cannot download distfile for libressl
Ryan Schmidt
ryandesign at macports.org
Fri Feb 10 16:13:35 UTC 2017
> On Feb 10, 2017, at 08:05, Rainer Müller <raimue at macports.org> wrote:
>
> On 2017-02-10 03:18, Kastus Shchuka wrote:
>> I am trying to upgrade libressl (2.4.5), and as binary package is not
>> available yet, port command attempts to build from source but fails
>> to retrieve distfile. I am seeing 404 error from all mirrors, and
>> from openbsd.org site I am getting this error:
>>
>> :notice:fetch ---> Attempting to fetch libressl-2.4.5.tar.gz from
>> https://ftp.openbsd.org/pub/OpenBSD/LibreSSL :debug:fetch Fetching
>> distfile failed: SSL peer handshake failed, the server most likely
>> requires a client certificate to connect
>>
>> I can download the file manually with curl command, it recognizes
>> let’s encrypt certificate just fine. I wonder what command does port
>> uses for download?
>
> MacPorts uses libcurl from the system. You probably used curl installed
> from MacPorts which would also use a SSL library from MacPorts. Try to
> replicate the problem with /usr/bin/curl.
>
> This server supports only TLS 1.2, and many more servers are abolishing
> older TLS versions for good reasons. If you are using a macOS version
> equal or older than 10.7, the SecureTransport/OpenSSL library versions
> do not yet support TLS 1.2 and any attempt to connect will fail.
>
> https://trac.macports.org/ticket/51516
>
> On top of this, distfiles mirroring is known to be broken since we
> migrated away from macOS forge.
>
> https://trac.macports.org/ticket/53347
I've manually added the file to our mirrors.
More information about the macports-users
mailing list