fetch ssl errors on _some_ buildbots

Mihai Moldovan ionic at macports.org
Sun Mar 22 15:09:18 PDT 2015


On 22.03.2015 08:47 PM, Ryan Schmidt wrote:
> We should totally ship a newer version of curl and openssl or gnutls with MacPorts, like we already ship a version of Tcl.

Great idea. (But arguably requires a bit of work.)

Aside from unsupported protocol issues, this would also fix another error:

The list of trusted CA's is not updated by Apple for old systems.
MacPorts does that via curl-ca-bundle. That means that old systems are,
even if the protocol was supported, unable to talk to servers with
certificates signed by new CA's. Or, worse, won't refuse to talk to
servers with certificates signed by removed CA's.



Mihai

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <https://lists.macosforge.org/pipermail/macports-dev/attachments/20150322/d24ec448/attachment.sig>


More information about the macports-dev mailing list