[MacPorts] #38972: curl-ca-bundle needs update?

MacPorts noreply at macports.org
Wed May 1 00:07:45 PDT 2013 

#38972: curl-ca-bundle needs update?
-----------------------------+--------------------------
  Reporter:  dave@…          |      Owner:  ryandesign@…
      Type:  defect          |     Status:  new
  Priority:  Normal          |  Milestone:
 Component:  ports           |    Version:  2.1.3
Resolution:                  |   Keywords:
      Port:  curl-ca-bundle  |
-----------------------------+--------------------------
Changes (by ryandesign@…):

 * owner:  macports-tickets@… => ryandesign@…


Old description:

> It looks like perhaps gmail is using a new cert and macports' certs
> haven't been updated yet?
>
> cube:~ dave% openssl s_client -verify -crlf -connect imap.gmail.com:993
> verify depth is 0
> CONNECTED(00000003)
> depth=1 C = US, O = Google Inc, CN = Google Internet Authority
> verify error:num=20:unable to get local issuer certificate
> verify return:0
> 140735275196892:error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
> failed:s3_clnt.c:1166:
> ---
> no peer certificate available
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 1681 bytes and written 7 bytes
> ---
> New, (NONE), Cipher is (NONE)
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> SSL-Session:
>     Protocol  : TLSv1.2
>     Cipher    : 0000
>     Session-ID:
>     Session-ID-ctx:
>     Master-Key:
>     Key-Arg   : None
>     PSK identity: None
>     PSK identity hint: None
>     SRP username: None
>     Start Time: 1367385345
>     Timeout   : 300 (sec)
>     Verify return code: 0 (ok)
> ---

New description:

 It looks like perhaps gmail is using a new cert and macports' certs
 haven't been updated yet?

 {{{
 cube:~ dave% openssl s_client -verify -crlf -connect imap.gmail.com:993
 verify depth is 0
 CONNECTED(00000003)
 depth=1 C = US, O = Google Inc, CN = Google Internet Authority
 verify error:num=20:unable to get local issuer certificate
 verify return:0
 140735275196892:error:14090086:SSL
 routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
 failed:s3_clnt.c:1166:
 ---
 no peer certificate available
 ---
 No client certificate CA names sent
 ---
 SSL handshake has read 1681 bytes and written 7 bytes
 ---
 New, (NONE), Cipher is (NONE)
 Secure Renegotiation IS supported
 Compression: NONE
 Expansion: NONE
 SSL-Session:
     Protocol  : TLSv1.2
     Cipher    : 0000
     Session-ID:
     Session-ID-ctx:
     Master-Key:
     Key-Arg   : None
     PSK identity: None
     PSK identity hint: None
     SRP username: None
     Start Time: 1367385345
     Timeout   : 300 (sec)
     Verify return code: 0 (ok)
 ---
 }}}

--

-- 
Ticket URL: <https://trac.macports.org/ticket/38972#comment:3>
MacPorts <http://www.macports.org/>
Ports system for OS X

More information about the macports-tickets mailing list