Subject: CVS commit: pkgsrc/security/hs-tls
From: Masatake Daimon
Date: 2025-01-30 12:10:36
Message id: 20250130111036.42A54FBE0@cvs.NetBSD.org
Log Message:
security/hs-tls: update to tls-2.1.7

# Change log for "tls"

## Version 2.1.7

* Introducing `Limit` parameter.
* Implementing "Record Size Limit Extension for TLS" (RFC8449).
  Set `limitRecordSize` use it.
* Implementing "TLS Certificate Compression" (RFC 8879).
  This feature is automatically used if the peer supports it.
* More tests with `tlsfuzzer` especially for client authentication
  and 0-RTT.
* Implementing a utility funcation, `validateClientCertificate`, for
  client authentication.
* Bug fix for echo back logic of Cookie extension.
* More pretty show for the internal `Handshake` structure for debugging.

## Version 2.1.6

* Testing with "tlsfuzzer" again. Now don't send an alert agaist to
  peer's alert. Double locking (aka self dead-lock) is fixed. Sending
  an alert for known-but-cannot-parse extensions. Other corner cases
  are also fixed.
* `tls-client -d` and `tls-server -d` pretty-prints `Handshake`.

## Version 2.1.5

* Removing the dependency on the async package.
* Restore a few DHE_RSA ciphers.
  [#493](https://github.com/haskell-tls/hs-tls/pull/493)

## Version 2.1.4

* Exporting defaultValidationCache.

## Version 2.1.3

* Remove `data-default` version constraint.
  [#492](https://github.com/haskell-tls/hs-tls/pull/492)
* Exporting default variables.
  [#448](https://github.com/haskell-tls/hs-tls/pull/488)

## Version 2.1.2

* Using data-default instead of data-default-class.

## Version 2.1.1

* `bye` directly calls `timeout recvHS13`, not spawning a thread for
  `timeout recvHS13`. So, `bye` can receive an exception if thrown.

## Version 2.1.0

* Breaking change: stop exporting constructors to maintain future
  compatibilities. Field names are still exported, and values can be updated
  with them using record syntax. Use `def` and `noSessionManager` as initial
  values.
* `onServerFinished` is added to `ClientHooks`.
* `clientWantSessionResumeList` is added to `ClientParams` to support
  multiple tickets for TLS 1.3.

## Version 2.0.6

* Setting `supportedCiphers` in `defaultSupported` to `ciphersuite_default`.
  So, users don't have to override this value anymore by exporting
  `Network.TLS.Extra.Cipher`.
  [#471](https://github.com/haskell-tls/hs-tls/pull/471)
* `ciphersuite_default` is the same as `ciphersuite_strong`.
  So, the duplicated definition is removed.
* Add missing modules for util/tls-client and util/tls-server.
Files:
RevisionActionfile
1.16modifypkgsrc/security/hs-tls/Makefile
1.6modifypkgsrc/security/hs-tls/PLIST
1.16modifypkgsrc/security/hs-tls/buildlink3.mk
1.9modifypkgsrc/security/hs-tls/distinfo