port is setup to use apple’s curl/openssl. Mark Brethen mark.bret...@gmail.com
> On Jul 19, 2022, at 7:13 PM, Dave Allured - NOAA Affiliate via macports-dev > <macports-dev@lists.macports.org> wrote: > > Hmmm. If port curl is already installed and active, then why would > subsequent port fetches prefer /usr/bin/curl? Is this a search path issue? > > > On Tue, Jul 19, 2022 at 6:00 PM Mark Brethen <mark.bret...@gmail.com > <mailto:mark.bret...@gmail.com>> wrote: > tetgen has dependency on cmake which depends on curl. If it's possible to > check the machine and os version, could override fetch under those specific > cases. > > I’ll also contact the host, but I suspect it’s a bug in openssl: > > routines:CONNECT_CR_KEY_EXCH:sslv3 alert handshake > failure:/System/Volumes/Data/SWE/macOS/BuildRoots/880a0f6e74/Library/Caches/com.apple.xbs/Sources/libressl/libressl-56.60.4/libressl-2.8/ssl/ssl_pkt.c:1200:SSL > alert number 40 > > Mark Brethen > mark.bret...@gmail.com <mailto:mark.bret...@gmail.com> > >> On Jul 19, 2022, at 6:00 PM, Dave Allured - NOAA Affiliate via macports-dev >> <macports-dev@lists.macports.org <mailto:macports-dev@lists.macports.org>> >> wrote: >> >> Several of us have now reproduced the SSL problem. I see two things in >> common: >> (1) Older curl/SSL versions bundled into older MacOS versions, such as >> Catalina. >> (2) The target website, wias-berlin.de <http://wias-berlin.de/>. >> >> I suspect wias-berlin.de <http://wias-berlin.de/> is misconfigured somehow. >> Mark, consider showing this problem to them, and ask them to check their >> server configuration. It is reasonable to expect Catalina Macs to be able >> to download their files using the system curl. I can certainly download >> from many other websites. >> >> Another possibility is to go back to one of Mark's earlier ideas. Get >> Macports to use the MP version of curl. I don't know how to do this. What >> happens if you simply install and activate port curl, before install tetgen >> (Mark's new port)? >> >> >> On Tue, Jul 19, 2022 at 11:26 AM Mark Brethen <mark.bret...@gmail.com >> <mailto:mark.bret...@gmail.com>> wrote: >> Big Sur installs the same version curl/openssl and it does not work on >> intel. It does work on an M1, which is surprising. >> >> ~ $ /usr/bin/curl --version >> curl 7.64.1 (x86_64-apple-darwin20.0) libcurl/7.64.1 (SecureTransport) >> LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.41.0 >> Release-Date: 2019-03-27 >> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 >> pop3s rtsp smb smbs smtp smtps telnet tftp >> Features: AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz >> MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets >> ~ $ >> >> I noticed nghttp2 @1.41.0 vs 1.39.2. >> >> Mark Brethen >> mark.bret...@gmail.com <mailto:mark.bret...@gmail.com> >> >>> On Jul 19, 2022, at 12:07 PM, Gary Palter <pal...@clozure.com >>> <mailto:pal...