-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
upgrade mbedtls to 2.5. curl to 7.54.1 #19135
Conversation
f96b82d
to
0aecf8f
Compare
0aecf8f
to
c2591e4
Compare
Alright, looks as though the libgit2 initialization error was caused by upgrading mbedtls, so there may have been an API change that we need to take into account somewhere. If anyone has any breadcrumbs to share about debugging advice from, say, the certificate-related issues we had recently with mbedtls, would be appreciated. |
4aa791d
to
b916229
Compare
moved everything other than mbedtls to #19216, since the others all seem to work. |
I could really use a hand from some libgit2-familiar folks in debugging the initialization error here. |
@omus Could this be the issue we ran into before? |
It does look like #20439. I guess it is time to fix that... |
I looked into this and found that when we load the default certificate chain on linux the mbedTLS function I'm unsure what mbedTLS change has resulted the following certificate in being deemed invalid:
Going forward I think we should:
|
So would this need to be addressed within our mbedtls-support patch to libgit2? Since libgit2 0.26.0 is out now, we probably want to rebase that anyway, and take another crack at getting it through upstream review. Latest activity was in libgit2/libgit2#4173. |
looks like we're in business, thanks much @omus! |
Having trouble locally replicating the travis issue. @jlbuild !nuke
|
3a121fa
to
4173cf8
Compare
The problem this was having on Travis has gone away now that it's using trusty. Will merge tomorrow if no objections. Tested it locally on Windows, so shouldn't have any post-merge failures when this makes it into nightlies. |
New versions of
MPFR, mbedtls,libssh2, and libgit2. Several patches are now included upstream in the latter 3 cases. This is failing on startup somewhere in libgit2, hence the WIP.We're also expecting a new curl version with several security fixes next week, ref https://curl.haxx.se/mail/lib-2016-10/0076.html.If I can sort out the libgit2 issue before then I'll add that here, if not I'll do it on its own once it's available. edit: curl and mpfr done in #19216edit2: closes #19457