Context Navigation

← Previous Ticket
Next Ticket →

#54914 closed defect (invalid)

sourceforge downloads now require https

Reported by:	ryandesign (Ryan Carsten Schmidt)	Owned by:
Priority:	Normal	Milestone:
Component:	ports	Version:
Keywords:		Cc:	ssisak (Steve Sisak)
Port:

Description

Looks like sourceforge downloads are now redirecting http to https. From a failed build on 10.5:

--->  Attempting to fetch dictd-1.12.1.tar.gz from http://svwh.dl.sourceforge.net/dict
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

100   154  100   154    0     0     37      0  0:00:04  0:00:04 --:--:--    37

100   154  100   154    0     0     37      0  0:00:04  0:00:04 --:--:--     0

  0   482    0     0    0     0      0      0 --:--:--  0:00:08 --:--:--     0

  0   351    0     0    0     0      0      0 --:--:--  0:00:12 --:--:--     0

  0   351    0     0    0     0      0      0 --:--:--  0:00:14 --:--:--     0DEBUG: Fetching distfile failed: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

To avoid redirects, we need to change the sourceforge fetch group's protocol from http to https.

The fact that the ssl certificate they're using is too modern for 10.5 to understand is already covered by other tickets.

Change History (4)

comment:1 Changed 7 years ago by ryandesign (Ryan Carsten Schmidt)

Well, right now SourceForge is having issues again. So let's wait until they're back online fully to see if this behavior remains.

Last edited 7 years ago by ryandesign (Ryan Carsten Schmidt) (previous) (diff)

comment:2 Changed 7 years ago by mf2k (Frank Schima)

Cc:	ssisak added

Has duplicate #54920.

comment:3 Changed 7 years ago by ryandesign (Ryan Carsten Schmidt)

This ticket is not about the sourceforge server problems. Any such problems must be fixed by sourceforge staff.

This ticket is only about an optimization we can make to reduce the number of http redirects when there are no upstream server problems.

comment:4 Changed 7 years ago by ryandesign (Ryan Carsten Schmidt)

Resolution:	→ invalid
Status:	new → closed

Now that SourceForge is back online, it looks like https is not actually required. If ports use the correct path to the SourceForge file, they download fine over http, and since that's still allowed, we want to continue to do so to support older clients. If ports don't specify the correct path, then a series of redirects leads to https, which on older clients can lead to an SSL error. So, ports should use the correct path, as in wiki:howto/AvoidRedirects. Fixed dict to do so in [cf38763e36878d0d2b87b8ebac5f8a36b4833223/macports-ports].

Note: See TracTickets for help on using tickets.

Download in other formats: