Accepting request 1157268 from devel:languages:haskell

Update Haskell ecosystem to GHC version 9.8.2.

OBS-URL: https://build.opensuse.org/request/show/1157268
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ghc-tls?expand=0&rev=31

ghc-tls.changes

@@ -1,3 +1,54 @@
+-------------------------------------------------------------------
+Fri Mar  1 03:31:34 UTC 2024 - Peter Simons <psimons@suse.com>
+
+- Update tls to version 2.0.1 revision 1.
+  Upstream has revised the Cabal build instructions on Hackage.
+
+-------------------------------------------------------------------
+Sun Feb 18 22:15:12 UTC 2024 - Peter Simons <psimons@suse.com>
+
+- Update tls to version 2.0.1.
+  ## Version 2.0.1
+
+  * Fix a leak of pending data to be sent.
+
+  ## Version 2.0.0
+
+  * `tls` now only supports TLS 1.2 and TLS 1.3 with safe cipher suites.
+  * Security: BREAKING CHANGE: TLS 1.0 and TLS 1.1 are removed.
+  * Security: BREAKING CHANGE: all CBC cipher suite are removed.
+  * Security: BREAKING CHANGE: RC4 and 3DES are removed.
+  * Security: BREAKING CHANGE: DSS(digital signature standard) is removed.
+  * Security: BREAKING CHANGE: TLS 1.2 servers require
+    EMS(extended main secret) by default.
+    `supportedExtendedMasterSec` is renamed to
+    `supportedExtendedMainSecret`.
+  * BREAKING CHANGE: the package is now complied with `Strict` and `StrictData`.
+  * BREAKING CHANGE: Many data structures are re-defined with
+   `PatternSynonyms` for extensibility.
+  * BREAKING CHANGE: the structure of `SessionManager` is changed
+    to support session tickets.
+  * API: BREAKING CHANGE: `sendData` can send early data (0-RTT).
+    `clientEarlyData` is removed.
+    To send early data via `sendData`, set `clientUseEarlyData` to `True`.
+    [#466](https://github.com/haskell-tls/hs-tls/issues/466)
+  * API: `handshake` can receive an alert of client authentication failure
+    for TLS 1.3.
+    [#463](https://github.com/haskell-tls/hs-tls/pull/463)
+  * API: `bye` can receive NewSessionTicket for TLS 1.3.
+  * Channel binding: `getFinished` and `getPeerFinished` are deprecated.
+    Use `getTLSUnique` instead.
+    [#462](https://github.com/haskell-tls/hs-tls/pull/462)
+  * Channel binding: `getTLSExporter` and `getTLSServerEndPoint` are provided.
+    [#462](https://github.com/haskell-tls/hs-tls/pull/462)
+  * Refactoring: the monolithic `handshake` is divided to follow
+    the diagram of TLS 1.2 and 1.3 for readability.
+  * Refactoring: test cases are refactored for maintenability
+    and readablity. `hspec` is used instead of `tasty`.
+  * Code format: `fourmolu` is used as an official formatter.
+  * Catching up RFC8446bis-09.
+    [#467](https://github.com/haskell-tls/hs-tls/issues/467)
+
 -------------------------------------------------------------------
 Tue Sep  5 05:49:20 UTC 2023 - Peter Simons <psimons@suse.com>
 

ghc-tls.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package ghc-tls
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,12 +20,13 @@
 %global pkgver %{pkg_name}-%{version}
 %bcond_with tests
 Name:           ghc-%{pkg_name}
-Version:        1.9.0
+Version:        2.0.1
 Release:        0
-Summary:        TLS/SSL protocol native implementation (Server and Client)
+Summary:        TLS protocol native implementation
 License:        BSD-3-Clause
 URL:            https://hackage.haskell.org/package/%{pkg_name}
 Source0:        https://hackage.haskell.org/package/%{pkg_name}-%{version}/%{pkg_name}-%{version}.tar.gz
+Source1:        https://hackage.haskell.org/package/%{pkg_name}-%{version}/revision/1.cabal#/%{pkg_name}.cabal
 BuildRequires:  ghc-Cabal-devel
 BuildRequires:  ghc-asn1-encoding-devel
 BuildRequires:  ghc-asn1-encoding-prof
@@ -35,6 +36,8 @@ BuildRequires:  ghc-async-devel
 BuildRequires:  ghc-async-prof
 BuildRequires:  ghc-base-devel
 BuildRequires:  ghc-base-prof
+BuildRequires:  ghc-base16-bytestring-devel
+BuildRequires:  ghc-base16-bytestring-prof
 BuildRequires:  ghc-bytestring-devel
 BuildRequires:  ghc-bytestring-prof
 BuildRequires:  ghc-cereal-devel
@@ -56,6 +59,8 @@ BuildRequires:  ghc-mtl-prof
 BuildRequires:  ghc-network-devel
 BuildRequires:  ghc-network-prof
 BuildRequires:  ghc-rpm-macros
+BuildRequires:  ghc-serialise-devel
+BuildRequires:  ghc-serialise-prof
 BuildRequires:  ghc-transformers-devel
 BuildRequires:  ghc-transformers-prof
 BuildRequires:  ghc-unix-time-devel
@@ -66,25 +71,12 @@ BuildRequires:  ghc-QuickCheck-devel
 BuildRequires:  ghc-QuickCheck-prof
 BuildRequires:  ghc-hourglass-devel
 BuildRequires:  ghc-hourglass-prof
-BuildRequires:  ghc-tasty-devel
+BuildRequires:  ghc-hspec-devel
-BuildRequires:  ghc-tasty-prof
+BuildRequires:  ghc-hspec-prof
-BuildRequires:  ghc-tasty-quickcheck-devel
-BuildRequires:  ghc-tasty-quickcheck-prof
 %endif
 
