non-fatal alert after client hello. -* Add SSL3 to the supported list of version by default. -* Fixed handshake records not being able to span multiples records. - -------------------------------------------------------------------- -Mon Oct 7 07:12:32 UTC 2013 - sbahling@suse.com - -- Initial package - version 1.1.5 - From dfb39592b7fa09cbe156b7e02e14f777e3b7b0e54e64a2cbc3d72eaf9d633191 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Fri, 13 Apr 2018 14:07:53 +0000 Subject: [PATCH 4/8] osc copypac from project:devel:languages:haskell:lts:11 package:ghc-tls revision:5, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=38 --- ghc-tls.changes | 140 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 139 insertions(+), 1 deletion(-) diff --git a/ghc-tls.changes b/ghc-tls.changes index 661de9f..65bdacb 100644 --- a/ghc-tls.changes +++ b/ghc-tls.changes @@ -1,6 +1,144 @@ ------------------------------------------------------------------- -Wed Mar 14 16:57:00 UTC 2018 - psimons@suse.com +Thu Apr 12 08:31:58 UTC 2018 - psimons@suse.com - Update tls to version 1.4.1. A more detailed change log is not available. +------------------------------------------------------------------- +Thu Aug 3 15:38:38 UTC 2017 - psimons@suse.com + +- Updated with latest spec-cleaner version 0.9.8-8-geadfbbf. + +------------------------------------------------------------------- +Fri Jun 30 03:01:57 UTC 2017 - psimons@suse.com + +- Update to version 1.3.11. + +------------------------------------------------------------------- +Wed Apr 26 15:04:39 UTC 2017 - psimons@suse.com + +- Update to version 1.3.10 revision 2 with cabal2obs. + +------------------------------------------------------------------- +Mon Mar 27 12:38:43 UTC 2017 - psimons@suse.com + +- Update to version 1.3.10 revision 1 with cabal2obs. + +------------------------------------------------------------------- +Wed Jan 18 09:00:21 UTC 2017 - psimons@suse.com + +- Update to version 1.3.9 with cabal2obs. + +------------------------------------------------------------------- +Sun Jul 10 16:56:12 UTC 2016 - psimons@suse.com + +- Update to version 1.3.8 revision 0 with cabal2obs. + +------------------------------------------------------------------- +Fri May 13 12:53:41 UTC 2016 - mimi.vx@gmail.com + +- update to 1.3.8 + +------------------------------------------------------------------- +Wed May 11 15:35:33 UTC 2016 - mimi.vx@gmail.com + +- update to 1.3.7 +* Disable SHA384 based cipher, as they don't work properly yet. + +------------------------------------------------------------------- +Sun May 8 11:22:31 UTC 2016 - mimi.vx@gmail.com + +- update to 1.3.6 +* Add new ciphers +* Improve some debugging and outputs + +------------------------------------------------------------------- +Sun Apr 10 19:02:03 UTC 2016 - mimi.vx@gmail.com + +- update to 1.3.5 +* Fix a bug with ECDHE based cipher where serialization +* Improve tests +* Debugging: Add a way to print random seed and a way to side-load + a seed for replayability + +------------------------------------------------------------------- +Tue Dec 15 20:50:00 UTC 2015 - mimi.vx@gmail.com + +- update to 1.3.4 +* Add support for Hans (Haskell Network Stack) +* Add support for ECDSA signature +* Add support for ECDSA-ECDHE Cipher +* Improve parsing of ECC related structure + +------------------------------------------------------------------- +Mon Aug 31 08:14:19 UTC 2015 - mimi.vx@gmail.com + +- update to 1.3.2 +* Add cipher suites for forward secrecy on more clients (Aaron Friel) +* Maintain more handshake information to be queried by protocol (Adam Wick) +* handle SCSV on client and server side (Kazu Yamamoto) +* Cleanup renegotiation logic (Kazu Yamamoto) +* Various testing improvements with the openssl test parts +* Cleanup AEAD handling for future support of other ciphers + +------------------------------------------------------------------- +Thu Aug 6 