Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1714803014109070"
MIME-Version: 1.0
Date: Sat, 4 May 2024 06:10:14 +0000
From: "Masatake Daimon" <pho@netbsd.org>
Subject: CVS commit: pkgsrc/security/hs-tls
To: pkgsrc-changes@NetBSD.org
Reply-To: pho@netbsd.org
Message-Id: <20240504061014.18418FA2C@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_1714803014109070
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	pho
Date:		Sat May  4 06:10:14 UTC 2024

Modified Files:
	pkgsrc/security/hs-tls: Makefile PLIST buildlink3.mk distinfo

Log Message:
security/hs-tls: Update to 2.0.5

Version 2.0.5

    Fixing handshake13_0rtt_fallback
    Client checks if the group of PSK is contained in Supported_Groups.
    HRR is not allowed for 0-RTT.

Version 2.0.4

    More fix for 0-RTT when application data is available while receiving CF.
    New util/tls-client and util/tls-server.

Version 2.0.3

    Fixing a bug where timeout in bye does not work.
    util/client -> util/tls-client
    util/server -> util/tls-server

Version 2.0.2

    Client checks sessionMaxEarlyDataSize to decide 0-RTT
    Client checks the resumption cipher properly.

Version 2.0.1

    Fix a leak of pending data to be sent.

Version 2.0.0

    tls now only supports TLS 1.2 and TLS 1.3 with safe cipher suites.
    Security: BREAKING CHANGE: TLS 1.0 and TLS 1.1 are removed.
    Security: BREAKING CHANGE: all CBC cipher suite are removed.
    Security: BREAKING CHANGE: RC4 and 3DES are removed.
    Security: BREAKING CHANGE: DSS(digital signature standard) is removed.
    Security: BREAKING CHANGE: TLS 1.2 servers require EMS(extended main secret) by default. supportedExtendedMasterSec is renamed to supportedExtendedMainSecret.
    BREAKING CHANGE: the package is now complied with Strict and StrictData.
    BREAKING CHANGE: Many data structures are re-defined with PatternSynonyms for extensibility.
    BREAKING CHANGE: the structure of SessionManager is changed to support session tickets.
    API: BREAKING CHANGE: sendData can send early data (0-RTT). clientEarlyData is removed. To send early data via sendData, set clientUseEarlyData to True. #466
    API: handshake can receive an alert of client authentication failure for TLS 1.3. #463
    API: bye can receive NewSessionTicket for TLS 1.3.
    Channel binding: getFinished and getPeerFinished are deprecated. Use getTLSUnique instead. #462
    Channel binding: getTLSExporter and getTLSServerEndPoint are provided. #462
    Refactoring: the monolithic handshake is divided to follow the diagram of TLS 1.2 and 1.3 for readability.
    Refactoring: test cases are refactored for maintenability and readablity. hspec is used instead of tasty.
    Code format: fourmolu is used as an official formatter.
    Catching up RFC8446bis-09. #467


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/security/hs-tls/Makefile \
    pkgsrc/security/hs-tls/buildlink3.mk
cvs rdiff -u -r1.4 -r1.5 pkgsrc/security/hs-tls/PLIST
cvs rdiff -u -r1.7 -r1.8 pkgsrc/security/hs-tls/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1714803014109070
Content-Disposition: inline
Content-Length: 11296
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/security/hs-tls/Makefile
diff -u pkgsrc/security/hs-tls/Makefile:1.13 pkgsrc/security/hs-tls/Makefile:1.14
--- pkgsrc/security/hs-tls/Makefile:1.13	Thu Nov  2 06:37:22 2023
+++ pkgsrc/security/hs-tls/Makefile	Sat May  4 06:10:13 2024
@@ -1,16 +1,19 @@
-# $NetBSD: Makefile,v 1.13 2023/11/02 06:37:22 pho Exp $
+# $NetBSD: Makefile,v 1.14 2024/05/04 06:10:13 pho Exp $
 
-DISTNAME=	tls-1.9.0
-PKGREVISION=	1
+DISTNAME=	tls-2.0.5
 CATEGORIES=	security
 
 MAINTAINER=	pho@cielonegro.org
 COMMENT=	TLS/SSL protocol native implementation (Server and Client)
 LICENSE=	modified-bsd
 
