[MacPorts] #38972: curl-ca-bundle needs update?
#38972: curl-ca-bundle needs update? --------------------+-------------------------------- Reporter: dave@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.1.3 Keywords: | Port: curl-ca-bundle --------------------+-------------------------------- It looks like perhaps gmail is using a new cert and macports' certs haven't been updated yet? cube:~ dave% openssl s_client -verify -crlf -connect imap.gmail.com:993 verify depth is 0 CONNECTED(00000003) depth=1 C = US, O = Google Inc, CN = Google Internet Authority verify error:num=20:unable to get local issuer certificate verify return:0 140735275196892:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:1166: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 1681 bytes and written 7 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1367385345 Timeout : 300 (sec) Verify return code: 0 (ok) --- -- Ticket URL: <https://trac.macports.org/ticket/38972> MacPorts <http://www.macports.org/> Ports system for OS X
#38972: curl-ca-bundle needs update? -----------------------------+-------------------------------- Reporter: dave@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.1.3 Resolution: | Keywords: Port: curl-ca-bundle | -----------------------------+-------------------------------- Comment (by dave@…): rats; forgot the curlies! Sorry. -- Ticket URL: <https://trac.macports.org/ticket/38972#comment:1> MacPorts <http://www.macports.org/> Ports system for OS X
#38972: curl-ca-bundle needs update? -----------------------------+-------------------------------- Reporter: dave@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.1.3 Resolution: | Keywords: Port: curl-ca-bundle | -----------------------------+-------------------------------- Comment (by egall@…): Livecheck seems to think it's up to date: {{{ gl00b05048:~ egall$ port -v livecheck curl-ca-bundle curl-ca-bundle seems to be up to date }}} -- Ticket URL: <https://trac.macports.org/ticket/38972#comment:2> MacPorts <http://www.macports.org/> Ports system for OS X
#38972: curl-ca-bundle needs update? -----------------------------+-------------------------- Reporter: dave@… | Owner: ryandesign@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.1.3 Resolution: | Keywords: Port: curl-ca-bundle | -----------------------------+-------------------------- Changes (by ryandesign@…): * owner: macports-tickets@… => ryandesign@… Old description:
It looks like perhaps gmail is using a new cert and macports' certs haven't been updated yet?
cube:~ dave% openssl s_client -verify -crlf -connect imap.gmail.com:993 verify depth is 0 CONNECTED(00000003) depth=1 C = US, O = Google Inc, CN = Google Internet Authority verify error:num=20:unable to get local issuer certificate verify return:0 140735275196892:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:1166: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 1681 bytes and written 7 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1367385345 Timeout : 300 (sec) Verify return code: 0 (ok) ---
New description: It looks like perhaps gmail is using a new cert and macports' certs haven't been updated yet? {{{ cube:~ dave% openssl s_client -verify -crlf -connect imap.gmail.com:993 verify depth is 0 CONNECTED(00000003) depth=1 C = US, O = Google Inc, CN = Google Internet Authority verify error:num=20:unable to get local issuer certificate verify return:0 140735275196892:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:1166: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 1681 bytes and written 7 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1367385345 Timeout : 300 (sec) Verify return code: 0 (ok) --- }}} -- -- Ticket URL: <https://trac.macports.org/ticket/38972#comment:3> MacPorts <http://www.macports.org/> Ports system for OS X
#38972: curl-ca-bundle needs update? -----------------------------+-------------------------- Reporter: dave@… | Owner: ryandesign@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.1.3 Resolution: | Keywords: Port: curl-ca-bundle | -----------------------------+-------------------------- Comment (by dave@…): If it's up-to-date with upstream, then probably upstream needs an update. Or, I've misdiagnosed the whole thing! -- Ticket URL: <https://trac.macports.org/ticket/38972#comment:4> MacPorts <http://www.macports.org/> Ports system for OS X
participants (1)
-
MacPorts