fetch ssl errors on _some_ buildbots
Ryan Schmidt
ryandesign at macports.org
Sun Mar 22 12:47:20 PDT 2015
On Mar 22, 2015, at 1:08 PM, Mihai Moldovan wrote:
> On 22.03.2015 06:33 PM, Bradley Giesbrecht wrote:
>> From what appears to be the same servers the Mavericks and Yosemite buildbots were able to fetch via https while Snow Leopard, Lion and Mountain Lion buildbots were not.
>>
>> Is this known and expected behavior or something for the macosforge admins to look into?
I noticed that too...
> I think (but may be wrong) that means that the server operator disabled
> SSLv3/TLSv1.0. Options to continue would be TLSv1.1 and TLSv1.2, but the
> old curl/openssl Apple ships does not seem to be able to use these
> protocols. Fetching does work with "our own" curl, which is using
> TLSv1.2 when talking to this server. But we're using much newer curl and
> openssl versions.
>
> As base uses the system libcurl to fetch files, there's not much we can
> do, except hope that the distfiles will be mirrored by MP mirrors
> eventually and buildbots be able to fetch from those locations.
We should totally ship a newer version of curl and openssl or gnutls with MacPorts, like we already ship a version of Tcl.
More information about the macports-dev
mailing list