20:43:26 UTC 2015 - mimi.vx@gmail.com + +- update to 1.3.1 +* Repair DHE RSA handling on the cipher by creating signature properly +* modernize the crypto stack by using cryptonite. + +------------------------------------------------------------------- +Sun Jun 21 16:56:51 UTC 2015 - mimi.vx@gmail.com + +- update to 1.2.18 +* add more tests (network, local) +* cleanup cipher / bulk code, certificate verify / creation, and digitall signed handling +* fix handling of DHE ciphers with MS SSL stack that serialize leading zero. + +------------------------------------------------------------------- +Thu Apr 23 18:32:31 UTC 2015 - mimi.vx@gmail.com + +- update to 1.2.17 +* Fix an issue with stream cipher not correctly calculating the internal state, + resulting systematically in bad record mac failure during handshake +* support chain certificate in credentials +* adding ALPN extension +* adding support for AEAD, and particularly AES128-GCM +* Adding support for ECDH +* Do not support SSL3 by default for security reason. +* add EnumSafe8 and 16 for specific sized Enum instance that are safer +* export signatureAndHash parser/encoder +* add a "known" list of extensions +* add SignatureAlgorithms extension +* add Heartbeat extension +* add support for EC curves and point format extensions +* add preliminary SessionTicket extension +* Propagate asynchronous exception +* Export TLSParams and HasBackend type names +* Added FlexibleContexts flag required by ghc-7.9 +* debug: add support for specifying the timeout length in milliseconds. +* debug: add support for 3DES in simple client +* add support for 3DES-EDE-CBC-SHA1 (cipher 0xa) +* repair retrieve certificate validation, and improve fingerprints +* remove groom from dependency +* make RecordM an instance of Applicative +* Fixes the Error_EOF partial pattern match error in exception handling +* Fixed socket backend endless loop when the server does not close connection + properly at the TLS level with the close notify alert. +* Catch Error_EOF in recvData and return empty data. +* Fixed Server key exchange data being parsed without the correct + context, leading to not knowing how to parse the structure. + The bug happens on efficient server that happens to send the ServerKeyXchg + message together with the ServerHello in the same handshake packet. + This trigger parsing of all the messages without having set the pending cipher. + Delay parsing, when this happen, until we know what to do with it. +* Fixed unrecognized name non-fatal alert after client hello. +* Add SSL3 to the supported list of version by default. +* Fixed handshake records not being able to span multiples records. + +------------------------------------------------------------------- +Mon Oct 7 07:12:32 UTC 2013 - sbahling@suse.com + +- Initial package - version 1.1.5 + From 77f163d3acf3dd63439bc13fe4902dcfb61ed1b15a742ba90e7b8e38cb5e8feb Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Thu, 26 Apr 2018 07:51:18 +0000 Subject: [PATCH 5/8] osc copypac from project:devel:languages:haskell:lts:11 package:ghc-tls revision:6, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=39 --- ghc-tls.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ghc-tls.spec b/ghc-tls.spec index a8c3d81..6b8eb53 100644 --- a/ghc-tls.spec +++ b/ghc-tls.spec @@ -93,7 +93,7 @@ This package provides the Haskell %{pkg_name} library development files. %ghc_pkg_recache %files -f %{name}.files -%doc LICENSE +%license LICENSE %files devel -f %{name}-devel.files %doc CHANGELOG.md From 8c7cb572100f2356579543b0b0ae180cbc6713f249f9e279b060bd6290106646 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 14 May 2018 13:18:34 +0000 Subject: [PATCH 6/8] osc copypac from project:devel:languages:haskell:ghc-8.4.x package:ghc-tls revision:1, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=40 --- ghc-tls.changes | 144 ------------------------------------------------ 1 file changed, 144 deletions(-) delete mode 100644 ghc-tls.changes diff --git a/ghc-tls.changes b/ghc-tls.changes deleted file mode 100644 index 65bdacb..0000000 --- a/ghc-tls.changes +++ /dev/null @@ -1,144 +0,0 @@ -------------------------------------------------------------------- -Thu Apr 12 08:31:58 UTC 2018 - psimons@suse.com - -- Update tls to version 1.4.1. - A more detailed change log is not available. - -------------------------------------------------------------------- -Thu Aug 3 15:38:38 UTC 2017 - psimons@suse.com - -- Updated with latest spec-cleaner version 0.9.8-8-geadfbbf. - -------------------------------------------------------------------- -Fri Jun 30 03:01:57 UTC 2017 - psimons@suse.com - -- Update to version 1.3.11. - -------------------------------------------------------------------- -Wed Apr 26 15:04:39 UTC 2017 - psimons@suse.com - -- Update to version 1.3.10 revision 2 with cabal2obs. - -------------------------------------------------------------------- -Mon Mar 27 12:38:43 UTC 2017 - psimons@suse.com - -- Update to version 1.3.10 revision 1 with cabal2obs. - -------------------------------------------------------------------- -Wed Jan 18 09:00:21 UTC 2017 - psimons@suse.com - -- Update to version 1.3.9 with cabal2obs. - -------------------------------------------------------------------- -Sun Jul 10 16:56:12 UTC 2016 - psimons@suse.com - -- Update to version 1.3.8 revision 0 with cabal2obs. - -------------------------------------------------------------------- -Fri May 13 12:53:41 UTC 2016 - mimi.vx@gmail.com - -- update to 1.3.8 - -------------------------------------------------------------------- -Wed May 11 15:35:33 UTC 2016 - mimi.vx@gmail.com - -- update to 1.3.7 -* Disable SHA384 based cipher, as they don't work properly yet. - -------------------------------------------------------------------- -Sun May 8 11:22:31 UTC 2016 - mimi.vx@gmail.com - -- update to 1.3.6 -* Add new ciphers -* Improve some debugging and outputs - -------------------------------------------------------------------- -Sun Apr 10 19:02:03 UTC 2016 - mimi.vx@gmail.com - -- update to 1.3.5 -* Fix a bug with ECDHE based cipher where serialization -* Improve tests -* Debugging: Add a way to print random seed and a way to side-load - a seed for replayability - -------------------------------------------------------------------- -Tue Dec 15 20:50:00 UTC 2015 - mimi.vx@gmail.com - -- update to 1.3.4 -* Add support for Hans (Haskell Network Stack) -* Add support for ECDSA signature -* Add support for ECDSA-ECDHE Cipher -* Improve parsing of ECC related structure - -------------------------------------------------------------------- -Mon Aug 31 08:14:19 UTC 2015 - mimi.vx@gmail.com - -- update to 1.3.2 -* Add cipher suites for forward secrecy on more clients (Aaron Friel) -* Maintain more handshake information to be queried by protocol (Adam Wick) -* handle SCSV on client and server side (Kazu Yamamoto) -* Cleanup renegotiation logic (Kazu Yamamoto) -* Various testing improvements with the openssl test parts -* Cleanup AEAD handling for future support of other ciphers - -------------------------------------------------------------------- -Thu Aug 6 20:43:26 UTC 2015 - mimi.vx@gmail.com - -- update to 1.3.1 -* Repair DHE RSA handling on the cipher by creating signature properly -* modernize the crypto stack by using cryptonite. - -------------------------------------------------------------------- -Sun Jun 21 16:56:51 UTC 2015 - mimi.vx@gmail.com - -- update to 1.2.18 -* add more tests (network, local) -* cleanup cipher / bulk code, certificate verify / creation, and digitall signed handling -* fix handling of DHE ciphers with MS SSL stack that serialize leading zero. - -------------------------------------------------------------------- -Thu Apr 23 18:32:31 UTC 2015 - mimi.vx@gmail.com - -- update to 1.2.17 -* Fix an issue with stream cipher not correctly calculating