Opened 6 years ago
Closed 6 years ago
#55440 closed defect (fixed)
libpsl: download data files in fetch phase, not in post-extract
| Reported by: | Schamschula (Marius Schamschula) | Owned by: | dbevans (David B. Evans) |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | |
| Keywords: | tiger leopard snowleopard haspatch | Cc: | rmottola (Riccardo), ballapete (Peter "Pete" Dyballa), khepler, udbraumann, eiked |
| Port: | libpsl |
Description
Snow Leopard and Leopard often fail to download files from https servers. In this case we are attempting to download a file in the post-extract phase. There is no easy way to avoid the certificate error, give then curl fetch command. If this file was downloaded in the fetch phase, it would be relatively easy to manually download using curl -k or wget.
---> Extracting libpsl Error: Failed to extract libpsl: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Error: See /opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports.org_release_tarballs_ports_net_libpsl/libpsl/main.log for details. Error: Problem while installing libpsl Error: Follow https://guide.macports.org/#project.tickets to report a bug.
Attachments (3)
Change History (22)
Changed 6 years ago by Schamschula (Marius Schamschula)
| Attachment: | libpsl-main.log added |
|---|
comment:1 Changed 6 years ago by Schamschula (Marius Schamschula)
| Port: | curl wget added |
|---|
comment:2 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
| Keywords: | tiger leopard snowleopard added; SnowLeopard Leopard removed |
|---|---|
| Port: | curl wget removed |
comment:3 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
Also, I encourage you to use a tarball-style URL for the psldata file, to match the port's main distfile. If you really want to use an archive-style URL, then at least add a dummy parameter to the master_sites so that you can adjust the psldata filename to include a string like "psldata", to avoid confusion with the libpsl distfiles.
comment:4 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
This is a situation where it would be great if #55455 were implemented.
comment:5 Changed 6 years ago by rmottola (Riccardo)
I have exactly this issue on Leopard. Is there a known workaround? a fix?
I tried issuing the command several times and no change.
comment:6 follow-up: 8 Changed 6 years ago by svensen
I did some modifications to the Portfile:
# set psl_data_url https://github.com/publicsuffix/list/archive
set psl_data_url https://codeload.github.com/publicsuffix/list/zip
post-extract {
system "/usr/bin/curl -s -k -o \"${psl_data_dir}/${psl_data_archive}\" \"${psl_data_url}/${psl_data_commit}\""
# curl fetch ${psl_data_url}/${psl_data_archive} ${psl_data_dir}/${psl_data_archive}
There might be a more appropriate fix. However, this works for me.
comment:7 Changed 6 years ago by rmottola (Riccardo)
| Cc: | rmottola added |
|---|
comment:8 Changed 6 years ago by Schamschula (Marius Schamschula)
Replying to svensen:
I did some modifications to the Portfile:
# set psl_data_url https://github.com/publicsuffix/list/archive set psl_data_url https://codeload.github.com/publicsuffix/list/zip post-extract { system "/usr/bin/curl -s -k -o \"${psl_data_dir}/${psl_data_archive}\" \"${psl_data_url}/${psl_data_commit}\"" # curl fetch ${psl_data_url}/${psl_data_archive} ${psl_data_dir}/${psl_data_archive}There might be a more appropriate fix. However, this works for me.
This also worked for me. I must have missed a step when I manually downloaded the list data archive.
comment:9 Changed 6 years ago by rmottola (Riccardo)
I suppose I had to modify the Portfile manually to test this patch? I did and it installed correctly, so the hack did it for me!
comment:10 Changed 6 years ago by ballapete (Peter "Pete" Dyballa)
| Cc: | ballapete added |
|---|
comment:11 Changed 6 years ago by ballapete (Peter "Pete" Dyballa)
Builds with these two changes also on PPC Tiger.
comment:12 Changed 6 years ago by khepler
| Cc: | khepler added |
|---|
comment:13 Changed 6 years ago by udbraumann
| Cc: | udbraumann added |
|---|
comment:14 Changed 6 years ago by udbraumann
Interestingly, on my 10.5.8 PPC I receive a similar, but not the same error:
---> Extracting libpsl Error: Failed to extract libpsl: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm
comment:15 Changed 6 years ago by khepler
My Xserve G5 and Powerbook G4, both running 10.5.8, emit the error in the ticket description. That is:
Error: Failed to extract libpsl: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
comment:16 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
| Keywords: | haspatch added |
|---|
The best solution is for the portfile to use the release download the project makes available.
Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
| Attachment: | libpsl.diff added |
|---|
comment:17 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
Granted, this uses a slightly older data file. The one in the release download is from 9/14/2017, while the one the port is currently downloading is from 10/28/2017. If it's desired to update to newer data files than what's in the release download, then I can provide an alternate patch.
Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
| Attachment: | libpsl-with-updated-publicsuffix-list.diff added |
|---|
comment:18 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
| Cc: | eiked added |
|---|
Has duplicate #55509.
comment:19 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
libpsl is now a default dependency for both curl and wget.
See
[9fbfc98ccf4c559caf29570d4873d05e10de7a76/macports-ports]
and
[8b1bbc9f8412c8fd1d71db2096113cca4a4e42bc/macports-ports]