get android building the security fix

Had to update http-client and network, with follow-on dep changes.

This commit was sponsored by Brock Spratlen on Patreon.

Utility/Url.hs

@@ -49,7 +49,7 @@ import qualified Data.ByteString.Lazy as L
 import qualified Data.Set as S
 import Control.Monad.Trans.Resource
 import Network.HTTP.Conduit
-import Network.HTTP.Client (brRead, withResponse)
+import Network.HTTP.Client
 import Data.Conduit
 
 #if ! MIN_VERSION_http_client(0,5,0)

standalone/android/cabal.config

@@ -1,4 +1,11 @@
 constraints: unix installed,
+             blaze-html ==0.8.1.3,
+	     blaze-markup ==0.7.0.3,
+	     basement ==0.0.7,
+	     memory ==0.14.9,
+	     connection ==0.2.8,
+             aws ==0.13.0,
+	     lifted-base ==0.2.3.6,
              Crypto ==4.2.5.1,
              binary ==0.7.6.1,
              DAV ==1.0.3,
@@ -13,9 +20,9 @@ constraints: unix installed,
              aeson ==0.7.0.6,
              ansi-wl-pprint ==0.6.7.1,
              appar ==0.1.4,
-             asn1-encoding ==0.8.1.3,
+             asn1-encoding ==0.9.5,
-             asn1-parse ==0.8.1,
+             asn1-parse ==0.9.4,
-             asn1-types ==0.2.3,
+             asn1-types ==0.3.2,
              async ==2.0.1.5,
              attoparsec ==0.11.3.4,
              attoparsec-conduit ==1.1.0,
@@ -36,7 +43,6 @@ constraints: unix installed,
              comonad ==4.2,
              conduit ==1.1.6,
              conduit-extra ==1.1.3,
-             connection ==0.2.3,
              contravariant ==0.6.1.1,
              cookie ==0.4.1.2,
              cprng-aes ==0.5.2,
@@ -44,7 +50,7 @@ constraints: unix installed,
              crypto-cipher-types ==0.0.9,
              crypto-numbers ==0.2.3,
              crypto-pubkey ==0.2.4,
-             crypto-pubkey-types ==0.4.2.2,
+             crypto-pubkey-types ==0.4.2.3,
              crypto-random ==0.0.7,
              cryptohash ==0.11.6,
              cryptohash-conduit ==0.1.1,
@@ -80,19 +86,19 @@ constraints: unix installed,
              hashable ==1.2.1.0,
              hinotify ==0.3.5,
              hjsmin ==0.1.4.7,
-             hslogger ==1.2.1,
+             hslogger ==1.2.10,
-             http-client ==0.4.11.1,
+             http-client ==0.4.31.1,
-             http-client-tls ==0.2.2,
+             http-client-tls ==0.2.4.1,
-             http-conduit ==2.1.5,
+             http-conduit ==2.1.9,
-             http-date ==0.0.2,
+             http-date ==0.0.6.1,
-             http-types ==0.8.5,
+             http-types ==0.9.1,
              blaze-builder ==0.3.3.2,
              hxt ==9.3.1.4,
              hxt-charproperties ==9.1.1.1,
              hxt-regex-xmlschema ==9.0.4,
              hxt-unicode ==9.0.2.2,
              idna ==0.2,
-             iproute ==1.2.11,
+             iproute ==1.3.1,
              json ==0.5,
              keys ==3.10.1,
              language-javascript ==0.5.13,
@@ -107,7 +113,7 @@ constraints: unix installed,
              monads-tf ==0.1.0.2,
              mtl ==2.1.2,
              nats ==0.1.2,
-             network ==2.4.1.2,
+             network ==2.6.3.1
              network-conduit ==1.1.0,
              network-info ==0.2.0.5,
              network-multicast ==0.0.10,
@@ -141,7 +147,7 @@ constraints: unix installed,
              silently ==1.2.4.1,
              simple-sendfile ==0.2.14,
              skein ==1.0.9,
-             socks ==0.5.4,
+             socks ==0.5.5,
              split ==0.2.2,
              stm ==2.4.2,
              stm-chans ==3.0.0.2,
@@ -157,7 +163,7 @@ constraints: unix installed,
              text ==1.1.1.0,
              text-icu ==0.6.3.7,
              tf-random ==0.5,
-             tls ==1.2.9,
+             tls ==1.3.8,
              transformers ==0.3.0.0,
              transformers-base ==0.4.1,
              transformers-compat ==0.3.3.3,
@@ -174,13 +180,13 @@ constraints: unix installed,
              wai-app-static ==3.0.0.1,
              wai-extra ==3.0.1.2,
              wai-logger ==2.1.1,
-             warp ==3.0.0.5,
+             warp ==3.0.8,
-             warp-tls ==3.0.0,
+             warp-tls ==3.0.4.2,
              word8 ==0.1.1,
-             x509 ==1.4.11,
+             x509 ==1.6.5,
-             x509-store ==1.4.4,
+             x509-store ==1.6.3,
-             x509-system ==1.4.5,
+             x509-system ==1.6.6,
-             x509-validation ==1.5.0,
+             x509-validation ==1.6.8,
              xml ==1.3.13,
              xml-conduit ==1.2.1,
              xml-hamlet ==0.4.0.9,
@@ -197,6 +203,7 @@ constraints: unix installed,
              yesod-static ==1.2.4,
              zlib ==0.5.4.1,
              bytestring installed,
+             process ==1.2.3.0,
              scientific ==0.3.3.1,
-             clock ==0.4.6.0
+             clock ==0.4.6.0,
-             cryptonite ==cryptonite-0.16
+             cryptonite ==0.15

standalone/android/haskell-patches/network_2.4.1.0_0002-remove-Network.BSD-symbols-not-available-in-bionic.patch