the internal state, - resulting systematically in bad record mac failure during handshake -* support chain certificate in credentials -* adding ALPN extension -* adding support for AEAD, and particularly AES128-GCM -* Adding support for ECDH -* Do not support SSL3 by default for security reason. -* add EnumSafe8 and 16 for specific sized Enum instance that are safer -* export signatureAndHash parser/encoder -* add a "known" list of extensions -* add SignatureAlgorithms extension -* add Heartbeat extension -* add support for EC curves and point format extensions -* add preliminary SessionTicket extension -* Propagate asynchronous exception -* Export TLSParams and HasBackend type names -* Added FlexibleContexts flag required by ghc-7.9 -* debug: add support for specifying the timeout length in milliseconds. -* debug: add support for 3DES in simple client -* add support for 3DES-EDE-CBC-SHA1 (cipher 0xa) -* repair retrieve certificate validation, and improve fingerprints -* remove groom from dependency -* make RecordM an instance of Applicative -* Fixes the Error_EOF partial pattern match error in exception handling -* Fixed socket backend endless loop when the server does not close connection - properly at the TLS level with the close notify alert. -* Catch Error_EOF in recvData and return empty data. -* Fixed Server key exchange data being parsed without the correct - context, leading to not knowing how to parse the structure. - The bug happens on efficient server that happens to send the ServerKeyXchg - message together with the ServerHello in the same handshake packet. - This trigger parsing of all the messages without having set the pending cipher. - Delay parsing, when this happen, until we know what to do with it. -* Fixed unrecognized name non-fatal alert after client hello. -* Add SSL3 to the supported list of version by default. -* Fixed handshake records not being able to span multiples records. - -------------------------------------------------------------------- -Mon Oct 7 07:12:32 UTC 2013 - sbahling@suse.com - -- Initial package - version 1.1.5 - From 6bcba078668a96177b107f05403d154e403d139bef507a84454afb12cbecf4e9 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 14 May 2018 15:21:12 +0000 Subject: [PATCH 7/8] osc copypac from project:devel:languages:haskell:ghc-8.4.x package:ghc-tls revision:2, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=41 --- ghc-tls.changes | 138 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 138 insertions(+) create mode 100644 ghc-tls.changes diff --git a/ghc-tls.changes b/ghc-tls.changes new file mode 100644 index 0000000..2fc3b6d --- /dev/null +++ b/ghc-tls.changes @@ -0,0 +1,138 @@ +------------------------------------------------------------------- +Thu Aug 3 15:38:38 UTC 2017 - psimons@suse.com + +- Updated with latest spec-cleaner version 0.9.8-8-geadfbbf. + +------------------------------------------------------------------- +Fri Jun 30 03:01:57 UTC 2017 - psimons@suse.com + +- Update to version 1.3.11. + +------------------------------------------------------------------- +Wed Apr 26 15:04:39 UTC 2017 - psimons@suse.com + +- Update to version 1.3.10 revision 2 with cabal2obs. + +------------------------------------------------------------------- +Mon Mar 27 12:38:43 UTC 2017 - psimons@suse.com + +- Update to version 1.3.10 revision 1 with cabal2obs. + +------------------------------------------------------------------- +Wed Jan 18 09:00:21 UTC 2017 - psimons@suse.com + +- Update to version 1.3.9 with cabal2obs. + +------------------------------------------------------------------- +Sun Jul 10 16:56:12 UTC 2016 - psimons@suse.com + +- Update to version 1.3.8 revision 0 with cabal2obs. + +------------------------------------------------------------------- +Fri May 13 12:53:41 UTC 2016 - mimi.vx@gmail.com + +- update to 1.3.8 + +------------------------------------------------------------------- +Wed