pyrox.dev / nixpkgs
lol
fork atom

elmPackages.elm: Drop TLS patch (#442132)

Emily 1dc8745c 05d7f542

options
unified split
Changed files
-87
pkgs
development
compilers
elm
packages
ghc9_6
default.nix
tls-compatibility.patch
-6
pkgs/development/compilers/elm/packages/ghc9_6/default.nix 
···

       
27

       
27

       
 

       
              --prefix PATH ':' ${lib.makeBinPath [ nodejs ]}


     

       
28

       
28

       
 

       
          '';


     

       
29

       
29

       
 

       



     

       
30

       

       
-

       
          patches = [


     

       
31

       

       
-

       
            # Fix TLS compatibility issues with package.elm-lang.org


     

       
32

       

       
-

       
            # see: https://github.com/elm/compiler/pull/2325


     

       
33

       

       
-

       
            ./tls-compatibility.patch


     

       
34

       

       
-

       
          ];


     

       
35

       

       
-

       



     

       
36

       
30

       
 

       
          description = "Delightful language for reliable webapps";


     

       
37

       
31

       
 

       
          homepage = "https://elm-lang.org/";


     

       
38

       
32

       
 

       
          license = lib.licenses.bsd3;
-81
pkgs/development/compilers/elm/packages/ghc9_6/tls-compatibility.patch 
···

       
1

       

       
-

       
From c8ca5e14650a77446a6577eb356ddd09c3928bac Mon Sep 17 00:00:00 2001


     

       
2

       

       
-

       
From: Ben Millwood <thebenmachine+git@gmail.com>


     

       
3

       

       
-

       
Date: Tue, 17 Jun 2025 16:39:07 +0100


     

       
4

       

       
-

       
Subject: [PATCH] Fix TLS connection to package.elm-lang.org


     

       
5

       

       
-

       



     

       
6

       

       
-

       
It seems like the server hosting https://package.elm-lang.org has an old


     

       
7

       

       
-

       
enough SSL library that it doesn't support EMS. Reconfigure the https


     

       
8

       

       
-

       
client so that it will still connect in this case.


     

       
9

       

       
-

       
---


     

       
10

       

       
-

       
 builder/src/Http.hs | 21 +++++++++++++++++++--


     

       
11

       

       
-

       
 elm.cabal           |  3 +++


     

       
12

       

       
-

       
 2 files changed, 22 insertions(+), 2 deletions(-)


     

       
13

       

       
-

       



     

       
14

       

       
-

       
diff --git a/builder/src/Http.hs b/builder/src/Http.hs


     

       
15

       

       
-

       
index 6105263fa..fd8b87bba 100644


     

       
16

       

       
-

       
--- a/builder/src/Http.hs


     

       
17

       

       
-

       
+++ b/builder/src/Http.hs


     

       
18

       

       
-

       
@@ -29,15 +29,19 @@ import qualified Data.Binary as Binary


     

       
19

       

       
-

       
 import qualified Data.Binary.Get as Binary


     

       
20

       

       
-

       
 import qualified Data.ByteString.Builder as B


     

       
21

       

       
-

       
 import qualified Data.ByteString.Char8 as BS


     

       
22

       

       
-

       
+import Data.Default (def)


     

       
23

       

       
-

       
 import qualified Data.Digest.Pure.SHA as SHA


     

       
24

       

       
-

       
 import qualified Data.String as String


     

       
25

       

       
-

       
+import qualified Network.Connection as NC


     

       
26

       

       
-

       
 import Network.HTTP (urlEncodeVars)


     

       
27

       

       
-

       
 import Network.HTTP.Client


     

       
28

       

       
-

       
-import Network.HTTP.Client.TLS (tlsManagerSettings)


     

       
29

       

       
-

       
+import Network.HTTP.Client.TLS (mkManagerSettings)


     

       
30

       

       
-

       
 import Network.HTTP.Types.Header (Header, hAccept, hAcceptEncoding, hUserAgent)


     

       
31

       

       
-

       
 import Network.HTTP.Types.Method (Method, methodGet, methodPost)


     

       
32

       

       
-

       
 import qualified Network.HTTP.Client as Multi (RequestBody(RequestBodyLBS))


     

       
33

       

       
-

       
 import qualified Network.HTTP.Client.MultipartFormData as Multi


     

       
34

       

       
-

       
+import qualified Network.TLS as TLS


     

       
35

       

       
-

       
+import Network.TLS.Extra.Cipher (ciphersuite_default)


     

       
36

       

       
-

       
 


     

       
37

       

       
-

       
 import qualified Json.Encode as Encode


     

       
38

       

       
-

       
 import qualified Elm.Version as V


     

       
39

       

       
-

       
@@ -49,7 +53,20 @@ import qualified Elm.Version as V


     

       
40

       

       
-

       
 


     

       
41

       

       
-

       
 getManager :: IO Manager


     

       
42

       

       
-

       
 getManager =


     

       
43

       

       
-

       
-  newManager tlsManagerSettings


     

       
44

       

       
-

       
+  newManager (mkManagerSettings dontRequireEMS Nothing)


     

       
45

       

       
-

       
+  where


     

       
46

       

       
-

       
+    -- See https://github.com/NixOS/nixpkgs/pull/414495


     

       
47

       

       
-

       
+    dontRequireEMS =


     

       
48

       

       
-

       
+      NC.TLSSettingsSimple


     

       
49

       

       
-

       
+        { NC.settingDisableCertificateValidation = False


     

       
50

       

       
-

       
+        , NC.settingDisableSession = False


     

       
51

       

       
-

       
+        , NC.settingUseServerName = False


     

       
52

       

       
-

       
+        , NC.settingClientSupported =


     

       
53

       

       
-

       
+            def


     

       
54

       

       
-

       
+              { TLS.supportedCiphers = ciphersuite_default


     

       
55

       

       
-

       
+              , TLS.supportedExtendedMainSecret = TLS.AllowEMS


     

       
56

       

       
-

       
+              }


     

       
57

       

       
-

       
+        }


     

       
58

       

       
-

       
 


     

       
59

       

       
-

       
 


     

       
60

       

       
-

       
 


     

       
61

       

       
-

       
diff --git a/elm.cabal b/elm.cabal


     

       
62

       

       
-

       
index 144fada90..0bd1eb5dc 100644


     

       
63

       

       
-

       
--- a/elm.cabal


     

       
64

       

       
-

       
+++ b/elm.cabal


     

       
65

       

       
-

       
@@ -206,6 +206,8 @@ Executable elm


     

       
66

       

       
-

       
         binary,


     

       
67

       

       
-

       
         bytestring,


     

       
68

       

       
-

       
         containers,


     

       
69

       

       
-

       
+        crypton-connection,


     

       
70

       

       
-

       
+        data-default,


     

       
71

       

       
-

       
         directory,


     

       
72

       

       
-

       
         edit-distance,


     

       
73

       

       
-

       
         file-embed,


     

       
74

       

       
-

       
@@ -229,6 +231,7 @@ Executable elm


     

       
75

       

       
-

       
         snap-server,


     

       
76

       

       
-

       
         template-haskell,


     

       
77

       

       
-

       
         time,


     

       
78

       

       
-

       
+        tls,


     

       
79

       

       
-

       
         unordered-containers,


     

       
80

       

       
-

       
         utf8-string,


     

       
81

       

       
-

       
         vector,