@@ -1,157 +0,0 @@
-From 7861b133bb269b50fcf709291449cb0473818902 Mon Sep 17 00:00:00 2001
-From: Joey Hess <joey@kitenet.net>
-Date: Sun, 29 Dec 2013 21:29:23 +0000
-Subject: [PATCH] remove Network.BSD symbols not available in bionic
-
----
- Network/BSD.hsc |   98 -------------------------------------------------------
- 1 file changed, 98 deletions(-)
-
-diff --git a/Network/BSD.hsc b/Network/BSD.hsc
-index d6dae85..27910f4 100644
---- a/Network/BSD.hsc
-+++ b/Network/BSD.hsc
-@@ -30,15 +30,6 @@ module Network.BSD
-     , getHostByAddr
-     , hostAddress
- 
--#if defined(HAVE_GETHOSTENT) && !defined(cygwin32_HOST_OS) && !defined(mingw32_HOST_OS) && !defined(_WIN32)
--    , getHostEntries
--
--    -- ** Low level functionality
--    , setHostEntry
--    , getHostEntry
--    , endHostEntry
--#endif
--
-     -- * Service names
-     , ServiceEntry(..)
-     , ServiceName
-@@ -64,14 +55,6 @@ module Network.BSD
-     , getProtocolNumber
-     , defaultProtocol
- 
--#if !defined(cygwin32_HOST_OS) && !defined(mingw32_HOST_OS) && !defined(_WIN32)
--    , getProtocolEntries
--    -- ** Low level functionality
--    , setProtocolEntry
--    , getProtocolEntry
--    , endProtocolEntry
--#endif
--
-     -- * Port numbers
-     , PortNumber
- 
-@@ -83,11 +66,7 @@ module Network.BSD
- #if !defined(cygwin32_HOST_OS) && !defined(mingw32_HOST_OS) && !defined(_WIN32)
-     , getNetworkByName
-     , getNetworkByAddr
--    , getNetworkEntries
-     -- ** Low level functionality
--    , setNetworkEntry
--    , getNetworkEntry
--    , endNetworkEntry
- #endif
-     ) where
- 
-@@ -303,31 +282,6 @@ getProtocolNumber proto = do
-  (ProtocolEntry _ _ num) <- getProtocolByName proto
-  return num
- 
--#if !defined(cygwin32_HOST_OS) && !defined(mingw32_HOST_OS) && !defined(_WIN32)
--getProtocolEntry :: IO ProtocolEntry    -- Next Protocol Entry from DB
--getProtocolEntry = withLock $ do
-- ent <- throwNoSuchThingIfNull "getProtocolEntry" "no such protocol entry"
--                $ trySysCall c_getprotoent
-- peek ent
--
--foreign import ccall unsafe  "getprotoent" c_getprotoent :: IO (Ptr ProtocolEntry)
--
--setProtocolEntry :: Bool -> IO ()       -- Keep DB Open ?
--setProtocolEntry flg = withLock $ trySysCall $ c_setprotoent (fromBool flg)
--
--foreign import ccall unsafe "setprotoent" c_setprotoent :: CInt -> IO ()
--
--endProtocolEntry :: IO ()
--endProtocolEntry = withLock $ trySysCall $ c_endprotoent
--
--foreign import ccall unsafe "endprotoent" c_endprotoent :: IO ()
--
--getProtocolEntries :: Bool -> IO [ProtocolEntry]
--getProtocolEntries stayOpen = withLock $ do
--  setProtocolEntry stayOpen
--  getEntries (getProtocolEntry) (endProtocolEntry)
--#endif
--
- -- ---------------------------------------------------------------------------
- -- Host lookups
- 
-@@ -402,31 +356,6 @@ getHostByAddr family addr = do
- foreign import CALLCONV safe "gethostbyaddr"
-    c_gethostbyaddr :: Ptr HostAddress -> CInt -> CInt -> IO (Ptr HostEntry)
- 
--#if defined(HAVE_GETHOSTENT) && !defined(cygwin32_HOST_OS) && !defined(mingw32_HOST_OS) && !defined(_WIN32)
--getHostEntry :: IO HostEntry
--getHostEntry = withLock $ do
-- throwNoSuchThingIfNull         "getHostEntry" "unable to retrieve host entry"
--   $ trySysCall $ c_gethostent
-- >>= peek
--
--foreign import ccall unsafe "gethostent" c_gethostent :: IO (Ptr HostEntry)
--
--setHostEntry :: Bool -> IO ()
--setHostEntry flg = withLock $ trySysCall $ c_sethostent (fromBool flg)
--
--foreign import ccall unsafe "sethostent" c_sethostent :: CInt -> IO ()
--
--endHostEntry :: IO ()
--endHostEntry = withLock $ c_endhostent
--
--foreign import ccall unsafe "endhostent" c_endhostent :: IO ()
--
--getHostEntries :: Bool -> IO [HostEntry]
--getHostEntries stayOpen = do
--  setHostEntry stayOpen
--  getEntries (getHostEntry) (endHostEntry)
--#endif
--
- -- ---------------------------------------------------------------------------
- -- Accessing network information
- 
-@@ -488,33 +417,6 @@ getNetworkByAddr addr family = withLock $ do
- foreign import ccall unsafe "getnetbyaddr"
-    c_getnetbyaddr  :: NetworkAddr -> CInt -> IO (Ptr NetworkEntry)
- 
--getNetworkEntry :: IO NetworkEntry
--getNetworkEntry = withLock $ do
-- throwNoSuchThingIfNull "getNetworkEntry" "no more network entries"
--          $ trySysCall $ c_getnetent
-- >>= peek
--
--foreign import ccall unsafe "getnetent" c_getnetent :: IO (Ptr NetworkEntry)
--
---- | Open the network name database. The parameter specifies
---- whether a connection is maintained open between various
---- networkEntry calls
--setNetworkEntry :: Bool -> IO ()
--setNetworkEntry flg = withLock $ trySysCall $ c_setnetent (fromBool flg)
--
--foreign import ccall unsafe "setnetent" c_setnetent :: CInt -> IO ()
--
---- | Close the connection to the network name database.
--endNetworkEntry :: IO ()
--endNetworkEntry = withLock $ trySysCall $ c_endnetent
--
--foreign import ccall unsafe "endnetent" c_endnetent :: IO ()
--
---- | Get the list of network entries.
--getNetworkEntries :: Bool -> IO [NetworkEntry]
--getNetworkEntries stayOpen = do
--  setNetworkEntry stayOpen
--  getEntries (getNetworkEntry) (endNetworkEntry)
- #endif
- 
- -- Mutex for name service lockdown
--- 
-1.7.10.4
-

standalone/android/haskell-patches/network_2.4.1.0_0003-configure-misdetects-accept4.patch

