Created attachment 224052 [details] Patch. There is a bug in libfetch that manifests when an HTTP URL returns a redirect to an HTTPS URL and the latter is accessed through a proxy. In this situation, libfetch uses the proxy syntax (GET https://...) in the request to the origin server. Some servers, including the one that hosts fossil source tarballs, cannot deal with this. The bug was fixed in -CURRENT in 2018 (git commit a768df3e91) and MFC'd to 13, but is still present in 12 (stable and releases), and presumably earlier versions. The attached patch changes the MASTER_SITES to use HTTPS to avoid the bug. I think perhaps I should report this as a bug against libfetch to get the fix into 12, but don't know whether this is even possible, and it is procedurally easier to work around in the port by making sure the original URL is HTTPS.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=d3427a37f428f4b423afe40842b9777253ad9fbc commit d3427a37f428f4b423afe40842b9777253ad9fbc Author: Pietro Cerutti <gahr@FreeBSD.org> AuthorDate: 2021-04-13 05:54:21 +0000 Commit: Pietro Cerutti <gahr@FreeBSD.org> CommitDate: 2021-04-13 05:57:01 +0000 devel/fossil: fetch from https PR: 255006 Submitted by: Christian Ullrich <chris@chrullrich.net> devel/fossil/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)