I installed your DMG version of the setup on a clean 10.6.8 machine I had sitting.
It works just great! That is exactly the kind of fix I was wondering about, and you’ve put together a great little installer. With your squid proxy running, the old original Safari browser registers as showing all current SSL capability at <https://howsmyssl.com>. MacPorts’ port command can download software from high-security SSL sites like github without any trouble: eg. sudo port clean —all ninja sudo port -d fetch —no-mirror ninja now works perfectly with the squid proxy enabled, ---> Fetching distfiles for ninja DEBUG: elevating privileges for fetch: euid changed to 0, egid changed to 0. DEBUG: dropping privileges: euid changed to 503, egid changed to 501. DEBUG: Executing org.macports.fetch (ninja) ---> ninja-1.10.2.tar.gz does not exist in /opt/local/var/macports/distfiles/ninja ---> Attempting to fetch ninja-1.10.2.tar.gz from https://github.com/ninja-build/ninja/archive/v1.10.2 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 126 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0 126 126 126 126 0 0 85 0 0:00:01 0:00:01 --:--:-- 264 100 208k 100 208k 0 0 98k 0 0:00:02 0:00:02 --:--:— 98 and fails as always when it is not enabled. ---> Fetching distfiles for ninja DEBUG: elevating privileges for fetch: euid changed to 0, egid changed to 0. DEBUG: dropping privileges: euid changed to 503, egid changed to 501. DEBUG: Executing org.macports.fetch (ninja) ---> ninja-1.10.2.tar.gz does not exist in /opt/local/var/macports/distfiles/ninja ---> Attempting to fetch ninja-1.10.2.tar.gz from https://github.com/ninja-build/ninja/archive/v1.10.2 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0DEBUG: Fetching distfile failed: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version Error: Failed to fetch ninja: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version I don’t 100% understand all the inner workings — I noticed that calling the old curl in /usr/bin did not work to download the same file for some reason: $ /usr/bin/curl -O https://github.com/ninja-build/ninja/archive/v1.10.2/ninja-1.10.2.tar.gz curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version But that is looking like minor stuff. We’ve been struggling for a while now to provide a capable port command (and other commands) to software that will allow a current SSL to work. Looks like you’ve really hit the ball out of the park with this one. Thanks, Ken