@@ -1,34 +0,0 @@
-From 478fc7ae42030c1345e75727e54e1f8f895d3e22 Mon Sep 17 00:00:00 2001
-From: dummy <dummy@example.com>
-Date: Wed, 15 Oct 2014 15:16:21 +0000
-Subject: [PATCH] avoid accept4
-
----
- Network/Socket.hsc | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Network/Socket.hsc b/Network/Socket.hsc
-index 2fe62ee..94db7a4 100644
---- a/Network/Socket.hsc
-+++ b/Network/Socket.hsc
-@@ -511,7 +511,7 @@ accept sock@(MkSocket s family stype protocol status) = do
- #else
-      with (fromIntegral sz) $ \ ptr_len -> do
-      new_sock <-
--# ifdef HAVE_ACCEPT4
-+#if 0
-                  throwSocketErrorIfMinus1RetryMayBlock "accept"
-                         (threadWaitRead (fromIntegral s))
-                         (c_accept4 s sockaddr ptr_len (#const SOCK_NONBLOCK))
-@@ -1602,7 +1602,7 @@ foreign import CALLCONV SAFE_ON_WIN "connect"
-   c_connect :: CInt -> Ptr SockAddr -> CInt{-CSockLen???-} -> IO CInt
- foreign import CALLCONV unsafe "accept"
-   c_accept :: CInt -> Ptr SockAddr -> Ptr CInt{-CSockLen???-} -> IO CInt
--#ifdef HAVE_ACCEPT4
-+#if 0
- foreign import CALLCONV unsafe "accept4"
-   c_accept4 :: CInt -> Ptr SockAddr -> Ptr CInt{-CSockLen???-} -> CInt -> IO CInt
- #endif
--- 
-2.1.1
-

standalone/android/haskell-patches/network_2.4.1.0_0004-getprotobyname-hack-for-tcp-and-udp.patch

@@ -1,28 +0,0 @@
-From b1a581007759e2d9e53ef776e4f10d1de87b8377 Mon Sep 17 00:00:00 2001
-From: Joey Hess <joey@kitenet.net>
-Date: Tue, 7 May 2013 14:51:09 -0400
-Subject: [PATCH] getprotobyname hack for tcp and udp
-
-Otherwise, core network stuff fails to get the numbers for these protocols.
----
- Network/BSD.hsc | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/Network/BSD.hsc b/Network/BSD.hsc
-index f0c9f5b..a289143 100644
---- a/Network/BSD.hsc
-+++ b/Network/BSD.hsc
-@@ -259,6 +259,10 @@ instance Storable ProtocolEntry where
-    poke _p = error "Storable.poke(BSD.ProtocolEntry) not implemented"
- 
- getProtocolByName :: ProtocolName -> IO ProtocolEntry
-+getProtocolByName "tcp" = return $
-+	ProtocolEntry {protoName = "tcp", protoAliases = ["TCP"], protoNumber = 6}
-+getProtocolByName "udp" = return $
-+	ProtocolEntry {protoName = "udp", protoAliases = ["UDP"], protoNumber = 17}
- getProtocolByName name = withLock $ do
-  withCString name $ \ name_cstr -> do
-  throwNoSuchThingIfNull "getProtocolByName" ("no such protocol name: " ++ name)
--- 
-1.8.2.rc3
-

standalone/android/haskell-patches/network_2.4.1.0_0005-no-NODELAY-on-android.patch

@@ -1,25 +0,0 @@
-From bfecbc7bd09cbbebdef12aa525dc17109326db3f Mon Sep 17 00:00:00 2001
-From: Joey Hess <joey@kitenet.net>
-Date: Sun, 29 Dec 2013 21:31:07 +0000
-Subject: [PATCH] no NODELAY on android
-
----
- Network/Socket.hsc |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Network/Socket.hsc b/Network/Socket.hsc
-index 6c21209..c360889 100644
---- a/Network/Socket.hsc
-+++ b/Network/Socket.hsc
-@@ -923,7 +923,7 @@ packSocketOption so =
-     Just MaxSegment    -> Just ((#const IPPROTO_TCP), (#const TCP_MAXSEG))
- #endif
- #ifdef TCP_NODELAY
--    Just NoDelay       -> Just ((#const IPPROTO_TCP), (#const TCP_NODELAY))
-+    Just NoDelay       -> Nothing -- Just ((#const IPPROTO_TCP), (#const TCP_NODELAY))
- #endif
- #ifdef TCP_CORK
-     Just Cork          -> Just ((#const IPPROTO_TCP), (#const TCP_CORK))
--- 
-1.7.10.4
-

