fetch timeout

Dave Allured - NOAA Affiliate dave.allured at noaa.gov
Wed Jul 20 00:13:39 UTC 2022


Hmmm.  If port curl is already installed and active, then why would
subsequent port fetches prefer /usr/bin/curl?  Is this a search path issue?


On Tue, Jul 19, 2022 at 6:00 PM Mark Brethen <mark.brethen at gmail.com> wrote:

> tetgen has dependency on cmake which depends on curl. If it's possible to
> check the machine and os version, could override fetch under those specific
> cases.
>
> I’ll also contact the host, but I suspect it’s a bug in openssl:
>
> routines:CONNECT_CR_KEY_EXCH:sslv3 alert handshake
> failure:/System/Volumes/Data/SWE/macOS/BuildRoots/880a0f6e74/Library/Caches/com.apple.xbs/Sources/libressl/libressl-56.60.4/libressl-2.8/ssl/ssl_pkt.c:1200:SSL
> alert number 40
>
> Mark Brethen
> mark.brethen at gmail.com
>
> On Jul 19, 2022, at 6:00 PM, Dave Allured - NOAA Affiliate via
> macports-dev <macports-dev at lists.macports.org> wrote:
>
> Several of us have now reproduced the SSL problem.  I see two things in
> common:
> (1)  Older curl/SSL versions bundled into older MacOS versions, such as
> Catalina.
> (2)  The target website, wias-berlin.de.
>
> I suspect wias-berlin.de is misconfigured somehow.  Mark, consider
> showing this problem to them, and ask them to check their server
> configuration.  It is reasonable to expect Catalina Macs to be able to
> download their files using the system curl.  I can certainly download from
> many other websites.
>
> Another possibility is to go back to one of Mark's earlier ideas.  Get
> Macports to use the MP version of curl.  I don't know how to do this.  What
> happens if you simply install and activate port curl, before install tetgen
> (Mark's new port)?
>
>
> On Tue, Jul 19, 2022 at 11:26 AM Mark Brethen <mark.brethen at gmail.com>
> wrote:
>
>> Big Sur installs the same version curl/openssl and it does not work on
>> intel. It does work on an M1, which is surprising.
>>
>> ~ $ /usr/bin/curl --version
>> curl 7.64.1 (x86_64-apple-darwin20.0) libcurl/7.64.1 (SecureTransport)
>> LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.41.0
>> Release-Date: 2019-03-27
>> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
>> pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
>> Features: AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile
>> libz MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets
>> ~ $
>>
>> I noticed nghttp2 @1.41.0 vs 1.39.2.
>>
>> Mark Brethen
>> mark.brethen at gmail.com
>>
>> On Jul 19, 2022, at 12:07 PM, Gary Palter <palter at clozure.com> wrote:
>>
>> Apparently not.
>>
>> Last login: Tue Jul 19 12:56:44 on console
>> palter at Catalina ~ % /usr/bin/curl --version
>> curl 7.64.1 (x86_64-apple-darwin19.0) libcurl/7.64.1 (SecureTransport)
>> LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.39.2
>> Release-Date: 2019-03-27
>> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
>> pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
>> Features: AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile
>> libz MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets
>> palter at Catalina ~ % cd Downloads
>> palter at Catalina Downloads % /usr/bin/curl -O
>> https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz
>>   % Total    % Received % Xferd  Average Speed   Time    Time     Time
>>  Current
>>                                  Dload  Upload   Total   Spent    Left
>>  Speed
>>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--
>>     0
>> curl: (35) error:14008410:SSL routines:CONNECT_CR_KEY_EXCH:sslv3 alert
>> handshake failure
>> palter at Catalina Downloads %
>>
>> The above is a vanilla install of Intel Catalina running in a VM.
>>
>>   - Gary
>>
>> On Jul 19, 2022, at 12:55 PM, Mark Brethen <mark.brethen at gmail.com>
>> wrote:
>>
>> Anyone else confirm system curl works with this host on intel mac with
>> catalina or big sur?
>>
>> Mark
>>
>> On Jul 19, 2022, at 11:49 AM, Mark Brethen <mark.brethen at gmail.com>
>> wrote:
>>
>> Yes, I have mp curl as well. Unfortunately, port uses Apple’s
>> curl/openssl. Only work around is to override fetch and use mp.
>>
>> Mark Brethen
>> mark.brethen at gmail.com
>>
>> On Jul 19, 2022, at 11:42 AM, Nils Breunese <nils at breun.nl> wrote:
>>
>> Mark Brethen <mark.brethen at gmail.com> wrote:
>>
>> What version of curl/libressl?
>>
>>
>>
>> I have curl and openssl installed from MacPorts:
>>
>> ❯ port installed | egrep 'curl|openssl'
>> curl @7.84.0_0+http2+ssl (active)
>> curl-ca-bundle @7.84.0_0 (active)
>> openssl @3_6 (active)
>> openssl3 @3.0.5_0+legacy (active)
>> openssl11 @1.1.1q_0 (active)
>>
>> MacPorts curl 7.84.0 uses OpenSSL 3.0.5:
>>
>> ❯ /opt/local/bin/curl --version
>> curl 7.84.0 (x86_64-apple-darwin21.3.0) libcurl/7.84.0 OpenSSL/3.0.5
>> zlib/1.2.12 brotli/1.0.9 zstd/1.5.2 libidn2/2.3.3 libpsl/0.21.1
>> (+libidn2/2.3.2) nghttp2/1.48.0
>> Release-Date: 2022-06-27
>> Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt
>> pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
>> Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IDN IPv6
>> Largefile libz NTLM NTLM_WB PSL SSL threadsafe TLS-SRP UnixSockets zstd
>>
>> macOS 12.4 curl 7.79.1 uses LibreSSL 3.3.6:
>>
>> ❯ /usr/bin/curl --version
>> curl 7.79.1 (x86_64-apple-darwin21.0) libcurl/7.79.1 (SecureTransport)
>> LibreSSL/3.3.6 zlib/1.2.11 nghttp2/1.45.1
>> Release-Date: 2021-09-22
>> Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap
>> ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
>> Features: alt-svc AsynchDNS GSS-API HSTS HTTP2 HTTPS-proxy IPv6 Kerberos
>> Largefile libz MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets
>>
>> Using macOS curl also works:
>>
>> ❯ /usr/bin/curl -O
>> https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz
>> % Total    % Received % Xferd  Average Speed   Time    Time     Time
>>  Current
>>                               Dload  Upload   Total   Spent    Left  Speed
>> 100  275k  100  275k    0     0   758k      0 --:--:-- --:--:-- --:--:—
>>  779k
>>
>> Nils.
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-dev/attachments/20220719/b95a4fed/attachment-0001.htm>


More information about the macports-dev mailing list