[MacPorts] #49233: selfupdate fails with "Failed to verify signature for MacPorts source"
MacPorts
noreply at macports.org
Wed Oct 14 01:41:17 PDT 2015
#49233: selfupdate fails with "Failed to verify signature for MacPorts source"
-----------------------------+---------------------
Reporter: n.gilbert@… | Owner: admin@…
Type: defect | Status: new
Priority: High | Milestone:
Component: server/hosting | Version: 2.3.3
Resolution: | Keywords:
Port: |
-----------------------------+---------------------
Comment (by seb@…):
Replying to [comment:82 cal@…]:
> Replying to [comment:34 seb@…]:
> > I sugget a (temporary) workaround:
> >
> > Edit /opt/local/libexec/macports/lib/macports1.0/macports.tcl
> >
> > On lines 3429/3430 you'll find:
> >
> > ui_debug "failed verification with key $pubkey"[[BR]]
> > ui_debug "openssl output: $result"
> >
> > Add this command:
> > set verified 1
> >
> > And maybe (if you want to remember)
> > ui_debug "But i take my chance"
> >
>
> This is a bad idea, because it breaks the chain of trust that normally
ensures the macports update has not been tampered with. If your version of
MacPorts is outdated, it is a much better idea to download one of the
installers, because those are signed with an Apple Developer ID. Running
this installer will only update MacPorts itself and leave your installed
ports as-is.
I'm not sure you're right. Because as far as i can understand, the line
wich is impacted by the test is only a "ssh key" validation. It does not
contain any "mac port" data. All the data that are synchronized before and
after seem to work with dependencies for me. If what you say is correct,
it would mean macport does not have really establish an "El Capitan"
"chain of trust". If what i guess is true, it's only an ssh key wich is
incorrectly built from the admin.
Anyway, i needed my macports yesterday to build my application. It worked
fine for me ;)
--
Ticket URL: <https://trac.macports.org/ticket/49233#comment:106>
MacPorts <https://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list