Hello community, here is the log from the commit of package ghc-tls for openSUSE:Leap:15.2 checked in at 2020-03-13 10:56:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/ghc-tls (Old) and /work/SRC/openSUSE:Leap:15.2/.ghc-tls.new.3160 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghc-tls" Fri Mar 13 10:56:56 2020 rev:14 rq:782973 version:1.5.4 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/ghc-tls/ghc-tls.changes 2020-02-19 18:41:52.262244599 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.ghc-tls.new.3160/ghc-tls.changes 2020-03-13 10:56:56.428416082 +0100 @@ -1,0 +2,11 @@ +Thu Feb 27 14:16:56 UTC 2020 - [email protected] + +- Update tls to version 1.5.4. + ## Version 1.5.4 + + - Restore interoperability with early Java 6 + [#422](https://github.com/vincenthz/hs-tls/pull/422) + - Test cleanups for timeout and async usage + [#416](https://github.com/vincenthz/hs-tls/pull/416) + +------------------------------------------------------------------- Old: ---- tls-1.5.3.tar.gz New: ---- tls-1.5.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghc-tls.spec ++++++ --- /var/tmp/diff_new_pack.uaiVud/_old 2020-03-13 10:56:56.788416339 +0100 +++ /var/tmp/diff_new_pack.uaiVud/_new 2020-03-13 10:56:56.788416339 +0100 @@ -19,7 +19,7 @@ %global pkg_name tls %bcond_with tests Name: ghc-%{pkg_name} -Version: 1.5.3 +Version: 1.5.4 Release: 0 Summary: TLS/SSL protocol native implementation (Server and Client) License: BSD-3-Clause ++++++ tls-1.5.3.tar.gz -> tls-1.5.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.5.3/Benchmarks/Benchmarks.hs new/tls-1.5.4/Benchmarks/Benchmarks.hs --- old/tls-1.5.3/Benchmarks/Benchmarks.hs 2020-01-07 11:30:51.000000000 +0100 +++ new/tls-1.5.4/Benchmarks/Benchmarks.hs 2020-02-19 08:33:54.000000000 +0100 @@ -62,9 +62,9 @@ -> a -> IO b runTLSPipe params tlsServer tlsClient d = do - (writeStart, readResult) <- establishDataPipe params tlsServer tlsClient - writeStart d - readResult + withDataPipe params tlsServer tlsClient $ \(writeStart, readResult) -> do + writeStart d + readResult runTLSPipeSimple :: (ClientParams, ServerParams) -> B.ByteString -> IO B.ByteString runTLSPipeSimple params = runTLSPipe params tlsServer tlsClient diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.5.3/CHANGELOG.md new/tls-1.5.4/CHANGELOG.md --- old/tls-1.5.3/CHANGELOG.md 2020-01-07 11:30:51.000000000 +0100 +++ new/tls-1.5.4/CHANGELOG.md 2020-02-19 08:33:54.000000000 +0100 @@ -1,3 +1,10 @@ +## Version 1.5.4 + +- Restore interoperability with early Java 6 + [#422](https://github.com/vincenthz/hs-tls/pull/422) +- Test cleanups for timeout and async usage + [#416](https://github.com/vincenthz/hs-tls/pull/416) + ## Version 1.5.3 - Additional verification regarding EC signatures diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.5.3/Network/TLS/Handshake/Client.hs new/tls-1.5.4/Network/TLS/Handshake/Client.hs --- old/tls-1.5.3/Network/TLS/Handshake/Client.hs 2020-01-07 11:30:51.000000000 +0100 +++ new/tls-1.5.4/Network/TLS/Handshake/Client.hs 2020-02-19 08:33:54.000000000 +0100 @@ -120,6 +120,15 @@ tls13 = highestVer >= TLS13 ems = supportedExtendedMasterSec $ ctxSupported ctx groupToSend = listToMaybe groups + + -- List of extensions to send in ClientHello, ordered such that we never + -- terminate with a zero-length extension. Some buggy implementations + -- are allergic to an extension with empty data at final position. + -- + -- Without TLS 1.3, the list ends with extension "signature_algorithms" + -- with length >= 2 bytes. When TLS 1.3 is enabled, extensions + -- "psk_key_exchange_modes" (currently always sent) and "pre_shared_key" + -- (not always present) have length > 0. getExtensions pskInfo rtt0 = sequence [ sniExtension , secureReneg @@ -133,10 +142,10 @@ , versionExtension , earlyDataExtension rtt0 , keyshareExtension - , pskExchangeModeExtension , cookieExtension , postHandshakeAuthExtension - , preSharedKeyExtension pskInfo -- MUST be last + , pskExchangeModeExtension + , preSharedKeyExtension pskInfo -- MUST be last (RFC 8446) ] toExtensionRaw :: Extension e => e -> ExtensionRaw diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.5.3/Tests/Connection.hs new/tls-1.5.4/Tests/Connection.hs --- old/tls-1.5.3/Tests/Connection.hs 2020-01-07 11:30:51.000000000 +0100 +++ new/tls-1.5.4/Tests/Connection.hs 2020-02-19 08:33:54.000000000 +0100 @@ -26,7 +26,7 @@ , twoSessionManagers , setPairParamsSessionManagers , setPairParamsSessionResuming - , establishDataPipe + , withDataPipe , initiateDataPipe , byeBye ) where @@ -366,8 +366,8 @@ , loggingPacketRecv = putStrLn . ((pre ++ "<< ") ++) } else def -establishDataPipe :: (ClientParams, ServerParams) -> (Context -> Chan result -> IO ()) -> (Chan start -> Context -> IO ()) -> IO (start -> IO (), IO result) -establishDataPipe params tlsServer tlsClient = do +withDataPipe :: (ClientParams, ServerParams) -> (Context -> Chan result -> IO ()) -> (Chan start -> Context -> IO ()) -> ((start -> IO (), IO result) -> IO a) -> IO a +withDataPipe params tlsServer tlsClient cont = do -- initial setup pipe <- newPipe _ <- runPipe pipe @@ -376,19 +376,20 @@ (cCtx, sCtx) <- newPairContext pipe params - sAsync <- async $ E.catch (tlsServer sCtx resultQueue) - (printAndRaise "server" (serverSupported $ snd params)) - cAsync <- async $ E.catch (tlsClient startQueue cCtx) - (printAndRaise "client" (clientSupported $ fst params)) + withAsync (E.catch (tlsServer sCtx resultQueue) + (printAndRaise "server" (serverSupported $ snd params))) $ \sAsync -> do + withAsync (E.catch (tlsClient startQueue cCtx) + (printAndRaise "client" (clientSupported $ fst params))) $ \cAsync -> do + + let readResult = waitBoth cAsync sAsync >> readChan resultQueue + cont (writeChan startQueue, readResult) - let readResult = waitBoth cAsync sAsync >> readChan resultQueue - return (writeChan startQueue, readResult) where printAndRaise :: String -> Supported -> E.SomeException -> IO () printAndRaise s supported e = do putStrLn $ s ++ " exception: " ++ show e ++ - ", supported: " ++ show supported - E.throw e + ", supported: " ++ show supported + E.throwIO e initiateDataPipe :: (ClientParams, ServerParams) -> (Context -> IO a1) -> (Context -> IO a) -> IO (Either E.SomeException a, Either E.SomeException a1) initiateDataPipe params tlsServer tlsClient = do diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.5.3/Tests/Tests.hs new/tls-1.5.4/Tests/Tests.hs --- old/tls-1.5.3/Tests/Tests.hs 2020-01-07 11:30:51.000000000 +0100 +++ new/tls-1.5.4/Tests/Tests.hs 2020-02-19 08:33:54.000000000 +0100 @@ -58,16 +58,20 @@ runTLSPipeN :: Int -> (ClientParams, ServerParams) -> (Context -> Chan [C8.ByteString] -> IO ()) -> (Chan C8.ByteString -> Context -> IO ()) -> PropertyM IO () runTLSPipeN n params tlsServer tlsClient = do - (writeStart, readResult) <- run (establishDataPipe params tlsServer tlsClient) - -- send some data + -- generate some data to send ds <- replicateM n $ do d <- B.pack <$> pick (someWords8 256) - _ <- run $ writeStart d return d - -- receive it - dsres <- run $ timeout 60000000 readResult -- 60 sec - -- check if it equal - Just ds `assertEq` dsres + -- send it + m_dsres <- run $ do + withDataPipe params tlsServer tlsClient $ \(writeStart, readResult) -> do + forM_ ds $ \d -> do + writeStart d + -- receive it + timeout 60000000 readResult -- 60 sec + case m_dsres of + Nothing -> error "timed out" + Just dsres -> ds `assertEq` dsres runTLSPipe :: (ClientParams, ServerParams) -> (Context -> Chan [C8.ByteString] -> IO ()) -> (Chan C8.ByteString -> Context -> IO ()) -> PropertyM IO () runTLSPipe = runTLSPipeN 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.5.3/tls.cabal new/tls-1.5.4/tls.cabal --- old/tls-1.5.3/tls.cabal 2020-01-07 11:30:51.000000000 +0100 +++ new/tls-1.5.4/tls.cabal 2020-02-19 08:33:54.000000000 +0100 @@ -1,5 +1,5 @@ Name: tls -Version: 1.5.3 +Version: 1.5.4 Description: Native Haskell TLS and SSL protocol implementation for server and client. .