standalone/android/haskell-patches/network_2.5.0.0_0001-android-port-fixes.patch

@@ -1,161 +0,0 @@
-From b3cb294077b627892721a2ebf9e0ce81f35f8c4c Mon Sep 17 00:00:00 2001
-From: dummy <dummy@example.com>
-Date: Sun, 25 May 2014 09:28:45 +0200
-Subject: [PATCH] android port fixes
-
-Build note: Ensure a hsc2hs in PATH is modified to pass -x to the real
-one, to enable cross-compiling.
----
- Network/Socket.hsc            | 22 ++++++----------------
- Network/Socket/ByteString.hsc |  2 +-
- Network/Socket/Internal.hsc   |  2 +-
- Network/Socket/Types.hsc      |  4 ++--
- cbits/HsNet.c                 | 14 ++++++++++++++
- configure                     |  1 +
- 6 files changed, 25 insertions(+), 20 deletions(-)
-
-diff --git a/Network/Socket.hsc b/Network/Socket.hsc
-index 607b270..04a83e8 100644
---- a/Network/Socket.hsc
-+++ b/Network/Socket.hsc
-@@ -35,7 +35,7 @@ module Network.Socket
-     , SockAddr(..)
-     , SocketStatus(..)
-     , HostAddress
--#if defined(IPV6_SOCKET_SUPPORT)
-+#if defined(IPV6_SOCKET_SUPPORTNO)
-     , HostAddress6
-     , FlowInfo
-     , ScopeID
-@@ -52,7 +52,7 @@ module Network.Socket
-     , HostName
-     , ServiceName
- 
--#if defined(IPV6_SOCKET_SUPPORT)
-+#if defined(IPV6_SOCKET_SUPPORT) || 1
-     , AddrInfo(..)
- 
-     , AddrInfoFlag(..)
-@@ -134,7 +134,7 @@ module Network.Socket
-     -- * Special constants
-     , aNY_PORT
-     , iNADDR_ANY
--#if defined(IPV6_SOCKET_SUPPORT)
-+#if defined(IPV6_SOCKET_SUPPORTNO)
-     , iN6ADDR_ANY
- #endif
-     , sOMAXCONN
-@@ -326,16 +326,6 @@ socket family stype protocol = do
-     setNonBlockIfNeeded fd
-     socket_status <- newMVar NotConnected
-     let sock = MkSocket fd family stype protocol socket_status
--#if HAVE_DECL_IPV6_V6ONLY
--# if defined(mingw32_HOST_OS)
--    -- the IPv6Only option is only supported on Windows Vista and later,
--    -- so trying to change it might throw an error
--    when (family == AF_INET6) $
--            E.catch (setSocketOption sock IPv6Only 0) $ (\(_ :: E.IOException) -> return ())
--# else
--    when (family == AF_INET6) $ setSocketOption sock IPv6Only 0
--# endif
--#endif
-     return sock
- 
- -- | Build a pair of connected socket objects using the given address
-@@ -1061,9 +1051,9 @@ aNY_PORT = 0
- iNADDR_ANY :: HostAddress
- iNADDR_ANY = htonl (#const INADDR_ANY)
- 
--foreign import CALLCONV unsafe "htonl" htonl :: Word32 -> Word32
-+foreign import CALLCONV unsafe "my_htonl" htonl :: Word32 -> Word32
- 
--#if defined(IPV6_SOCKET_SUPPORT)
-+#if defined(IPV6_SOCKET_SUPPORTNO)
- -- | The IPv6 wild card address.
- 
- iN6ADDR_ANY :: HostAddress6
-@@ -1241,7 +1231,7 @@ unpackBits ((k,v):xs) r
- -----------------------------------------------------------------------------
- -- Address and service lookups
- 
--#if defined(IPV6_SOCKET_SUPPORT)
-+#if defined(IPV6_SOCKET_SUPPORT) || 1
- 
- -- | Flags that control the querying behaviour of 'getAddrInfo'.
- data AddrInfoFlag
-diff --git a/Network/Socket/ByteString.hsc b/Network/Socket/ByteString.hsc
-index e21ad1b..c2dd70a 100644
---- a/Network/Socket/ByteString.hsc
-+++ b/Network/Socket/ByteString.hsc
-@@ -197,7 +197,7 @@ sendMany sock@(MkSocket fd _ _ _ _) cs = do
-       liftM fromIntegral . withIOVec cs $ \(iovsPtr, iovsLen) ->
-           throwSocketErrorWaitWrite sock "writev" $
-               c_writev (fromIntegral fd) iovsPtr
--              (fromIntegral (min iovsLen (#const IOV_MAX)))
-+              (fromIntegral (min iovsLen (0x0026)))
- #else
- sendMany sock = sendAll sock . B.concat
- #endif
-diff --git a/Network/Socket/Internal.hsc b/Network/Socket/Internal.hsc
-index 83333f7..0dd6a7d 100644
---- a/Network/Socket/Internal.hsc
-+++ b/Network/Socket/Internal.hsc
-@@ -24,7 +24,7 @@ module Network.Socket.Internal
-     (
-     -- * Socket addresses
-       HostAddress
--#if defined(IPV6_SOCKET_SUPPORT)
-+#if defined(IPV6_SOCKET_SUPPORTNO)
-     , HostAddress6
-     , FlowInfo
-     , ScopeID
-diff --git a/Network/Socket/Types.hsc b/Network/Socket/Types.hsc
-index 48a43bb..1c5994f 100644
---- a/Network/Socket/Types.hsc
-+++ b/Network/Socket/Types.hsc
-@@ -711,8 +711,8 @@ intToPortNumber v = PortNum (htons (fromIntegral v))
- portNumberToInt :: PortNumber -> Int
- portNumberToInt (PortNum po) = fromIntegral (ntohs po)
- 
--foreign import CALLCONV unsafe "ntohs" ntohs :: Word16 -> Word16
--foreign import CALLCONV unsafe "htons" htons :: Word16 -> Word16
-+foreign import CALLCONV unsafe "my_ntohs" ntohs :: Word16 -> Word16
-+foreign import CALLCONV unsafe "my_htons" htons :: Word16 -> Word16
- --foreign import CALLCONV unsafe "ntohl" ntohl :: Word32 -> Word32
- 
- instance Enum PortNumber where
-diff --git a/cbits/HsNet.c b/cbits/HsNet.c
-index 86b55dc..5ea1199 100644
---- a/cbits/HsNet.c
-+++ b/cbits/HsNet.c
-@@ -6,3 +6,17 @@
- 
- #define INLINE
- #include "HsNet.h"
-+
-+#include <sys/endian.h>
-+uint16_t my_htons(uint16_t v)
-+{
-+	htons(v);
-+}
-+uint32_t my_htonl(uint32_t v)
-+{
-+	htonl(v);
-+}
-+uint16_t my_ntohs(uint16_t v)
-+{
-+	ntohs(v);
-+}
-diff --git a/configure b/configure
-index db8240d..41674d9 100755
---- a/configure
-+++ b/configure
-@@ -1,4 +1,5 @@
- #! /bin/sh
-+set -- --host=arm-linux-androideabi
- # Guess values for system-dependent variables and create Makefiles.
- # Generated by GNU Autoconf 2.69 for Haskell network package 2.3.0.14.
- #
--- 
-2.0.0.rc2
-