 %description
-Native Haskell TLS and SSL protocol implementation for server and client.
+Native Haskell TLS 1.2/1.3 protocol implementation for servers and clients.
-
-This provides a high-level implementation of a sensitive security protocol,
-eliminating a common set of security issues through the use of the advanced
-type system, high level constructions and common Haskell features.
-
-Currently implement the TLS1.0, TLS1.1, TLS1.2 and TLS 1.3 protocol, and
-support RSA and Ephemeral (Elliptic curve and regular) Diffie Hellman key
-exchanges, and many extensions.
-
-Some debug tools linked with tls, are available through the
-<http://hackage.haskell.org/package/tls-debug/>.
 
 %package devel
 Summary:        Haskell %{pkg_name} library development files
@@ -114,6 +106,7 @@ This package provides the Haskell %{pkg_name} profiling library.
 
 %prep
 %autosetup -n %{pkg_name}-%{version}
+cp -p %{SOURCE1} %{pkg_name}.cabal
 
 %build
 %ghc_lib_build

tls-1.9.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5605b9cbe0903b100e9de72800641453f74bf5dade6176dbe10b34ac9353433e
-size 159392

tls-2.0.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:98658cb0394a9cd08c56c5fe11a6c96f16c892a2a594db421cd72e0e7f7be684
+size 162814