+HASKELL_UNRESTRICT_DEPENDENCIES+=	\
+	crypton
+
 .include "../../devel/hs-asn1-encoding/buildlink3.mk"
 .include "../../devel/hs-asn1-types/buildlink3.mk"
 .include "../../devel/hs-async/buildlink3.mk"
+.include "../../converters/hs-base16-bytestring/buildlink3.mk"
 .include "../../devel/hs-cereal/buildlink3.mk"
 .include "../../security/hs-crypton/buildlink3.mk"
 .include "../../security/hs-crypton-x509/buildlink3.mk"
@@ -18,7 +21,8 @@ LICENSE=	modified-bsd
 .include "../../security/hs-crypton-x509-validation/buildlink3.mk"
 .include "../../devel/hs-data-default-class/buildlink3.mk"
 .include "../../devel/hs-memory/buildlink3.mk"
-.include "../../time/hs-unix-time/buildlink3.mk"
 .include "../../net/hs-network/buildlink3.mk"
+.include "../../devel/hs-serialise/buildlink3.mk"
+.include "../../time/hs-unix-time/buildlink3.mk"
 .include "../../mk/haskell.mk"
 .include "../../mk/bsd.pkg.mk"
Index: pkgsrc/security/hs-tls/buildlink3.mk
diff -u pkgsrc/security/hs-tls/buildlink3.mk:1.13 pkgsrc/security/hs-tls/buildlink3.mk:1.14
--- pkgsrc/security/hs-tls/buildlink3.mk:1.13	Thu Nov  2 06:37:22 2023
+++ pkgsrc/security/hs-tls/buildlink3.mk	Sat May  4 06:10:13 2024
@@ -1,17 +1,18 @@
-# $NetBSD: buildlink3.mk,v 1.13 2023/11/02 06:37:22 pho Exp $
+# $NetBSD: buildlink3.mk,v 1.14 2024/05/04 06:10:13 pho Exp $
 
 BUILDLINK_TREE+=	hs-tls
 
 .if !defined(HS_TLS_BUILDLINK3_MK)
 HS_TLS_BUILDLINK3_MK:=
 
-BUILDLINK_API_DEPENDS.hs-tls+=	hs-tls>=1.9.0
-BUILDLINK_ABI_DEPENDS.hs-tls+=	hs-tls>=1.9.0nb1
+BUILDLINK_API_DEPENDS.hs-tls+=	hs-tls>=2.0.5
+BUILDLINK_ABI_DEPENDS.hs-tls+=	hs-tls>=2.0.5
 BUILDLINK_PKGSRCDIR.hs-tls?=	../../security/hs-tls
 
 .include "../../devel/hs-asn1-encoding/buildlink3.mk"
 .include "../../devel/hs-asn1-types/buildlink3.mk"
 .include "../../devel/hs-async/buildlink3.mk"
+.include "../../converters/hs-base16-bytestring/buildlink3.mk"
 .include "../../devel/hs-cereal/buildlink3.mk"
 .include "../../security/hs-crypton/buildlink3.mk"
 .include "../../security/hs-crypton-x509/buildlink3.mk"
@@ -19,8 +20,9 @@ BUILDLINK_PKGSRCDIR.hs-tls?=	../../secur
 .include "../../security/hs-crypton-x509-validation/buildlink3.mk"
 .include "../../devel/hs-data-default-class/buildlink3.mk"
 .include "../../devel/hs-memory/buildlink3.mk"
-.include "../../time/hs-unix-time/buildlink3.mk"
 .include "../../net/hs-network/buildlink3.mk"
+.include "../../devel/hs-serialise/buildlink3.mk"
+.include "../../time/hs-unix-time/buildlink3.mk"
 .endif	# HS_TLS_BUILDLINK3_MK
 