@clozure.com>> wrote: >>> >>> Apparently not. >>>> Last login: Tue Jul 19 12:56:44 on console >>>> palter@Catalina ~ % /usr/bin/curl --version >>>> curl 7.64.1 (x86_64-apple-darwin19.0) libcurl/7.64.1 (SecureTransport) >>>> LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.39.2 >>>> Release-Date: 2019-03-27 >>>> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 >>>> pop3s rtsp smb smbs smtp smtps telnet tftp >>>> Features: AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz >>>> MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets >>>> palter@Catalina ~ % cd Downloads >>>> palter@Catalina Downloads % /usr/bin/curl -O >>>> https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz >>>> <https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz> >>>> % Total % Received % Xferd Average Speed Time Time Time >>>> Current >>>> Dload Upload Total Spent Left >>>> Speed >>>> 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- >>>> 0 >>>> curl: (35) error:14008410:SSL routines:CONNECT_CR_KEY_EXCH:sslv3 alert >>>> handshake failure >>>> palter@Catalina Downloads % >>> The above is a vanilla install of Intel Catalina running in a VM. >>> >>> - Gary >>> >>>> On Jul 19, 2022, at 12:55 PM, Mark Brethen <mark.bret...@gmail.com >>>> <mailto:mark.bret...@gmail.com>> wrote: >>>> >>>> Anyone else confirm system curl works with this host on intel mac with >>>> catalina or big sur? >>>> >>>> Mark >>>> >>>>> On Jul 19, 2022, at 11:49 AM, Mark Brethen <mark.bret...@gmail.com >>>>> <mailto:mark.bret...@gmail.com>> wrote: >>>>> >>>>> Yes, I have mp curl as well. Unfortunately, port uses Apple’s >>>>> curl/openssl. Only work around is to override fetch and use mp. >>>>> >>>>> Mark Brethen >>>>> mark.bret...@gmail.com <mailto:mark.bret...@gmail.com> >>>>> >>>>>> On Jul 19, 2022, at 11:42 AM, Nils Breunese <n...@breun.nl >>>>>> <mailto:n...@breun.nl>> wrote: >>>>>> >>>>>> Mark Brethen <mark.bret...@gmail.com <mailto:mark.bret...@gmail.com>> >>>>>> wrote: >>>>>> >>>>>>> What version of curl/libressl? >>>>>> >>>>>> >>>>>> I have curl and openssl installed from MacPorts: >>>>>> >>>>>> ❯ port installed | egrep 'curl|openssl' >>>>>> curl @7.84.0_0+http2+ssl (active) >>>>>> curl-ca-bundle @7.84.0_0 (active) >>>>>> openssl @3_6 (active) >>>>>> openssl3 @3.0.5_0+legacy (active) >>>>>> openssl11 @1.1.1q_0 (active) >>>>>> >>>>>> MacPorts curl 7.84.0 uses OpenSSL 3.0.5: >>>>>> >>>>>> ❯ /opt/local/bin/curl --version >>>>>> curl 7.84.0 (x86_64-apple-darwin21.3.0) libcurl/7.84.0 OpenSSL/3.0.5 >>>>>> zlib/1.2.12 brotli/1.0.9 zstd/1.5.2 libidn2/2.3.3 libpsl/0.21.1 >>>>>> (+libidn2/2.3.2) nghttp2/1.48.0 >>>>>> Release-Date: 2022-06-27 >>>>>> Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt >>>>>> pop3 pop3s rtsp smb smbs smtp smtps telnet tftp >>>>>> Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IDN IPv6 >>>>>> Largefile libz NTLM NTLM_WB PSL SSL threadsafe TLS-SRP UnixSockets zstd >>>>>> >>>>>> macOS 12.4 curl 7.79.1 uses LibreSSL 3.3.6: >>>>>> >>>>>> ❯ /usr/bin/curl --version >>>>>> curl 7.79.1 (x86_64-apple-darwin21.0) libcurl/7.79.1 (SecureTransport) >>>>>> LibreSSL/3.3.6 zlib/1.2.11 nghttp2/1.45.1 >>>>>> Release-Date: 2021-09-22 >>>>>> Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap >>>>>> ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp >>>>>> Features: alt-svc AsynchDNS GSS-API HSTS HTTP2 HTTPS-proxy IPv6 Kerberos >>>>>> Largefile libz MultiSSL NTLM NTLM_WB SPNEGO SSL UnixSockets >>>>>> >>>>>> Using macOS curl also works: >>>>>> >>>>>> ❯ /usr/bin/curl -O >>>>>> https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz >>>>>> <https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz> >>>>>> % Total % Received % Xferd Average Speed Time Time Time >>>>>> Current >>>>>> Dload Upload Total Spent Left >>>>>> Speed >>>>>> 100 275k 100 275k 0 0 758k 0 --:--:-- --:--:-- --:--:— >>>>>> 779k >>>>>> >>>>>> Nils.
