Created attachment 224052 [details]
There is a bug in libfetch that manifests when an HTTP URL returns a
redirect to an HTTPS URL and the latter is accessed through a proxy.
In this situation, libfetch uses the proxy syntax (GET https://...)
in the request to the origin server. Some servers, including the one
that hosts fossil source tarballs, cannot deal with this.
The bug was fixed in -CURRENT in 2018 (git commit a768df3e91) and MFC'd
to 13, but is still present in 12 (stable and releases), and presumably
The attached patch changes the MASTER_SITES to use HTTPS to avoid the bug.
I think perhaps I should report this as a bug against libfetch to get
the fix into 12, but don't know whether this is even possible, and it is procedurally easier to work around in the port by making sure the
original URL is HTTPS.
A commit in branch main references this bug:
Author: Pietro Cerutti <gahr@FreeBSD.org>
AuthorDate: 2021-04-13 05:54:21 +0000
Commit: Pietro Cerutti <gahr@FreeBSD.org>
CommitDate: 2021-04-13 05:57:01 +0000
devel/fossil: fetch from https
Submitted by: Christian Ullrich <firstname.lastname@example.org>
devel/fossil/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)