[MacPorts] #15048: curl +ssl doesn't install curl-ca-bundle.crt since 7.18
#15048: curl +ssl doesn't install curl-ca-bundle.crt since 7.18 --------------------------------------+------------------------------------- Reporter: dp macports@oxidized.org | Owner: macports-tickets@lists.macosforge.org Type: defect | Status: new Priority: Normal | Milestone: Port Bugs Component: ports | Version: 1.6.0 Keywords: | --------------------------------------+------------------------------------- Curl stopped packaging a certificate file in version 7.18.0 (see http://curl.haxx.se/docs/sslcerts.html). As a result, a clean install of curl +ssl from MacPorts can't verify SSL certificates. The simplest fix is just to use the file Apple installs. Add one line to the Portfile: {{{ variant ssl { depends_lib-append port:openssl configure.args-delete --without-ssl configure.args-append --with-ca-bundle=/usr/share/curl/curl-ca- bundle.crt } }}} -- Ticket URL: <http://trac.macosforge.org/projects/macports/ticket/15048> MacPorts </projects/macports> Ports system for Mac OS
#15048: curl +ssl doesn't install curl-ca-bundle.crt since 7.18 ---------------------------------------+------------------------------------ Reporter: dp macports@oxidized.org | Owner: macports-tickets@lists.macosforge.org Type: defect | Status: new Priority: Normal | Milestone: Port Bugs Component: ports | Version: 1.6.0 Resolution: | Keywords: ---------------------------------------+------------------------------------ Comment (by dp macports@oxidized.org): It might be cleaner to call `/usr/bin/curl-config --ca` to get the path to the certificate file. I'm unclear about MacPorts support for other platforms, but this would have to be resolved some other way there. -- Ticket URL: <http://trac.macosforge.org/projects/macports/ticket/15048#comment:1> MacPorts </projects/macports> Ports system for Mac OS
#15048: curl +ssl doesn't install curl-ca-bundle.crt since 7.18 ---------------------------------------+------------------------------------ Reporter: dp macports@oxidized.org | Owner: ryandesign@macports.org Type: defect | Status: new Priority: Normal | Milestone: Port Bugs Component: ports | Version: 1.6.0 Resolution: | Keywords: ---------------------------------------+------------------------------------ Changes (by jmr@macports.org): * owner: macports-tickets@lists.macosforge.org => ryandesign@macports.org Comment: Assigning to maintainer. -- Ticket URL: <http://trac.macosforge.org/projects/macports/ticket/15048#comment:2> MacPorts </projects/macports> Ports system for Mac OS
#15048: curl +ssl doesn't install curl-ca-bundle.crt since 7.18 ---------------------------------------+------------------------------------ Reporter: dp macports@oxidized.org | Owner: ryandesign@macports.org Type: defect | Status: assigned Priority: Normal | Milestone: Port Bugs Component: ports | Version: 1.6.0 Resolution: | Keywords: ---------------------------------------+------------------------------------ Changes (by ryandesign@macports.org): * status: new => assigned Comment: I think I want to handle this by using the "ca-bundle" make target. But that invokes a perl script which downloads "certdata.txt" from mozilla.org. To ensure that everyone gets the same version of this file, we should download it outselves by including it in the portfile's distfiles. But that file seems to change often, and I can't find a URL to download a specific version of the file, only the current file. Right now I'm inclined to make a separate port just for the ca-bundle, so that whenever it changes, users don't also have to rebuild all of curl. -- Ticket URL: <http://trac.macosforge.org/projects/macports/ticket/15048#comment:3> MacPorts </projects/macports> Ports system for Mac OS
#15048: curl +ssl doesn't install curl-ca-bundle.crt since 7.18 ---------------------------------------+------------------------------------ Reporter: dp macports@oxidized.org | Owner: ryandesign@macports.org Type: defect | Status: closed Priority: Normal | Milestone: Port Bugs Component: ports | Version: 1.6.0 Resolution: fixed | Keywords: ---------------------------------------+------------------------------------ Changes (by ryandesign@macports.org): * status: assigned => closed * resolution: => fixed Comment: Fixed in r36259. A new version of curl should show up within 12 hours via `sudo port selfupdate && port outdated` -- Ticket URL: <http://trac.macosforge.org/projects/macports/ticket/15048#comment:4> MacPorts </projects/macports> Ports system for Mac OS
participants (1)
-
MacPorts