[MacPorts] #51509: setuptools-21.2.1.tar.gz not available

Sat May 28 18:32:40 PDT 2016

#51509: setuptools-21.2.1.tar.gz not available
-----------------------------+---------------------
  Reporter:  benoit.rivet@…  |      Owner:  admin@…
      Type:  defect          |     Status:  new
  Priority:  Normal          |  Milestone:
 Component:  server/hosting  |    Version:  2.3.4
Resolution:                  |   Keywords:
      Port:  py-setuptools   |
-----------------------------+---------------------

Comment (by braumann@…):

 The problem you have is platform related and has '''nothing''' to do with
 `py-setuptools`. E.g. on my 10.5.8 box I had the same. It happens when the
 respective source is placed first on some https site and none of the http
 sites have already received a copy. As `port` relies on
 `/usr/lib/libcurl.dylib` which might provide somehow outdated encodings or
 ciphers (depending on your MacOSX version), not all https connections will
 work. In our case, the tarball `setuptools-21.2.1.tar.gz` first was only
 present under
 `https://files.pythonhosted.org/packages/source/s/setuptools/`, but `port`
 just was unable to fetch, probably since your `libcurl.dylib` (in fact the
 `libcurl.4.dylib`) was not built with the asn1 encoding. Or since the ca
 cert bundle in `/usr/share/curl/curl-ca-bundle.crt` `libcurl.dylib` (and
 also `/usr/lib/curl`) is using is outdated. Under these two circumstances
 `port` cannot download from websites using https.

 The question might arise why MacPorts is not utilizing the port `curl`
 which both is modern concerning the ciphers and encodings plus provides a
 valid ca cert bundle.

 I found a hack how to update `libcurl.4.dylib` on my 10.5.8 PPC box. I
 downloaded new sources from `https://curl.haxx.se/download.html` and
 unpacked the tarball (curl version 7.49.0) . I called the configure script
 with these parameters:

 {{{
 ./configure --enable-shared --disable-static --enable-ldap --enable-ldaps
 --with-ca-bundle=/usr/share/curl/curl-ca-bundle.crt CC=gcc-mp-5 && make
 }}}

 Some switches I used might be a bit redundant here, and `gcc-mp-4.5` or
 thelike might also do (I did not use Xcode's gcc-4.2 as I noticed some
 version mismatch between the openssl headers and libraries during
 configure). Note that I decided to directly refer to the system ca cert
 bundle, as I found in the full error log from previous `py27-setuptools`
 upgrade attempts that no ca cert problems had occurred, but just some asn1
 related trouble.

 So the rest of the story is short, I copied the resulting
 `libcurl.4.dylib` (from the `lib/.libs` folder) to `/usr/lib` (of course
 after making a backup copy from the previous system provided library file
 with the same name).

 And voilà, now `port` automatically could grab the
 `setuptools-21.2.1.tar.gz` from
 `https://files.pythonhosted.org/packages/source/s/setuptools/`, while at
 that moment still none of the repositories using http were offering
 `setuptools-21.2.1.tar.gz`.

 Admittedly, I am not 100% sure if my hack has no side effect at all, e.g.
 I hope there was no runtime dependency introduced between the MacPorts
 installation and the modified `libcurl.4.dylib`. At the moment I expect
 that similar https related trouble which has recently occurred with a
 number of other ports now no longer comes back on my box. As I also have a
 10.6.8 box I btw. can tell that there was not such trouble as probably the
 system provided `curl` is newer or is just more complete.

-- 
Ticket URL: <https://trac.macports.org/ticket/51509#comment:2>
MacPorts <https://www.macports.org/>
Ports system for OS X