Created attachment 205616 [details]
Switch MASTER_SITES to HTTPS.
I'm not sure the GitHub repo is reliable official mirror.
Even if its 'reliable' in the connectivity/availability sense it may not be appropriate as it may not provide processed files in the same form as the distribution.
Further, using a direct URL per attachment 205616 [details] to github, and to the master branch directly, is not framework compliant. USE_GITHUB/GH_* variables must be used to obtain a named (either by tag or commit hash) tarball, not a moving target.
If it is determined and confirmed that using GitHub as the source for these files is appropriate, the changeset it should also be fully QA'd to ensure that additional or further port changes are not necessary.
For example, but not limited to: often repository tarballs for projects that use GNU autoconf as a build system require auto[re]conf/auto* tools to be run first to produce ./configure & Makefiles which exist in the distribution tarballs, but not in the repository sources.
Alternatively, this may be closed -> Not Accepted in favour of requesting upstream support SSL on their existing distribution file host
Given this port currently has no maintainer, I'd tend to lean towards the latter as the best present/first port of call to resolve this issue.