standalone/android/haskell-patches/network_android-port-fixes.patch

@@ -0,0 +1,341 @@
+From 834a0d3bfe56b969a65eff834604442cde8798f7 Mon Sep 17 00:00:00 2001
+From: dummy <dummy@example.com>
+Date: Wed, 20 Jun 2018 05:06:41 +0100
+Subject: [PATCH] android port fixes
+
+Build note: Ensure a hsc2hs in PATH is modified to pass -x to the real
+one, to enable cross-compiling.
+---
+ Network/BSD.hsc               | 84 -------------------------------------------
+ Network/Socket.hsc            | 16 ++++-----
+ Network/Socket/ByteString.hsc |  2 +-
+ Network/Socket/Internal.hsc   |  2 +-
+ Network/Socket/Types.hsc      | 14 +++-----
+ cbits/HsNet.c                 | 18 ++++++++++
+ configure                     |  1 +
+ include/HsNetworkConfig.h     |  4 +--
+ 8 files changed, 36 insertions(+), 105 deletions(-)
+
+diff --git a/Network/BSD.hsc b/Network/BSD.hsc
+index 67f2fcd..4c86af5 100644
+--- a/Network/BSD.hsc
++++ b/Network/BSD.hsc
+@@ -28,12 +28,8 @@ module Network.BSD
+     , hostAddress
+ 
+ #if defined(HAVE_GETHOSTENT) && !defined(mingw32_HOST_OS)
+-    , getHostEntries
+-
+     -- ** Low level functionality
+-    , setHostEntry
+     , getHostEntry
+-    , endHostEntry
+ #endif
+ 
+     -- * Service names
+@@ -61,14 +57,6 @@ module Network.BSD
+     , getProtocolNumber
+     , defaultProtocol
+ 
+-#if !defined(mingw32_HOST_OS)
+-    , getProtocolEntries
+-    -- ** Low level functionality
+-    , setProtocolEntry
+-    , getProtocolEntry
+-    , endProtocolEntry
+-#endif
+-
+     -- * Port numbers
+     , PortNumber
+ 
+@@ -80,11 +68,6 @@ module Network.BSD
+ #if !defined(mingw32_HOST_OS)
+     , getNetworkByName
+     , getNetworkByAddr
+-    , getNetworkEntries
+-    -- ** Low level functionality
+-    , setNetworkEntry
+-    , getNetworkEntry
+-    , endNetworkEntry
+ #endif
+ 
+ #if defined(HAVE_IF_NAMETOINDEX)
+@@ -298,30 +281,6 @@ getProtocolNumber proto = do
+  (ProtocolEntry _ _ num) <- getProtocolByName proto
+  return num
+ 
+-#if !defined(mingw32_HOST_OS)
+-getProtocolEntry :: IO ProtocolEntry    -- Next Protocol Entry from DB
+-getProtocolEntry = withLock $ do
+- ent <- throwNoSuchThingIfNull "getProtocolEntry" "no such protocol entry"
+-                $ c_getprotoent
+- peek ent
+-
+-foreign import ccall unsafe  "getprotoent" c_getprotoent :: IO (Ptr ProtocolEntry)
+-
+-setProtocolEntry :: Bool -> IO ()       -- Keep DB Open ?
+-setProtocolEntry flg = withLock $ c_setprotoent (fromBool flg)
+-
+-foreign import ccall unsafe "setprotoent" c_setprotoent :: CInt -> IO ()
+-
+-endProtocolEntry :: IO ()
+-endProtocolEntry = withLock $ c_endprotoent
+-
+-foreign import ccall unsafe "endprotoent" c_endprotoent :: IO ()
+-
+-getProtocolEntries :: Bool -> IO [ProtocolEntry]
+-getProtocolEntries stayOpen = withLock $ do
+-  setProtocolEntry stayOpen
+-  getEntries (getProtocolEntry) (endProtocolEntry)
+-#endif
+ 
+ -- ---------------------------------------------------------------------------
+ -- Host lookups
+@@ -405,21 +364,6 @@ getHostEntry = withLock $ do
+  >>= peek
+ 
+ foreign import ccall unsafe "gethostent" c_gethostent :: IO (Ptr HostEntry)
+-
+-setHostEntry :: Bool -> IO ()
+-setHostEntry flg = withLock $ c_sethostent (fromBool flg)
+-
+-foreign import ccall unsafe "sethostent" c_sethostent :: CInt -> IO ()
+-
+-endHostEntry :: IO ()
+-endHostEntry = withLock $ c_endhostent
+-
+-foreign import ccall unsafe "endhostent" c_endhostent :: IO ()
+-
+-getHostEntries :: Bool -> IO [HostEntry]
+-getHostEntries stayOpen = do
+-  setHostEntry stayOpen
+-  getEntries (getHostEntry) (endHostEntry)
+ #endif
+ 
+ -- ---------------------------------------------------------------------------
+@@ -482,34 +426,6 @@ getNetworkByAddr addr family = withLock $ do
+ 
+ foreign import ccall unsafe "getnetbyaddr"
+    c_getnetbyaddr  :: NetworkAddr -> CInt -> IO (Ptr NetworkEntry)
+-
+-getNetworkEntry :: IO NetworkEntry
