It’s a US Gov’t site (NASA): cddis.nasa.gov. I’m accessing data on their Space Geodesy Data archive, pulling files from directory archive/gnss/products/ionex. I filed an initial complaint with them yesterday before I knew in detail what was going on and had a response asking for more info this morning. I’ve sent them everything I know, but have heard nothing back. That was just this morning, so it’s too soon to be getting antsy about a response from them.
Jim > On Apr 12, 2022, at 1:19 PM, Clemens Lang <c...@macports.org> wrote: > > Hi, > > On Tue, Apr 12, 2022 at 09:17:03AM -0700, James Secan wrote: >> I switched from using the macOS-supplied curl to MacPorts curl >> recently, and one of my download scripts which uses curl immediately >> stopped working. The error message from curl was: >> >> curl: (35) error:0A000152:SSL routines::unsafe legacy renegotiation >> disabled >> >> From some googling it sounds like this is a problem on the server end >> and not on my end. Am I reading this right (I am NOT any kind of >> expert on SSL)? > > Yes, mostly. Unsafe legacy renegotiation is a mechanism that is > vulnerable to man in the middle attacks. Can you share which server your > script was talking to, so I could take a closer look? > > >> I’ve switched back to the macOS version of curl for now, but I may try >> downloading a MacPorts version of curl that doesn’t use openSSL as >> suggested in a StackExchange post I found. > > This is a message caused by OpenSSL 3.x, so not using OpenSSL will "fix" > the issue, but leave you vulnerably to the man-in-the-middle vulnerable > renegotiation. > > -- > Clemens