fetch timeout

Dave Allured - NOAA Affiliate dave.allured at noaa.gov
Tue Jul 19 23:00:25 UTC 2022


Several of us have now reproduced the SSL problem.  I see two things in
common:
(1)  Older curl/SSL versions bundled into older MacOS versions, such as
Catalina.
(2)  The target website, wias-berlin.de.

I suspect wias-berlin.de is misconfigured somehow.  Mark, consider showing
this problem to them, and ask them to check their server configuration.  It
is reasonable to expect Catalina Macs to be able to download their files
using the system curl.  I can certainly download from many other websites.

Another possibility is to go back to one of Mark's earlier ideas.  Get
Macports to use the MP version of curl.  I don't know how to do this.  What
happens if you simply install and activate port curl, before install tetgen
(Mark's new port)?


On Tue, Jul 19, 2022 at 11:26 AM Mark Brethen <mark.brethen at gmail.com>
wrote:

> Big Sur installs the same version curl/openssl and it does not work on
> intel. It does work on an M1, which is surprising.
>
> ~ $ /usr/bin/curl --version
> curl 7.64.1 (x86_64-apple-darwin20.0) libcurl/7.64.1 (SecureTransport)
> LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.41.0
> Release-Date: 2019-03-27
> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3
> pop3s rtsp smb smbs smtp smtps telnet tftp
> Features: AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz
> MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets
> ~ $
>
> I noticed nghttp2 @1.41.0 vs 1.39.2.
>
> Mark Brethen
> mark.brethen at gmail.com
>
> On Jul 19, 2022, at 12:07 PM, Gary Palter <palter at clozure.com> wrote:
>
> Apparently not.
>
> Last login: Tue Jul 19 12:56:44 on console
> palter at Catalina ~ % /usr/bin/curl --version
> curl 7.64.1 (x86_64-apple-darwin19.0) libcurl/7.64.1 (SecureTransport)
> LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.39.2
> Release-Date: 2019-03-27
> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3
> pop3s rtsp smb smbs smtp smtps telnet tftp
> Features: AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz
> MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets
> palter at Catalina ~ % cd Downloads
> palter at Catalina Downloads % /usr/bin/curl -O
> https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz
>   % Total    % Received % Xferd  Average Speed   Time    Time     Time
>  Current
>                                  Dload  Upload   Total   Spent    Left
>  Speed
>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--
>   0
> curl: (35) error:14008410:SSL routines:CONNECT_CR_KEY_EXCH:sslv3 alert
> handshake failure
> palter at Catalina Downloads %
>
> The above is a vanilla install of Intel Catalina running in a VM.
>
>   - Gary
>
> On Jul 19, 2022, at 12:55 PM, Mark Brethen <mark.brethen at gmail.com> wrote:
>
> Anyone else confirm system curl works with this host on intel mac with
> catalina or big sur?
>
> Mark
>
> On Jul 19, 2022, at 11:49 AM, Mark Brethen <mark.brethen at gmail.com> wrote:
>
> Yes, I have mp curl as well. Unfortunately, port uses Apple’s
> curl/openssl. Only work around is to override fetch and use mp.
>
> Mark Brethen
> mark.brethen at gmail.com
>
> On Jul 19, 2022, at 11:42 AM, Nils Breunese <nils at breun.nl> wrote:
>
> Mark Brethen <mark.brethen at gmail.com> wrote:
>
> What version of curl/libressl?
>
>
>
> I have curl and openssl installed from MacPorts:
>
> ❯ port installed | egrep 'curl|openssl'
> curl @7.84.0_0+http2+ssl (active)
> curl-ca-bundle @7.84.0_0 (active)
> openssl @3_6 (active)
> openssl3 @3.0.5_0+legacy (active)
> openssl11 @1.1.1q_0 (active)
>
> MacPorts curl 7.84.0 uses OpenSSL 3.0.5:
>
> ❯ /opt/local/bin/curl --version
> curl 7.84.0 (x86_64-apple-darwin21.3.0) libcurl/7.84.0 OpenSSL/3.0.5
> zlib/1.2.12 brotli/1.0.9 zstd/1.5.2 libidn2/2.3.3 libpsl/0.21.1
> (+libidn2/2.3.2) nghttp2/1.48.0
> Release-Date: 2022-06-27
> Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt
> pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
> Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IDN IPv6
> Largefile libz NTLM NTLM_WB PSL SSL threadsafe TLS-SRP UnixSockets zstd
>
> macOS 12.4 curl 7.79.1 uses LibreSSL 3.3.6:
>
> ❯ /usr/bin/curl --version
> curl 7.79.1 (x86_64-apple-darwin21.0) libcurl/7.79.1 (SecureTransport)
> LibreSSL/3.3.6 zlib/1.2.11 nghttp2/1.45.1
> Release-Date: 2021-09-22
> Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap
> ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
> Features: alt-svc AsynchDNS GSS-API HSTS HTTP2 HTTPS-proxy IPv6 Kerberos
> Largefile libz MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets
>
> Using macOS curl also works:
>
> ❯ /usr/bin/curl -O
> https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz
> % Total    % Received % Xferd  Average Speed   Time    Time     Time
>  Current
>                               Dload  Upload   Total   Spent    Left  Speed
> 100  275k  100  275k    0     0   758k      0 --:--:-- --:--:-- --:--:—
>  779k
>
> Nils.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-dev/attachments/20220719/44a22de7/attachment-0001.htm>


More information about the macports-dev mailing list