+-getNetworkEntry = withLock $ do
+- throwNoSuchThingIfNull "getNetworkEntry" "no more network entries"
+-          $ c_getnetent
+- >>= peek
+-
+-foreign import ccall unsafe "getnetent" c_getnetent :: IO (Ptr NetworkEntry)
+-
+--- | Open the network name database. The parameter specifies
+--- whether a connection is maintained open between various
+--- networkEntry calls
+-setNetworkEntry :: Bool -> IO ()
+-setNetworkEntry flg = withLock $ c_setnetent (fromBool flg)
+-
+-foreign import ccall unsafe "setnetent" c_setnetent :: CInt -> IO ()
+-
+--- | Close the connection to the network name database.
+-endNetworkEntry :: IO ()
+-endNetworkEntry = withLock $ c_endnetent
+-
+-foreign import ccall unsafe "endnetent" c_endnetent :: IO ()
+-
+--- | Get the list of network entries.
+-getNetworkEntries :: Bool -> IO [NetworkEntry]
+-getNetworkEntries stayOpen = do
+-  setNetworkEntry stayOpen
+-  getEntries (getNetworkEntry) (endNetworkEntry)
+ #endif
+ 
+ -- ---------------------------------------------------------------------------
+diff --git a/Network/Socket.hsc b/Network/Socket.hsc
+index 8b2e6fe..b02b80d 100644
+--- a/Network/Socket.hsc
++++ b/Network/Socket.hsc
+@@ -59,7 +59,7 @@ module Network.Socket
+     , HostName
+     , ServiceName
+ 
+-#if defined(IPV6_SOCKET_SUPPORT)
++#if defined(IPV6_SOCKET_SUPPORT) || 1
+     , AddrInfo(..)
+ 
+     , AddrInfoFlag(..)
+@@ -143,7 +143,7 @@ module Network.Socket
+     -- * Special constants
+     , aNY_PORT
+     , iNADDR_ANY
+-#if defined(IPV6_SOCKET_SUPPORT)
++#if defined(IPV6_SOCKET_SUPPORTNO)
+     , iN6ADDR_ANY
+ #endif
+     , sOMAXCONN
+@@ -521,7 +521,7 @@ accept sock@(MkSocket s family stype protocol status) = do
+                 return new_sock
+ #else
+      with (fromIntegral sz) $ \ ptr_len -> do
+-# ifdef HAVE_ACCEPT4
++#if 0
+      new_sock <- throwSocketErrorIfMinus1RetryMayBlock "accept"
+                         (threadWaitRead (fromIntegral s))
+                         (c_accept4 s sockaddr ptr_len (#const SOCK_NONBLOCK))
+@@ -903,7 +903,7 @@ packSocketOption so =
+     Just MaxSegment    -> Just ((#const IPPROTO_TCP), (#const TCP_MAXSEG))
+ #endif
+ #ifdef TCP_NODELAY
+-    Just NoDelay       -> Just ((#const IPPROTO_TCP), (#const TCP_NODELAY))
++    Just NoDelay       -> Nothing -- Just ((#const IPPROTO_TCP), (#const TCP_NODELAY))
+ #endif
+ #ifdef TCP_USER_TIMEOUT
+     Just UserTimeout   -> Just ((#const IPPROTO_TCP), (#const TCP_USER_TIMEOUT))
+@@ -1036,9 +1036,9 @@ iNADDR_ANY :: HostAddress
+ iNADDR_ANY = htonl (#const INADDR_ANY)
+ 
+ -- | Converts the from host byte order to network byte order.
+-foreign import CALLCONV unsafe "htonl" htonl :: Word32 -> Word32
++foreign import CALLCONV unsafe "my_htonl" htonl :: Word32 -> Word32
+ -- | Converts the from network byte order to host byte order.
+-foreign import CALLCONV unsafe "ntohl" ntohl :: Word32 -> Word32
++foreign import CALLCONV unsafe "my_ntohl" ntohl :: Word32 -> Word32
+ 
+ #if defined(IPV6_SOCKET_SUPPORT)
+ -- | The IPv6 wild card address.
+@@ -1206,7 +1206,7 @@ unpackBits ((k,v):xs) r
+ -----------------------------------------------------------------------------
+ -- Address and service lookups
+ 
+-#if defined(IPV6_SOCKET_SUPPORT)
++#if defined(IPV6_SOCKET_SUPPORT) || 1
+ 
+ -- | Flags that control the querying behaviour of 'getAddrInfo'.
+ --   For more information, see <https://tools.ietf.org/html/rfc3493#page-25>
+@@ -1568,7 +1568,7 @@ foreign import CALLCONV unsafe "bind"
+   c_bind :: CInt -> Ptr SockAddr -> CInt{-CSockLen???-} -> IO CInt
+ foreign import CALLCONV SAFE_ON_WIN "connect"
+   c_connect :: CInt -> Ptr SockAddr -> CInt{-CSockLen???-} -> IO CInt
+-#ifdef HAVE_ACCEPT4
++#if 0
+ foreign import CALLCONV unsafe "accept4"
+   c_accept4 :: CInt -> Ptr SockAddr -> Ptr CInt{-CSockLen???-} -> CInt -> IO CInt
+ #else
+diff --git a/Network/Socket/ByteString.hsc b/Network/Socket/ByteString.hsc
