[tex-live] TL2017's tlpkg/installer/wget/wget.x86_64-darwin: HTTPS support not compiled in.

George N. White III gnwiii at gmail.com
Wed Jan 31 13:43:32 CET 2018 

On 30 January 2018 at 14:00, Karl Berry <karl at freefriends.org> wrote:

>     I just found tthat the TL2017's
>     tlpkg/installer/wget/wget.x86_64-darwin binary does not support
>     HTTPS protocol.
>
> As Mojca pointed out separately, this is most likely because
> I actually suggested/recommended building wget --without-ssl for TL:
> http://tug.org/texlive/build.html#xz
>
> This is because, as far as I know, it has become impossible to build a
> wget binary supporting ssl which either (a) runs on wider variety of
> systems than just the build system and close relatives (e.g., across
> Linux-based distros), or (b) is statically linked. Both of these used to
> be fairly practical, but now, due to "improvements" in the computing
> world, I think they are not.
>

Whatever you ship would be outdated in less than a year.  Users
have been known to use TL's wget for other purposes, so it falls
into the category of an "attractive nuisance".   It is best to
encourage users to rely on supported crypto with regular updates.

wget without ssl support will work with fewer and fewer servers in the
future.  Meanwhile, the options for having a current downloader (wget,
curl, gnurl) have improved, so it is not unreasonable to simple state
that a suitable downloader must be provided before attempting to
run the installer.   Effort would be better spent supporting
curl/gnurl as many users will already have one of these.  Curl, for
example, is provided by Anaconda Python (available on linux,
macOS, and Windows).


>
> Maybe I am wrong, but I'd like to see the proof before changing or
> committing anything. I suspect that if you want a full-fledged wget, it
> has to be provided elsewhere.  You can set TL_DOWNLOAD_PROGRAM and
> TL_DOWNLOAD_ARGS to override using the TL-shipped wget.
>
> (Maybe we should change the download logic to prefer a wget found in
> PATH to our shipped one, for this reason. That has its own problems,
> though.) --best, karl.
>
>
The installer should check for wget, curl, and gnurl in the PATH.  If none
is found,
it can point to a document where the requirements are detailed and
suitable sources of the programs for various platforms are listed.

-- 
George N. White III
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tug.org/pipermail/tex-live/attachments/20180131/021effde/attachment.html>

More information about the tex-live mailing list