Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ghc-tls for openSUSE:Factory checked in at 2026-06-10 16:08:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghc-tls (Old) and /work/SRC/openSUSE:Factory/.ghc-tls.new.2375 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghc-tls" Wed Jun 10 16:08:25 2026 rev:43 rq:1358461 version:2.1.14 Changes: -------- --- /work/SRC/openSUSE:Factory/ghc-tls/ghc-tls.changes 2025-11-20 14:52:39.796159873 +0100 +++ /work/SRC/openSUSE:Factory/.ghc-tls.new.2375/ghc-tls.changes 2026-06-10 16:13:11.134526641 +0200 @@ -1,0 +2,10 @@ +Thu Jan 8 00:49:04 UTC 2026 - Peter Simons <[email protected]> + +- Update tls to version 2.1.14. + ## Version 2.1.14 + + * Supporting P384 and P521 curves. + [#511](https://github.com/haskell-tls/hs-tls/pull/511) + * Fixing some bugs of `tls-client`. + +------------------------------------------------------------------- Old: ---- tls-2.1.13.tar.gz New: ---- tls-2.1.14.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghc-tls.spec ++++++ --- /var/tmp/diff_new_pack.LwtasF/_old 2026-06-10 16:13:14.530667378 +0200 +++ /var/tmp/diff_new_pack.LwtasF/_new 2026-06-10 16:13:14.530667378 +0200 @@ -1,7 +1,7 @@ # # spec file for package ghc-tls # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2026 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ %global pkgver %{pkg_name}-%{version} %bcond_with tests Name: ghc-%{pkg_name} -Version: 2.1.13 +Version: 2.1.14 Release: 0 Summary: TLS protocol native implementation License: BSD-3-Clause ++++++ tls-2.1.13.tar.gz -> tls-2.1.14.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-2.1.13/CHANGELOG.md new/tls-2.1.14/CHANGELOG.md --- old/tls-2.1.13/CHANGELOG.md 2001-09-09 03:46:40.000000000 +0200 +++ new/tls-2.1.14/CHANGELOG.md 2001-09-09 03:46:40.000000000 +0200 @@ -1,5 +1,11 @@ # Change log for "tls" +## Version 2.1.14 + +* Supporting P384 and P521 curves. + [#511](https://github.com/haskell-tls/hs-tls/pull/511) +* Fixing some bugs of `tls-client`. + ## Version 2.1.13 * Don't contain early_data if serverEarlyDataSize is 0. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-2.1.13/Network/TLS/Crypto.hs new/tls-2.1.14/Network/TLS/Crypto.hs --- old/tls-2.1.13/Network/TLS/Crypto.hs 2001-09-09 03:46:40.000000000 +0200 +++ new/tls-2.1.14/Network/TLS/Crypto.hs 2001-09-09 03:46:40.000000000 +0200 @@ -433,6 +433,8 @@ kxSupportedPrivKeyEC privkey = case ecPrivKeyCurveName privkey of Just ECC.SEC_p256r1 -> True + Just ECC.SEC_p384r1 -> True + Just ECC.SEC_p521r1 -> True _ -> False -- Perform a public-key operation with a parameterized ECC implementation when @@ -453,6 +455,10 @@ Nothing -> Just whenUnknown Just ECC.SEC_p256r1 -> maybeCryptoError $ withProxy p256 <$> ECDSA.decodePublic p256 bs + Just ECC.SEC_p384r1 -> + maybeCryptoError $ withProxy p384 <$> ECDSA.decodePublic p384 bs + Just ECC.SEC_p521r1 -> + maybeCryptoError $ withProxy p521 <$> ECDSA.decodePublic p521 bs Just curveName -> let curve = ECC.getCurveByName curveName pub = unserializePoint curve pt @@ -482,9 +488,17 @@ -- using ECDSA.decodePrivate, unfortunately the data type chosen in -- x509 was Integer. maybeCryptoError $ withProxy p256 <$> ECDSA.scalarFromInteger p256 d + Just ECC.SEC_p384r1 -> + maybeCryptoError $ withProxy p384 <$> ECDSA.scalarFromInteger p384 d + Just ECC.SEC_p521r1 -> + maybeCryptoError $ withProxy p521 <$> ECDSA.scalarFromInteger