+index 93e29c9..a736932 100644
+--- a/Network/Socket/ByteString.hsc
++++ b/Network/Socket/ByteString.hsc
+@@ -177,7 +177,7 @@ sendMany sock@(MkSocket fd _ _ _ _) cs = do
+       liftM fromIntegral . withIOVec cs $ \(iovsPtr, iovsLen) ->
+           throwSocketErrorWaitWrite sock "writev" $
+               c_writev (fromIntegral fd) iovsPtr
+-              (fromIntegral (min iovsLen (#const IOV_MAX)))
++              (fromIntegral (min iovsLen (0x0026)))
+ #else
+ sendMany sock = sendAll sock . B.concat
+ #endif
+diff --git a/Network/Socket/Internal.hsc b/Network/Socket/Internal.hsc
+index c8bf4f6..2463bd7 100644
+--- a/Network/Socket/Internal.hsc
++++ b/Network/Socket/Internal.hsc
+@@ -24,7 +24,7 @@ module Network.Socket.Internal
+     (
+     -- * Socket addresses
+       HostAddress
+-#if defined(IPV6_SOCKET_SUPPORT)
++#if defined(IPV6_SOCKET_SUPPORTNO)
+     , HostAddress6
+     , FlowInfo
+     , ScopeID
+diff --git a/Network/Socket/Types.hsc b/Network/Socket/Types.hsc
+index b42c98d..e5bb9fe 100644
+--- a/Network/Socket/Types.hsc
++++ b/Network/Socket/Types.hsc
+@@ -758,10 +758,10 @@ intToPortNumber v = PortNum (htons (fromIntegral v))
+ portNumberToInt :: PortNumber -> Int
+ portNumberToInt (PortNum po) = fromIntegral (ntohs po)
+ 
+-foreign import CALLCONV unsafe "ntohs" ntohs :: Word16 -> Word16
+-foreign import CALLCONV unsafe "htons" htons :: Word16 -> Word16
+-foreign import CALLCONV unsafe "ntohl" ntohl :: Word32 -> Word32
+-foreign import CALLCONV unsafe "htonl" htonl :: Word32 -> Word32
++foreign import CALLCONV unsafe "my_ntohs" ntohs :: Word16 -> Word16
++foreign import CALLCONV unsafe "my_htons" htons :: Word16 -> Word16
++foreign import CALLCONV unsafe "my_ntohl" ntohl :: Word32 -> Word32
++foreign import CALLCONV unsafe "my_htonl" htonl :: Word32 -> Word32
+ 
+ instance Enum PortNumber where
+     toEnum   = intToPortNumber
+@@ -1071,13 +1071,9 @@ poke32 p i0 a = do
+ -- | Private newtype proxy for the Storable instance. To avoid orphan instances.
+ newtype In6Addr = In6Addr HostAddress6
+ 
+-#if __GLASGOW_HASKELL__ < 800
+-#let alignment t = "%lu", (unsigned long)offsetof(struct {char x__; t (y__); }, y__)
+-#endif
+-
+ instance Storable In6Addr where
+     sizeOf _    = #const sizeof(struct in6_addr)
+-    alignment _ = #alignment struct in6_addr
++    alignment _ = 64
+ 
+     peek p = do
+         a <- peek32 p 0
+diff --git a/cbits/HsNet.c b/cbits/HsNet.c
+index 86b55dc..6225c32 100644
+--- a/cbits/HsNet.c
++++ b/cbits/HsNet.c
+@@ -6,3 +6,21 @@
+ 
+ #define INLINE
+ #include "HsNet.h"
++
++#include <sys/endian.h>
++uint16_t my_htons(uint16_t v)
++{
++	htons(v);
++}
++uint32_t my_htonl(uint32_t v)
++{
++	htonl(v);
++}
++uint16_t my_ntohs(uint16_t v)
++{
++	ntohs(v);
++}
++uint32_t my_ntohl(uint32_t v)
++{
++	ntohl(v);
++}
+diff --git a/configure b/configure
+index 9e82879..24ef3ce 100755
+--- a/configure
++++ b/configure
+@@ -1,4 +1,5 @@
+ #! /bin/sh
++set -- --host=arm-linux-androideabi
+ # Guess values for system-dependent variables and create Makefiles.
+ # Generated by GNU Autoconf 2.69 for Haskell network package 2.3.0.14.
+ #
+diff --git a/include/HsNetworkConfig.h b/include/HsNetworkConfig.h
+index 383f6e2..62b8852 100644
+--- a/include/HsNetworkConfig.h
++++ b/include/HsNetworkConfig.h
+@@ -2,7 +2,7 @@
+ /* include/HsNetworkConfig.h.in.  Generated from configure.ac by autoheader.  */
+ 
+ /* Define to 1 if you have the `accept4' function. */
+-#define HAVE_ACCEPT4 1
++/* #undef HAVE_ACCEPT4 */
+ 
+ /* Define to 1 if you have the <arpa/inet.h> header file. */
+ #define HAVE_ARPA_INET_H 1
+@@ -73,7 +73,7 @@
+ #define HAVE_LIMITS_H 1
+ 
+ /* Define to 1 if you have the <linux/can.h> header file. */
+-#define HAVE_LINUX_CAN_H 1
++/* #undef HAVE_LINUX_CAN_H */
+ 
+ /* Define to 1 if you have a Linux sendfile(2) implementation. */
+ #define HAVE_LINUX_SENDFILE 1
+-- 
+2.1.4
+

