Yeah. Unfortunately there are rather a lot of not-that-old systems and
devices out there that can't use 1.1. But, also unfortunately, version
1.0 is pretty broken.
Probably the best fix on our end would be to reinstate the immediate
mirroring that used to happen from a post-commit hook. And possibly make
the build block until the mirroring is done. In fact, maybe the
mirroring could be triggered from one of the first steps in the build.
- Josh
On 2016-5-4 06:03 , Daniel J. Luke wrote:
This is probably caused by the site now requiring TLS 1.1 or better:
https://www.ssllabs.com/ssltest/analyze.html?d=openssl.org&s=194.97.150.234
Since PCI compliance is requiring the phasing out of TLS 1.0 support, this is probably
going to become much more common in the near future (PCI requirements tend to drive a lot
of "standard" configurations even for systems that don't process credit cards).
On May 3, 2016, at 3:32 PM, Daniel J. Luke <[email protected]> wrote:
It looks like the snowleopard and mtln buildbots can't download current openssl:
DEBUG: Fetching distfile failed: Unknown SSL protocol error in connection to
www.openssl.org:443
Is it time to retire the buildbots for these old OS versions? Should we set
them up to use the squid proxy I host for any https url (or just for anything
if that's easier)? Some other solution?
[Noticed from clamav build failures
http://build.macports.org/builders/buildports-snowleopard-x86_64/builds/41753
http://build.macports.org/builders/buildports-mtln-x86_64/builds/29275]
_______________________________________________
macports-dev mailing list
[email protected]
https://lists.macosforge.org/mailman/listinfo/macports-dev
