[MacPorts] #51516: MacPorts should use a bundled copy of a newer libcurl and SSL library rather than the OS X version

MacPorts noreply at macports.org
Mon Mar 12 15:15:19 UTC 2018 

#51516: MacPorts should use a bundled copy of a newer libcurl and SSL library
rather than the OS X version
--------------------------+--------------------------------
  Reporter:  ryandesign   |      Owner:  macports-tickets@…
      Type:  enhancement  |     Status:  new
  Priority:  Normal       |  Milestone:  MacPorts Future
 Component:  base         |    Version:
Resolution:               |   Keywords:
      Port:               |
--------------------------+--------------------------------

Comment (by ryandesign):

 Replying to [comment:48 yan12125]:
 > FWIW, I have a branch that bundles LibreSSL + libcurl with macports-base
 at https://github.com/yan12125/macports-base/tree/bundle-curl.
 >
 > I choose LibreSSL just because it's based on autotools, while OpenSSL
 has a custom Perl-based configure system that once brought some headache
 to me. It should not be difficult to switch LibreSSL back to OpenSSL for
 macports-base.

 Yes thanks for this. There has been some spirited debate about the merits
 of openssl vs libressl, including pointing out that as of High Sierra,
 Apple is distributing libressl in macOS instead of openssl. I would be
 fine with using libressl in MacPorts instead of openssl.

 I see that your branch deletes the MacPorts `--with-curlprefix` configure
 option. We probably want to keep that option for users who want to
 override it, but default it to using the bundled copy.

 And as I mentioned above, on systems new enough to have a Secure Transport
 implementation that supports TLS 1.2, I'd like to use that, and only build
 and use the bundled libressl on older systems. /usr/bin/curl didn't start
 using Secure Transport until Mavericks, but it has been around a lot
 longer than that. I'd have to do some testing to figure out how far back
 it supports TLS 1.2. Ideally we would do a configure script test for
 Secure Transport's capabilities. The only check curl's own configure
 script does is for the existence of
 /System/Library/Frameworks/Security.framework, but that has existed since
 Mac OS X v10.0 so we'd need a more specific check than that.

--
Ticket URL: <https://trac.macports.org/ticket/51516#comment:52>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list