May 11 15:35:33 UTC 2016 - mimi.vx@gmail.com + +- update to 1.3.7 +* Disable SHA384 based cipher, as they don't work properly yet. + +------------------------------------------------------------------- +Sun May 8 11:22:31 UTC 2016 - mimi.vx@gmail.com + +- update to 1.3.6 +* Add new ciphers +* Improve some debugging and outputs + +------------------------------------------------------------------- +Sun Apr 10 19:02:03 UTC 2016 - mimi.vx@gmail.com + +- update to 1.3.5 +* Fix a bug with ECDHE based cipher where serialization +* Improve tests +* Debugging: Add a way to print random seed and a way to side-load + a seed for replayability + +------------------------------------------------------------------- +Tue Dec 15 20:50:00 UTC 2015 - mimi.vx@gmail.com + +- update to 1.3.4 +* Add support for Hans (Haskell Network Stack) +* Add support for ECDSA signature +* Add support for ECDSA-ECDHE Cipher +* Improve parsing of ECC related structure + +------------------------------------------------------------------- +Mon Aug 31 08:14:19 UTC 2015 - mimi.vx@gmail.com + +- update to 1.3.2 +* Add cipher suites for forward secrecy on more clients (Aaron Friel) +* Maintain more handshake information to be queried by protocol (Adam Wick) +* handle SCSV on client and server side (Kazu Yamamoto) +* Cleanup renegotiation logic (Kazu Yamamoto) +* Various testing improvements with the openssl test parts +* Cleanup AEAD handling for future support of other ciphers + +------------------------------------------------------------------- +Thu Aug 6 20:43:26 UTC 2015 - mimi.vx@gmail.com + +- update to 1.3.1 +* Repair DHE RSA handling on the cipher by creating signature properly +* modernize the crypto stack by using cryptonite. + +------------------------------------------------------------------- +Sun Jun 21 16:56:51 UTC 2015 - mimi.vx@gmail.com + +- update to 1.2.18 +* add more tests (network, local) +* cleanup cipher / bulk code, certificate verify / creation, and digitall signed handling +* fix handling of DHE ciphers with MS SSL stack that serialize leading zero. + +------------------------------------------------------------------- +Thu Apr 23 18:32:31 UTC 2015 - mimi.vx@gmail.com + +- update to 1.2.17 +* Fix an issue with stream cipher not correctly calculating the internal state, + resulting systematically in bad record mac failure during handshake +* support chain certificate in credentials +* adding ALPN extension +* adding support for AEAD, and particularly AES128-GCM +* Adding support for ECDH +* Do not support SSL3 by default for security reason. +* add EnumSafe8 and 16 for specific sized Enum instance that are safer +* export signatureAndHash parser/encoder +* add a "known" list of extensions +* add SignatureAlgorithms extension +* add Heartbeat extension +* add support for EC curves and point format extensions +* add preliminary SessionTicket extension +* Propagate asynchronous exception +* Export TLSParams and HasBackend type names +* Added FlexibleContexts flag required by ghc-7.9 +* debug: add support for specifying the timeout length in milliseconds. +* debug: add support for 3DES in simple client +* add support for 3DES-EDE-CBC-SHA1 (cipher 0xa) +* repair retrieve certificate validation, and improve fingerprints +* remove groom from dependency +* make RecordM an instance of Applicative +* Fixes the Error_EOF partial pattern match error in exception handling +* Fixed socket backend endless loop when the server does not close connection + properly at the TLS level with the close notify alert. +* Catch Error_EOF in recvData and return empty data. +* Fixed Server key exchange data being parsed without the correct + context, leading to not knowing how to parse the structure. + The bug happens on efficient server that happens to send the ServerKeyXchg + message together with the ServerHello in the same handshake packet. + This trigger parsing of all the