standalone/android/haskell-patches/warp_remove-ipv6-stuff.patch

@@ -0,0 +1,39 @@
+From 2f1d2eddde94d339d91d7b018dc90542b7625fd3 Mon Sep 17 00:00:00 2001
+From: androidbuilder <androidbuilder@example.com>
+Date: Wed, 20 Jun 2018 14:41:04 +0100
+Subject: [PATCH] remove ipv6 stuff
+
+---
+ Network/Wai/Handler/Warp/Run.hs | 9 +--------
+ 1 file changed, 1 insertion(+), 8 deletions(-)
+
+diff --git a/Network/Wai/Handler/Warp/Run.hs b/Network/Wai/Handler/Warp/Run.hs
+index 116b24e..5c7cbcb 100644
+--- a/Network/Wai/Handler/Warp/Run.hs
++++ b/Network/Wai/Handler/Warp/Run.hs
+@@ -14,7 +14,7 @@ import Control.Monad (when, unless, void)
+ import Data.ByteString (ByteString)
+ import qualified Data.ByteString as S
+ import Data.Char (chr)
+-import Data.IP (toHostAddress, toHostAddress6)
++import Data.IP (toHostAddress)
+ import Data.IORef (IORef, newIORef, readIORef, writeIORef)
+ import Data.Streaming.Network (bindPortTCP)
+ import Network (sClose, Socket)
+@@ -305,13 +305,6 @@ serveConnection conn ii origAddr transport settings app = do
+                         [a] -> Just (SockAddrInet (readInt clientPort)
+                                                        (toHostAddress a))
+                         _ -> Nothing
+-                ["PROXY","TCP6",clientAddr,_,clientPort,_] ->
+-                    case [x | (x, t) <- reads (decodeAscii clientAddr), null t] of
+-                        [a] -> Just (SockAddrInet6 (readInt clientPort)
+-                                                        0
+-                                                        (toHostAddress6 a)
+-                                                        0)
+-                        _ -> Nothing
+                 ("PROXY":"UNKNOWN":_) ->
+                     Just origAddr
+                 _ ->
+-- 
+2.1.4
+

standalone/android/haskell-patches/x509-store_support-Android-cert-store.patch

@@ -0,0 +1,28 @@
+From 717945172c2f3ff95cce9db2d075122bccfc9a1a Mon Sep 17 00:00:00 2001
+From: androidbuilder <androidbuilder@example.com>
+Date: Wed, 20 Jun 2018 02:01:30 +0100
+Subject: [PATCH] support Android cert store
+
+Android has only hashsed cert files.
+See https://github.com/vincenthz/hs-certificate/issues/19
+---
+ Data/X509/CertificateStore.hs      |   2 +-
+ 2 files changed, 1 insertion(+), 1 deletion(-)
+ delete mode 100644 Data/X509/.CertificateStore.hs.swp
+
+diff --git a/Data/X509/CertificateStore.hs b/Data/X509/CertificateStore.hs
+index 07449a2..74b8bde 100644
+--- a/Data/X509/CertificateStore.hs
++++ b/Data/X509/CertificateStore.hs
+@@ -106,7 +106,7 @@ listDirectoryCerts path =
+                   && isDigit (s !! 9)
+                   && (s !! 8) == '.'
+                   && all isHexDigit (take 8 s)
+-    isCert x = (not $ isPrefixOf "." x) && (not $ isHashedFile x)
++    isCert x = (not $ isPrefixOf "." x)
+ 
+     getDirContents = E.catch (map (path </>) . filter isCert <$> getDirectoryContents path) emptyPaths
+             where emptyPaths :: E.IOException -> IO [FilePath]
+-- 
+2.1.4
+

standalone/android/haskell-patches/x509-system_support-Android-cert-store.patch

@@ -1,27 +0,0 @@
-From 61d0e47cd038f25157e48385fc080d0d374b214d Mon Sep 17 00:00:00 2001
-From: dummy <dummy@example.com>
-Date: Tue, 14 Oct 2014 02:07:57 +0000
-Subject: [PATCH] support Android cert store
-
-Android has only hashsed cert files.
-See https://github.com/vincenthz/hs-certificate/issues/19
----
- System/X509/Unix.hs |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/System/X509/Unix.hs b/System/X509/Unix.hs
-index 9df3331..a30da26 100644
---- a/System/X509/Unix.hs
-+++ b/System/X509/Unix.hs
-@@ -56,7 +56,7 @@ listDirectoryCerts path = do
-                         && isDigit (s !! 9)
-                         && (s !! 8) == '.'
-                         && all isHexDigit (take 8 s)
--          isCert x = (not $ isPrefixOf "." x) && (not $ isHashedFile x)
-+          isCert x = (not $ isPrefixOf "." x) 
- 
-           getDirContents = E.catch (Just <$> getDirectoryContents path) emptyPaths
-             where emptyPaths :: E.IOException -> IO (Maybe [FilePath])
--- 
-1.7.10.4
-

standalone/android/haskell-patches/xss-sanitize_deps.patch

@@ -0,0 +1,24 @@
+From 41eb8ab50125eb6ccf260c5510407483f1d78dd4 Mon Sep 17 00:00:00 2001
+From: dummy <dummy@example.com>
+Date: Wed, 20 Jun 2018 14:52:52 +0100
+Subject: [PATCH] deps
+
+---
+ xss-sanitize.cabal | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/xss-sanitize.cabal b/xss-sanitize.cabal
+index 727dc95..2de4270 100644
+--- a/xss-sanitize.cabal
++++ b/xss-sanitize.cabal
+@@ -19,6 +19,7 @@ library
+                     , tagsoup     >= 0.12.2   && < 1
+                     , utf8-string >= 0.3      && < 1
+                     , network     >= 2        && < 3
++                    , network-uri
+                     , css-text    >= 0.1.1    && < 0.2
+                     , text        >= 0.11     && < 2
+                     , attoparsec  >= 0.10.0.3 && < 1
+-- 
+2.1.4
+

standalone/android/install-haskell-packages

@@ -80,7 +80,6 @@ EOF
 	patched unix-time
 	patched lifted-base
 	patched zlib
-	patched MissingH
 	patched distributive
 	patched comonad
 	patched iproute
@@ -93,15 +92,17 @@ EOF
 	patched skein
 	patched lens
 	patched certificate
-	patched x509-system
+	patched x509-store
 	patched persistent-template
 	patched system-filepath
 	patched optparse-applicative
+	patched warp
 	patched wai-app-static
 	patched yesod-routes
 	patched shakespeare
 	patched yesod-core
 	patched yesod-persistent
+	patched xss-sanitize
 	patched yesod-form
 	patched crypto-numbers
 	patched clock
@@ -113,6 +114,7 @@ EOF
 	patched dns
 	patched unbounded-delays
 	patched uuid
+	patched basement
 
 	cd ..