You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
That `curl` version uses Secure Channel internally, which supports TLS
v1.3 only since version 7.85.0, and this support requires Windows 11
(see https://curl.se/changes.html#7_85_0). While we do run the workflow
in `windows-latest` hosted runners, which means Windows Server 2022, the
Server equivalent to Windows 11, the `curl.exe` in that Windows version
seems to be stuck at v7.83.1.
That is a problem because we seem to be unable to access OpenSSH's
CloudFlare CDN via anything below TLS v1.3, and this GitHub workflow
runs in Windows 10 agents. The symptom looks like this:
==> Retrieving sources...
-> Downloading openssh-9.2_P1.tar.gz...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_UNSUPPORTED_FUNCTION (0x80090302) - The function requested is not supported
==> ERROR: Failure while downloading https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.2_P1.tar.gz
Aborting...
==> ERROR: Failed to generate new checksums
Error: Process completed with exit code 1.
So let's use Git's own `curl.exe` (which can use OpenSSL, which in turn
has no problems speaking TLS v1.3).
We do insist on using `/mingw64/bin/curl.exe` because
`/mingw64/bin/libcurl-4.dll` is already included in the `minimal` SDK
artifact (to allow `git fetch`/`git push` via HTTPS), whereas if we were
to use `/usr/bin/curl.exe` would require at least
`/usr/bin/msys-curl-4.dll` (and who knows what other dependencies) that
are not included in the `minimal` SDK.
Signed-off-by: Johannes Schindelin <[email protected]>
0 commit comments