p521 d Just curveName -> Just $ withUnsupported curveName where d = privkeyEC_priv privkey p256 :: Proxy ECDSA.Curve_P256R1 p256 = Proxy +p384 :: Proxy ECDSA.Curve_P384R1 +p384 = Proxy +p521 :: Proxy ECDSA.Curve_P521R1 +p521 = Proxy diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-2.1.13/test/Arbitrary.hs new/tls-2.1.14/test/Arbitrary.hs --- old/tls-2.1.13/test/Arbitrary.hs 2001-09-09 03:46:40.000000000 +0200 +++ new/tls-2.1.14/test/Arbitrary.hs 2001-09-09 03:46:40.000000000 +0200 @@ -407,7 +407,7 @@ return (clientState, serverState) arbitraryClientCredential :: Version -> Gen Credential -arbitraryClientCredential _ = arbitraryCredentialsOfEachType' >>= elements +arbitraryClientCredential _ = arbitraryCredentialsOfEachCurve' >>= elements arbitraryRSACredentialWithUsage :: [ExtKeyUsageFlag] -> Gen (CertificateChain, PrivKey) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-2.1.13/test/PubKey.hs new/tls-2.1.14/test/PubKey.hs --- old/tls-2.1.13/test/PubKey.hs 2001-09-09 03:46:40.000000000 +0200 +++ new/tls-2.1.14/test/PubKey.hs 2001-09-09 03:46:40.000000000 +0200 @@ -91,6 +91,7 @@ knownECCurves = [ ECC.SEC_p256r1 , ECC.SEC_p384r1 + , ECC.SEC_p521r1 ] defaultECCurve :: ECC.CurveName diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-2.1.13/tls.cabal new/tls-2.1.14/tls.cabal --- old/tls-2.1.13/tls.cabal 2001-09-09 03:46:40.000000000 +0200 +++ new/tls-2.1.14/tls.cabal 2001-09-09 03:46:40.000000000 +0200 @@ -1,6 +1,6 @@ cabal-version: >=1.10 name: tls -version: 2.1.13 +version: 2.1.14 license: BSD3 license-file: LICENSE copyright: Vincent Hanquez <[email protected]> @@ -226,7 +226,7 @@ crypton-x509-system, ech-config, network, - network-run >= 0.4.4, + network-run >= 0.5, tls if flag(devel) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-2.1.13/util/tls-client.hs new/tls-2.1.14/util/tls-client.hs --- old/tls-2.1.13/util/tls-client.hs 2001-09-09 03:46:40.000000000 +0200 +++ new/tls-2.1.14/util/tls-client.hs 2001-09-09 03:46:40.000000000 +0200 @@ -74,7 +74,7 @@ } usage :: String -usage = "Usage: quic-client [OPTION] addr port [path]" +usage = "Usage: tls-client [OPTION] addr port [path]" options :: [OptDescr (Options -> Options)] options = @@ -220,13 +220,13 @@ , auxShow = showContent , auxReadResumptionData = readIORef ref } - mstore <- do - mstore' <- case optTrustedAnchor of - Nothing -> - if optValidate then Just <$> getSystemCertificateStore else return Nothing - Just file -> readCertificateStore file - when (isNothing mstore') $ showUsageAndExit "cannot set trusted anchor" - return mstore' + mstore <- case optTrustedAnchor of + Nothing -> + if optValidate then Just <$> getSystemCertificateStore else return Nothing + Just file -> do + mstore' <- readCertificateStore file + when (isNothing mstore') $ showUsageAndExit "cannot set trusted anchor" + return mstore' echConfList <- case optECHConfigFile of Nothing -> return [] Just ecnff -> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-2.1.13/util/tls-server.hs new/tls-2.1.14/util/tls-server.hs --- old/tls-2.1.13/util/tls-server.hs 2001-09-09 03:46:40.000000000 +0200 +++ new/tls-2.1.14/util/tls-server.hs 2001-09-09 03:46:40.000000000 +0200 @@ -113,7 +113,7 @@ ] usage :: String -usage = "Usage: server [OPTION] addr port" +usage = "Usage: tls-server [OPTION] addr port" showUsageAndExit :: String -> IO a showUsageAndExit msg = do
