diff --git a/pkgs/development/haskell-modules/configuration-nix.nix b/pkgs/development/haskell-modules/configuration-nix.nix index 6400e5246aea..0b7264e175db 100644 --- a/pkgs/development/haskell-modules/configuration-nix.nix +++ b/pkgs/development/haskell-modules/configuration-nix.nix @@ -1431,4 +1431,9 @@ self: super: builtins.intersectAttrs super { "--skip=/Cabal.Paths/paths" ]; }) super.doctest; + + # tracked upstream: https://github.com/snapframework/openssl-streams/pull/11 + # certificate used only 1024 Bit RSA key and SHA-1, which is not allowed in OpenSSL 3.1+ + # security level 2 + openssl-streams = appendPatch ./patches/openssl-streams-cert.patch super.openssl-streams; } diff --git a/pkgs/development/haskell-modules/patches/openssl-streams-cert.patch b/pkgs/development/haskell-modules/patches/openssl-streams-cert.patch new file mode 100644 index 000000000000..2a668e6d14d8 --- /dev/null +++ b/pkgs/development/haskell-modules/patches/openssl-streams-cert.patch @@ -0,0 +1,137 @@ +From ae9f8db059b6093092f6bd5155d55557c0892a4e Mon Sep 17 00:00:00 2001 +From: Markus Theil +Date: Sat, 5 Oct 2024 11:44:45 +0200 +Subject: [PATCH] regenerate test certificate to work with OpenSSL security + level 2 + +Signed-off-by: Markus Theil +--- + test/cert.pem | 43 ++++++++++++++++++++++++--------- + test/key.pem | 67 +++++++++++++++++++++++++++++++++++++++------------ + 2 files changed, 83 insertions(+), 27 deletions(-) + +diff --git a/test/cert.pem b/test/cert.pem +index 13a87f5..a9dd418 100644 +--- a/test/cert.pem ++++ b/test/cert.pem +@@ -1,14 +1,33 @@ + -----BEGIN CERTIFICATE----- +-MIICOzCCAaQCCQChUcwtek3F7DANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJD +-SDEPMA0GA1UECAwGWnVyaWNoMQ8wDQYDVQQHDAZadXJpY2gxFzAVBgNVBAoMDlNu +-YXAgRnJhbWV3b3JrMRgwFgYDVQQDDA9HcmVnb3J5IENvbGxpbnMwHhcNMTAxMjEx +-MTk1MjA0WhcNMzgwNDI3MTk1MjA0WjBiMQswCQYDVQQGEwJDSDEPMA0GA1UECAwG +-WnVyaWNoMQ8wDQYDVQQHDAZadXJpY2gxFzAVBgNVBAoMDlNuYXAgRnJhbWV3b3Jr +-MRgwFgYDVQQDDA9HcmVnb3J5IENvbGxpbnMwgZ8wDQYJKoZIhvcNAQEBBQADgY0A +-MIGJAoGBAMcWrmVJ0xn3JcKf+b8Y+Bs+rRacodl/R+N7UJXTyfkByB7bzN6VR2h8 +-oRYJu7DhETs/w4o/Af9vNwsJBJVovcbV6FAAbl45TMDq2QZVtPwwTDi8R52QbRIR +-WBxge3aHeMUz1hV32iMzGPVe4jKSaO2KcbVOFphwc8VmA59GvShfAgMBAAEwDQYJ +-KoZIhvcNAQEFBQADgYEAXsRchaVlL4RP5V+r1npL7n4W3Ge2O7F+fQ2dX6tNyqeo +-tMAdc6wYahg3m+PejWASVCh0vVEjBx2WYOMRPsmk/DYLUi4UwZYPrvZtbfSbMrD+ +-mYmZhqCDM4316qAg5OwcTON3+VZXMwbXCVM+vUCvZIw4xh6ywNjvuQjCzy7oKMg= ++MIIFpTCCA42gAwIBAgIUJuFs2fMmpGUlm+CT7l6v2LdnpeEwDQYJKoZIhvcNAQEL ++BQAwYjELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBlp1cmljaDEPMA0GA1UEBwwGWnVy ++aWNoMRcwFQYDVQQKDA5TbmFwIEZyYW1ld29yazEYMBYGA1UEAwwPR3JlZ29yeSBD ++b2xsaW5zMB4XDTI0MTAwNTA5NDM1NFoXDTQ0MDkzMDA5NDM1NFowYjELMAkGA1UE ++BhMCQ0gxDzANBgNVBAgMBlp1cmljaDEPMA0GA1UEBwwGWnVyaWNoMRcwFQYDVQQK ++DA5TbmFwIEZyYW1ld29yazEYMBYGA1UEAwwPR3JlZ29yeSBDb2xsaW5zMIICIjAN ++BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA26OMdBRG9IybxVYY49z5xp4adabK ++QKMgBctSbY9+AXQ8dR0mPswQRMNG0upQyJJPTFXUBvKr2N2K00XbWIMifwhCfkBo ++9/JsOuQLNH1Dc627/amx9fuRrJJBnVUOZ9YOg9ytjaItXQ0rngv+lz8EH8IL8SB5 ++AQJr+MRRNr5JD44+/+au3oyL3eoDkb/MT3y2dyUCX7Kuk49h5iiTsPDp6DLQLxl2 ++YegJNh67qrw0gBSjhB0s0Yv7EqVeKTNEx89SkIdOSXh+S3Sf1foAU0Aq3v0a6aIh ++MLrN5Fo3TjQbhF9mlRjYZOM7HbrZsz7X6t77y9Ac4lgFWhbrCdtKFnwP3X1qHAou ++jfzwmnC7Z7h7rzoS0opjE29UcuOPaA7Jw/rbl3SpAab1UVVhOdMxvkJ+gshdJT8W ++uAoovhuyhtimM7l4vkwPqSD5y+h+zNiW5Lx1H1kAsyHeQ8zOI/wnuW4VjvhUb/Q+ ++LZWXmzEBZdGXZloj11py6B3b83atHU+R2LZQnDhnjU15JBG7WN7/anExz3Q7rRfs ++oYHa5qoV+sol53VIJDj+6nsJGfbr1WAonLxDOc8B3E7uu6fGSLeoTZj+hKCZhhsD ++1jnlGG1skpYqf+ECXgq8TGlFRjn6ae3Z7Tq/UFu0a+cbsHHBSUwKG17mtaaqbDeY ++8kWUWNDKtUSewb0CAwEAAaNTMFEwHQYDVR0OBBYEFDj0ry4aPDK4/pbxzbLdUrtN ++4EuXMB8GA1UdIwQYMBaAFDj0ry4aPDK4/pbxzbLdUrtN4EuXMA8GA1UdEwEB/wQF ++MAMBAf8wDQYJKoZIhvcNAQELBQADggIBACct1UKUYYORYcjV96HuPVQSN00iLLUj ++C2QWfF2rF6sToX46oEHfwtIpBT3kATB2G8Ltt5OBohek0eLpGIaJyMYlhiRb6ubz ++O8jcgD2d0FKEBAIEYK+UvuKakWKY3C72zNzL89KOkCqS5o8dYXhMtxPi/ncAdyUa ++jIKHhZx1gYIkaYRVgnnLk4NrpIH3WZmwGj5y/k8ha4vvbfg4pf04FAWliqmD+30E ++qyF0GtxhVN7ZffEn610i9DCsxQet5DiThlZMB9gSZK0VqvTdaKR7qmAohEe5mKBr ++/MbERm8E36B1sW3uGTJLu/irFZtoez2IYNBJaatkKjk3bv+cHKV3E/VTKMMKFtLS ++poLtaAZpuLr4Lg1RS1dCU2f6NaNYuKl30ROAf8ro++8Rnn1WMVc+8x3EhyMJzJYT +++NLnB+8PnoOj2jkc0lY+AqbwSREIivRoN1frbqHfsyZc8Mkds1FUCHLun77LMBVi ++HwmG1frnJ6X9actf1sQqXSqD0URenqTpZSu8YKAkhH3oaKm5I0IyYUeynCk1ck8G ++PyiRk2sj4II7nrzZOCJSJsgDweZdqoul3qKki4V/4+sMgmsAIHJYy/nCwl1HThQ8 ++XY15cF3dnf1bcly1ooj7bL4DrPuG1oWpzDIlIkJ+ZTsPrKK3/Vy2pUkklKowmq3w ++qHcAZ2oKVR1s + -----END CERTIFICATE----- +diff --git a/test/key.pem b/test/key.pem +index 3db6603..ef99b04 100644 +--- a/test/key.pem ++++ b/test/key.pem +@@ -1,15 +1,52 @@ +------BEGIN RSA PRIVATE KEY----- +-MIICXgIBAAKBgQDHFq5lSdMZ9yXCn/m/GPgbPq0WnKHZf0fje1CV08n5Acge28ze +-lUdofKEWCbuw4RE7P8OKPwH/bzcLCQSVaL3G1ehQAG5eOUzA6tkGVbT8MEw4vEed +-kG0SEVgcYHt2h3jFM9YVd9ojMxj1XuIykmjtinG1ThaYcHPFZgOfRr0oXwIDAQAB +-AoGBAIr+p9UpfIvFRASkYd3sFdQXpwqBYnIR7ePBBVsFWR5TAx+gP2ErAYbOdDyJ +-oRN1nu0psGBFaySlxd0bd6rETLFXMWbA0uDJcqASrlsOhsbhgPH7aExYfAi7eX8h +-FAwD//j2E1sS6WvNWu0YANKR2yrM9R0vcbt0GF7hlmyV7lhRAkEA+6DCI6nfbdvR +-jkvaxzOdC9jY/eBI9a4BbyjPLUSlTuQsGrp6s0Sj1LOQscItzqkPSutugM3f1dlG +-lqq31/fnqQJBAMqMOknRBlOZY8DBfCorvNXAjIenoqlqE1D4yTL+tE5C3zEyvTcF +-jPAaX220vf1OkL1bX4jKUxx8uXIqiYND9McCQQCWoWWWc9qMqUqJJF+TYBJjRSyg +-zeLfL4ssQAHF15Id5/l/BqLtLenlKpkz0EobrJi7ALTl5lhYa/kVuJzVbFIBAkEA +-shE17U9mUHi5yexQTILHMORmp5wo1Of8s2ME/2ANBACmV4pT7ttiXHPTEY+kt90q +-Qk7iXlABYToFjuj2nABSYQJAO6W9P18mM2p6vkiBuNReW6VN/ftYqq5TLK3hXh2Q +-0d5v0eW9ce7CiQueH5kxq44EVVTIDiVLe2pk+BQIntMC8w== +------END RSA PRIVATE KEY----- ++-----BEGIN PRIVATE KEY----- ++MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDbo4x0FEb0jJvF ++Vhjj3PnGnhp1pspAoyAFy1Jtj34BdDx1HSY+zBBEw0bS6lDIkk9MVdQG8qvY3YrT ++RdtYgyJ/CEJ+QGj38mw65As0fUNzrbv9qbH1+5GskkGdVQ5n1g6D3K2Noi1dDSue ++C/6XPwQfwgvxIHkBAmv4xFE2vkkPjj7/5q7ejIvd6gORv8xPfLZ3JQJfsq6Tj2Hm ++KJOw8OnoMtAvGXZh6Ak2HruqvDSAFKOEHSzRi/sSpV4pM0THz1KQh05JeH5LdJ/V +++gBTQCre/RrpoiEwus3kWjdONBuEX2aVGNhk4zsdutmzPtfq3vvL0BziWAVaFusJ ++20oWfA/dfWocCi6N/PCacLtnuHuvOhLSimMTb1Ry449oDsnD+tuXdKkBpvVRVWE5 ++0zG+Qn6CyF0lPxa4Cii+G7KG2KYzuXi+TA+pIPnL6H7M2JbkvHUfWQCzId5DzM4j ++/Ce5bhWO+FRv9D4tlZebMQFl0ZdmWiPXWnLoHdvzdq0dT5HYtlCcOGeNTXkkEbtY ++3v9qcTHPdDutF+yhgdrmqhX6yiXndUgkOP7qewkZ9uvVYCicvEM5zwHcTu67p8ZI ++t6hNmP6EoJmGGwPWOeUYbWySlip/4QJeCrxMaUVGOfpp7dntOr9QW7Rr5xuwccFJ ++TAobXua1pqpsN5jyRZRY0Mq1RJ7BvQIDAQABAoICAAIB114rM5p3W31nmUV3Ju2J ++Uy6+kLbGVtv+skOP42P82DLuH9lEkPnT5VvhlM3pxQw/9OFVtTt/i3h9TlvGIln8 ++rRY4HU12G3DuqxSLzYKV30kvlGcDVB7lMkYkuW46VE/LrpFZXqaXoM2qXeVWHSye ++H8ZQbef+tJZlfY7YGSpUJOAT+gaiIa1sPqPwbQalRN9HXmNvVQLtCpppcK9rWt6K ++nQDv2mIFgRS2c1rEKrWomqBHNPo67YHg3YCtDYScRiyjHpRzeQdUVZlFa4cskl0P ++J+sOgSpPwWMZbkvKaZ2hfTpBFnSA6Bt63OjzWtKfFDgrWsw4Z4odz1WRJGGauM62 ++HwroFPCXCit2KCieu23hmsy+Bzh9kdKby8Y3IIdCkTxpslc8au5Psz9uETOXCRwG ++XrANA+OjIawNb3M6Lp3//F07V5eTdWNGrkCByfe0O6/tbnQXPnpqb4u39mnRDQgM ++O69TUCZNaHFQoN7cVJl6hMM6+i3ymMbNOk46hqiqe12KeO8iN/kp/GyGKEP0+H+K ++K2xniIYvm4s+1BE4klkU3S1TQhlZInYu5DFKtGb++n2+UfUlC6bLvA7aAh0K/yOC ++zECPZV8InyTwOaom/CHfWEnBUSEvqvaw/r1DNYqsRR8QSFzlNxx7rDwcEsfy0rJt ++0Ru9jSGCYBRR/EeBHY5JAoIBAQDvqF0K5k/WUIRdybygi22pkEcXbajC0s0Z7Wm/ ++/Uh2zOw2tDv2wfN26Jk9YvPFuZzkgTZSSHBtVHLaju8LXzIDtbD7990KyWKTm/QX ++ynm/Depp7HWbKVxgWAa0Q0DNUNl/vTGHtj9MDGYx798GzGfrQvIs50jBvjnw1QcN +++vkNkkEFTOc3XYKWdPMsqfUowgVC73aiK3Bq1g514F5hj6OPuiyAbrWluS0jsOLG ++fWGbo9Aw7PmAD8oCjrkpGslLuIVjw0j9Ro0o6iK8+5rzdyai5WsSRBeBsBw5N3pg ++OzDXiBm8mfu9TDk7O7ZXM9Jw/jrV5lGks+XHMsPm1Flrtx7pAoIBAQDqnbj1uwH/ ++Z1fd4+hVygXsHju77IoSx5mgSuXhDn+tl35IbUR0rgPNNLc/TVo4FHuJuKHdH3/G ++un9tYLfo/CCMZOMM/Tlh5ZSm1d9BCniCxlmbdXka5DXJ34TTAL2ssdwBagRmaj7n ++8o1EhOdqB+DszGoLWm2NUXPZOFCaMD30vjQ6xeY+YkePCsPpffr4YeTDtgsX7URE ++sTNfyAXtK5boQg1VkowlAP+EYqggnu10sOn3Hddxq2YHTi2cCDSSuctCfqyvfVea ++LudIh5pIfwxie8w09znMxKJhUij1duRcv+L9z/O+zjSW2gPPlvqgw7gcg3cCp1RM +++WGX9V2jPE+1AoIBAGL+echp0CqnwbV4AmmSjm7PQP5ldqNbLgt6rQb4Gbmw9hW2 ++p1pLTUUd2UapHCbdf/hHg2fDsmUG0BaFmippXSB5Ka06+lxdSVHNxqsZIOcRWXX9 ++jarVD+pgEgzeBuOIdP816EK1vjmsmX4hJlAJmRdt5Nk1hDE7YXWgmTRmKgA4HJGS ++7aNKBgoeLuCRJ8p5MnEutyNPrDUFTJ3WW0YTbi2Napp2oKPe9M1cYKA65FnE9ddv ++27PRUdFyoPtgrCuSAc9uuDSesupmpIjJqXzOB/CbsXmvFMKmO1JLH0qmyIsPFgp4 ++1Kqh1LYp+SzWJCQ2b5kxdSICiXSZ/J/ZsUI0NxkCggEBAKzYSd1vSod5ATjNoOsj ++DL3pgCRwnUA8oKeAxl7JqbKf+z8skNRNJyvU/HO8bw0FugW6ajVX8XDdEOfp61PP +++8KyyLtXCyFeW+eVhQaLykC+FGH9Z50yJ5Zz/4zb7OD/n4/DJT62Y2XKQd0K9Noe ++t8x8xFtc4XzNV0XewTL2+44FWsE57uhiy0lMqwyn7W9z3293/DBCcpsQ2UJlQEh8 ++Zo7xqpUyg+D3HUfQzwBJVbM0awnNiF2L4nzbUaq0ONcn3eE9Jceb1iAXEflTPYzP ++XLZpcgZLZN/AtchxGQ/N6WuTSo2m2HHnxMKmF0ymdDpgNpF7IQBpeifDSe0DrVqH ++IkkCggEBAKdRzi+vHk2sNAM+oRt6wnSxmVi38YhqQY3jB/BUKrmG9yeU/5NrLnLV ++UHEw8X+bAIaDXcjW8nH9l8mmCpWRv6Atk69KCAYCnyHkDmMjyEbFkG+VW1mJKeQD ++J7MA8QMwg8nW3t6GdyGNupLP65EIVaOd0+W27qzHOinWq/vlrJLi7DAk7ZxDbZxa ++YsE0Dy6oko0M0cN+NhgfsOE2/E9u3u+OfM7WqJjvKs7nPBh1mlSmGXB0srbsdF5X ++zSi2PxEM87K9FjhwdLRg1Wgq1hqK5xeFpvQETd5dCwrbPDnWd4H91jycquVQ29+f ++F3fTQNKQ93zJWtUhTUSPO2BzPnZh8UE= ++-----END PRIVATE KEY----- +-- +2.46.0 +