[MacPorts] #51516: MacPorts should use a bundled copy of a newer libcurl and SSL library rather than the OS X version

MacPorts noreply at macports.org
Mon Aug 14 22:43:35 UTC 2017


#51516: MacPorts should use a bundled copy of a newer libcurl and SSL library
rather than the OS X version
--------------------------+--------------------------------
  Reporter:  ryandesign   |      Owner:  macports-tickets@…
      Type:  enhancement  |     Status:  new
  Priority:  Normal       |  Milestone:  MacPorts Future
 Component:  base         |    Version:
Resolution:               |   Keywords:
      Port:               |
--------------------------+--------------------------------

Comment (by neverpanic):

 Replying to [comment:34 jduerstock]:
 > Since Macports locally stores the hashes of the source files anyway, can
 we ignore any HTTPS failures at least with respect to files downloaded
 with known hashes?

 Unfortunately we can't. The issue is not that the certificate presented by
 the servers would not verify (which we can ignore), but that all protocols
 implemented in older versions of libcurl (and the cryptography library it
 uses) shipped with older versions of macOS are no longer accepted by
 various servers. This means that all attempts to connect just fail. A
 workaround would be using an unencrypted channel to download the files,
 but a lot of servers nowadays redirect to SSL-only protocols.

--
Ticket URL: <https://trac.macports.org/ticket/51516#comment:35>
MacPorts <https://www.macports.org/>
Ports system for macOS


More information about the macports-tickets mailing list