 BUILDLINK_TREE+=	-hs-tls

Index: pkgsrc/security/hs-tls/PLIST
diff -u pkgsrc/security/hs-tls/PLIST:1.4 pkgsrc/security/hs-tls/PLIST:1.5
--- pkgsrc/security/hs-tls/PLIST:1.4	Mon Oct 30 14:50:27 2023
+++ pkgsrc/security/hs-tls/PLIST	Sat May  4 06:10:13 2024
@@ -1,6 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2023/10/30 14:50:27 pho Exp $
-lib/tls-${PKGVERSION}/${HS_VERSION}/package-description
-lib/tls-${PKGVERSION}/${HS_VERSION}/package-id
+@comment $NetBSD: PLIST,v 1.5 2024/05/04 06:10:13 pho Exp $
 ${PLIST.shlibs}lib/${HS_PLATFORM}/libHS${HS_PKGID}-${HS_VER}.so
 ${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS.dyn_hi
 lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS.hi
@@ -8,9 +6,6 @@ ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKG
 ${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Backend.dyn_hi
 lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Backend.hi
 ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Backend.p_hi
-${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Cap.dyn_hi
-lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Cap.hi
-${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Cap.p_hi
 ${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Cipher.dyn_hi
 lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Cipher.hi
 ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Cipher.p_hi
@@ -65,6 +60,21 @@ ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKG
 ${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client.dyn_hi
 lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client.hi
 ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/ClientHello.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/ClientHello.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/ClientHello.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/Common.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/Common.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/Common.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/ServerHello.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/ServerHello.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/ServerHello.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/TLS12.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/TLS12.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/TLS12.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/TLS13.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/TLS13.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Client/TLS13.p_hi
 ${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Common.dyn_hi
 lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Common.hi
 ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Common.p_hi
@@ -86,6 +96,30 @@ ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKG
 ${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server.dyn_hi
 lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server.hi
 ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello12.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello12.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello12.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello13.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello13.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ClientHello13.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/Common.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/Common.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/Common.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ServerHello12.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ServerHello12.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ServerHello12.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ServerHello13.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ServerHello13.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/ServerHello13.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/TLS12.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/TLS12.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/TLS12.p_hi
+${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/TLS13.dyn_hi
+lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/TLS13.hi
+${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Server/TLS13.p_hi
 ${PLIST.shlibs}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Signature.dyn_hi
 lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Signature.hi
 ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/Handshake/Signature.p_hi
@@ -196,6 +230,8 @@ lib/${HS_PLATFORM}/${HS_PKGID}/Network/T
 ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/Network/TLS/X509.p_hi
 lib/${HS_PLATFORM}/${HS_PKGID}/libHS${HS_PKGID}.a
 ${PLIST.prof}lib/${HS_PLATFORM}/${HS_PKGID}/libHS${HS_PKGID}_p.a
+lib/tls-${PKGVERSION}/${HS_VERSION}/package-description
+lib/tls-${PKGVERSION}/${HS_VERSION}/package-id
 share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/LICENSE
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/Network-TLS-Extra-Cipher.html
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/Network-TLS-Extra-FFDHE.html
@@ -226,12 +262,10 @@ ${PLIST.doc}share/doc/${HS_PLATFORM}/tls
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/doc-index-V.html
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/doc-index-X.html
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/doc-index.html
-${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/doc-index.json
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/haddock-bundle.min.js
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/index.html
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/linuwial.css
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/meta.json
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/quick-jump.css
-${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/quick-jump.min.js
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/synopsis.png
 ${PLIST.doc}share/doc/${HS_PLATFORM}/tls-${PKGVERSION}/html/tls.haddock

Index: pkgsrc/security/hs-tls/distinfo
diff -u pkgsrc/security/hs-tls/distinfo:1.7 pkgsrc/security/hs-tls/distinfo:1.8
--- pkgsrc/security/hs-tls/distinfo:1.7	Mon Oct 30 14:50:27 2023
+++ pkgsrc/security/hs-tls/distinfo	Sat May  4 06:10:13 2024
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.7 2023/10/30 14:50:27 pho Exp $
+$NetBSD: distinfo,v 1.8 2024/05/04 06:10:13 pho Exp $
 
-BLAKE2s (tls-1.9.0.tar.gz) = b21251e2c106d30d1260eb8db3a86c724c05048427e7df390bdcde6efbc0d5ac
-SHA512 (tls-1.9.0.tar.gz) = 9f7cd2641a349af12b8bca744739aaaac2abb676d65b3c148e2a281115a33cf9ccadbf783992c4924524fe21ffd7e2c547f739fd8558bb3c0c5aad9ccef246c1
-Size (tls-1.9.0.tar.gz) = 159392 bytes
+BLAKE2s (tls-2.0.5.tar.gz) = 6b5b42abd6c2ec273c725a5e3e7a7b271a5789674aaedb1960cb2c1a9d377d0f
+SHA512 (tls-2.0.5.tar.gz) = 86dc0d519e9060e45518ed7dcac596664a40002e84d47227b47d3761c445491503180a07f3b2e5dca0fbfca854c9ba20dc7581cfb7901d75fa2c7c67d2574d95
+Size (tls-2.0.5.tar.gz) = 160741 bytes


--_----------=_1714803014109070--