tls.cabal

@@ -0,0 +1,221 @@
+cabal-version:      >=1.10
+name:               tls
+version:            2.0.1
+x-revision: 1
+license:            BSD3
+license-file:       LICENSE
+copyright:          Vincent Hanquez <vincent@snarc.org>
+maintainer:         Kazu Yamamoto <kazu@iij.ad.jp>
+author:             Vincent Hanquez <vincent@snarc.org>
+homepage:           https://github.com/haskell-tls/hs-tls
+synopsis:           TLS protocol native implementation
+description:
+    Native Haskell TLS 1.2/1.3 protocol implementation for servers and clients.
+
+category:           Network
+build-type:         Simple
+extra-source-files:
+    test/*.hs
+    CHANGELOG.md
+
+source-repository head
+    type:     git
+    location: https://github.com/haskell-tls/hs-tls
+    subdir:   core
+
+flag devel
+    description: Development commands
+    default:     False
+
+library
+    exposed-modules:
+        Network.TLS
+        Network.TLS.Cipher
+        Network.TLS.Compression
+        Network.TLS.Internal
+        Network.TLS.Extra
+        Network.TLS.Extra.Cipher
+        Network.TLS.Extra.FFDHE
+        Network.TLS.QUIC
+
+    other-modules:
+        Network.TLS.Struct
+        Network.TLS.Struct13
+        Network.TLS.Core
+        Network.TLS.Context
+        Network.TLS.Context.Internal
+        Network.TLS.Credentials
+        Network.TLS.Backend
+        Network.TLS.Crypto
+        Network.TLS.Crypto.DH
+        Network.TLS.Crypto.IES
+        Network.TLS.Crypto.Types
+        Network.TLS.ErrT
+        Network.TLS.Extension
+        Network.TLS.Handshake
+        Network.TLS.Handshake.Certificate
+        Network.TLS.Handshake.Client
+        Network.TLS.Handshake.Client.ClientHello
+        Network.TLS.Handshake.Client.Common
+        Network.TLS.Handshake.Client.ServerHello
+        Network.TLS.Handshake.Client.TLS12
+        Network.TLS.Handshake.Client.TLS13
+        Network.TLS.Handshake.Common
+        Network.TLS.Handshake.Common13
+        Network.TLS.Handshake.Control
+        Network.TLS.Handshake.Key
+        Network.TLS.Handshake.Process
+        Network.TLS.Handshake.Random
+        Network.TLS.Handshake.Server
+        Network.TLS.Handshake.Server.ClientHello
+        Network.TLS.Handshake.Server.ClientHello12
+        Network.TLS.Handshake.Server.ClientHello13
+        Network.TLS.Handshake.Server.Common
+        Network.TLS.Handshake.Server.ServerHello12
+        Network.TLS.Handshake.Server.ServerHello13
+        Network.TLS.Handshake.Server.TLS12
+        Network.TLS.Handshake.Server.TLS13
+        Network.TLS.Handshake.Signature
+        Network.TLS.Handshake.State
+        Network.TLS.Handshake.State13
+        Network.TLS.Hooks
+        Network.TLS.IO
+        Network.TLS.Imports
+        Network.TLS.KeySchedule
+        Network.TLS.MAC
+        Network.TLS.Measurement
+        Network.TLS.Packet
+        Network.TLS.Packet13
+        Network.TLS.Parameters
+        Network.TLS.PostHandshake
+        Network.TLS.Record
+        Network.TLS.Record.Disengage
+        Network.TLS.Record.Engage
+        Network.TLS.Record.Layer
+        Network.TLS.Record.Reading
+        Network.TLS.Record.Writing
+        Network.TLS.Record.State
+        Network.TLS.Record.Types
+        Network.TLS.RNG
+        Network.TLS.State
+        Network.TLS.Session
+        Network.TLS.Sending
+        Network.TLS.Receiving
+        Network.TLS.Util
+        Network.TLS.Util.ASN1
+        Network.TLS.Util.Serialization
+        Network.TLS.Types
+        Network.TLS.Wire
+        Network.TLS.X509
+
+    default-extensions: Strict StrictData
+    default-language: Haskell2010
+    ghc-options:      -Wall
+    build-depends:
+        base >=4.9 && <5,
+        asn1-encoding >= 0.9 && < 0.10,
+        asn1-types >= 0.3 && < 0.4,
+        async >= 2.2 && < 2.3,
+        base16-bytestring,
+        bytestring >= 0.10 && < 0.13,
+        cereal >= 0.5.3 && < 0.6,
+        crypton >= 0.34 && < 0.35,
+        crypton-x509 >= 1.7 && < 1.8,
+        crypton-x509-store >= 1.6 && < 1.7,
+        crypton-x509-validation >= 1.6.5 && < 1.7,
+        data-default-class >= 0.1 && < 0.2,
+        memory >= 0.18 && < 0.19,
+        mtl >= 2.2 && < 2.4,
+        network >= 3.1 && < 3.2,
+        serialise >= 0.2 && < 0.3,
+        transformers >= 0.5 && < 0.7,
+        unix-time >= 0.4.11 && < 0.5
+
+test-suite spec
+    type:               exitcode-stdio-1.0
+    main-is:            Spec.hs
+    build-tool-depends: hspec-discover:hspec-discover
+    hs-source-dirs:     test
+    other-modules:
+        API
+        Arbitrary
+        Certificate
+        CiphersSpec
+        EncodeSpec
+        HandshakeSpec
+        PipeChan
+        PubKey
+        Run
+        Session
+        ThreadSpec
+
+    default-extensions: Strict StrictData
+    default-language:   Haskell2010
+    ghc-options:        -Wall -threaded -rtsopts
+    build-depends:
+        base >=4.9 && <5,
+        QuickCheck,
+        asn1-types,
+        async,
+        bytestring,
+        crypton,
+        crypton-x509,
+        crypton-x509-validation,
+        data-default-class,
+        hourglass,
+        hspec,
+        serialise,
+        tls
+
+executable server
+    main-is:            server.hs
+    hs-source-dirs:     util
+    other-modules:
+        Common
+        HexDump
+        Imports
+
+    default-language:   Haskell2010
+    default-extensions: Strict StrictData
+    ghc-options:        -Wall -threaded -rtsopts
+    build-depends:
+        base >=4.9 && <5,
+        bytestring,
+        containers,
+        crypton,
+        crypton-x509-store,
+        crypton-x509-system,
+        data-default-class,
+        network,
+        tls
+
+    if flag(devel)
+
+    else
+        buildable: False
+
+executable client
+    main-is:            client.hs
+    hs-source-dirs:     util
+    other-modules:
+        Common
+        HexDump
+        Imports
+
+    default-language:   Haskell2010
+    default-extensions: Strict StrictData
+    ghc-options:        -Wall -threaded -rtsopts
+    build-depends:
+        base >=4.9 && <5,
+        bytestring,
+        crypton,
+        crypton-x509-store,
+        crypton-x509-system,
+        data-default-class,
+        network,
+        tls
+
+    if flag(devel)
+
+    else
+        buildable: False