messages without having set the pending cipher. + Delay parsing, when this happen, until we know what to do with it. +* Fixed unrecognized name non-fatal alert after client hello. +* Add SSL3 to the supported list of version by default. +* Fixed handshake records not being able to span multiples records. + +------------------------------------------------------------------- +Mon Oct 7 07:12:32 UTC 2013 - sbahling@suse.com + +- Initial package - version 1.1.5 + From 6de6fba88d9d4eed7cc3fa2c20cfe7236e50a41bebf84ef933950109f7924370 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Tue, 15 May 2018 18:24:52 +0000 Subject: [PATCH 8/8] osc copypac from project:devel:languages:haskell:ghc-8.4.x package:ghc-tls revision:3, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=42 --- ghc-tls.changes | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/ghc-tls.changes b/ghc-tls.changes index 2fc3b6d..f7b0c8c 100644 --- a/ghc-tls.changes +++ b/ghc-tls.changes @@ -1,3 +1,42 @@ +------------------------------------------------------------------- +Mon May 14 17:02:11 UTC 2018 - psimons@suse.com + +- Update tls to version 1.4.1. + - Enable X25519 in default parameters [#265](https://github.com/vincenthz/hs-tls/pull/265) + - Checking EOF in bye [#262] (https://github.com/vincenthz/hs-tls/pull/262) + - Improving validation in DH key exchange [#256](https://github.com/vincenthz/hs-tls/pull/256) + - Handle TCP reset during handshake [#251](https://github.com/vincenthz/hs-tls/pull/251) + - Accepting hlint suggestions. + - Wrap renegotiation failures with HandshakeFailed [#237](https://github.com/vincenthz/hs-tls/pull/237) + - Improve selection of server certificate and use "signature_algorithms" extension [#236](https://github.com/vincenthz/hs-tls/pull/236) + - Change Bytes to ByteString and deprecate the Bytes type alias [#230](https://github.com/vincenthz/hs-tls/pull/230) + - Session compression and SNI [#223](https://github.com/vincenthz/hs-tls/pull/223) + - Deprecating ciphersuite_medium. Putting WARNING to ciphersuite_all since this includes RC4 [#153](https://github.com/vincenthz/hs-tls/pull/153) [#222](https://github.com/vincenthz/hs-tls/pull/222) + - Removing NPN [#214](https://github.com/vincenthz/hs-tls/pull/214) + - Supporting RSAPSS defined in TLS 1.3 [#207](https://github.com/vincenthz/hs-tls/pull/207) + - Supporting X25519 and X448 in the IES style. [#205](https://github.com/vincenthz/hs-tls/pull/205) + - Strip leading zeros in DHE premaster secret [#201](https://github.com/vincenthz/hs-tls/pull/201) + - RSASSA-PSS signatures can be enabled with `supportedHashSignatures`. This + uses assignments from TLS 1.3, for example `(HashIntrinsic, SignatureRSApssSHA256)`. + - Diffie-Hellman with elliptic curves X25519 and X448: This can be enabled with + `supportedGroups`, which also gives control over curve preference. + - ECDH with curve P-256 now uses optimized C implementation from package `cryptonite`. + + API CHANGES: + + - Cipher list `ciphersuite_medium` is now deprecated, users are advised to use + `ciphersuite_default` or `ciphersuite_strong`. List `ciphersuite_all` is kept + for compatibility with old servers but this is discouraged and generates a + warning (this includes RC4 ciphers, see [#153](https://github.com/vincenthz/hs-tls/pull/153) + for reference). + - Support for NPN (Next Protocol Negotiation) has been removed. The replacement + is ALPN (Application-Layer Protocol Negotiation). + - Data type `SessionData` now contains fields for compression algorithm and + client SNI. A `SessionManager` implementation that serializes/deserializes + `SessionData` values must deal with the new fields. + - Module `Network.TLS` exports a type alias named `Bytes` which is now deprecated. + The replacement is to use strict `ByteString` directly. + ------------------------------------------------------------------- Thu Aug 3 15:38:38 UTC 2017 - psimons@suse.com