El Capitan stuffs it up with SSL
Well, this has been a fun day. The following is programming/techy stuff, so it's that's not your bag feel free to skip.
I've been teaching myself Ratchet Scheme; as a learning project I wanted to write a nice simple little web spider to tally votes for the rational-Naruto play-by-post RPG I'm co-authoring. (Super low barrier to entry, btw -- stop by and check it out.) The way it works is that everyone votes on what the player character should do, we tally the votes, and then we write updates based on that. Tallying by hand is a PITA; there's various software that will do it, but none of it seems to run on Mac, so I figured I'd write my own. While I was at it, I figured I'd also support Condorcet voting. I got all my HTML handling stuff done, wrote a quick 'retrieve page' method and off to the races.
Huh. That's funny. I consistently get a "500 could not connect error", what's up with that? Oh, it's an HTTPS site, not an HTTP site. Hm. Confusing. Okay, email the list.
Ten minutes later, I get a response: "Hey, the solution to the problem is that the sslcrypto and ssl .dylib files in Racket 6.3 are out of date. Here's the correct ones; just copy them to and it'll work" Wow, that was fast. Okay, copied. Damnit, that problem is fixed but now there's another one. Okay, I'm sidetracking to write this in Perl because I want it relatively soon. Fire up HTML::TreeBuilder and off we go. Huh, that's funny. '500 could not connect'
Here is where the fun begins.
I'll spare you the amazing amount of yak shaving that I went through, but here's how it shakes out:
Ohhhkay. My options are to boot into rescue mode and turn off the 'no no, don't touch really you can't be trusted to know what you're doing!!!11!!11!!!' flags, or to rebuild perl with a compile time flag that points to the proper dylibs. FFS, all I wanted to do was spider a website.
The ridiculous part? It's a web forum. It doesn't even need to be HTTPS.
Meh. I'm going to get a sandwich for lunch, then get back to writing.
I've been teaching myself Ratchet Scheme; as a learning project I wanted to write a nice simple little web spider to tally votes for the rational-Naruto play-by-post RPG I'm co-authoring. (Super low barrier to entry, btw -- stop by and check it out.) The way it works is that everyone votes on what the player character should do, we tally the votes, and then we write updates based on that. Tallying by hand is a PITA; there's various software that will do it, but none of it seems to run on Mac, so I figured I'd write my own. While I was at it, I figured I'd also support Condorcet voting. I got all my HTML handling stuff done, wrote a quick 'retrieve page' method and off to the races.
Huh. That's funny. I consistently get a "500 could not connect error", what's up with that? Oh, it's an HTTPS site, not an HTTP site. Hm. Confusing. Okay, email the list.
Ten minutes later, I get a response: "Hey, the solution to the problem is that the sslcrypto and ssl .dylib files in Racket 6.3 are out of date. Here's the correct ones; just copy them to and it'll work" Wow, that was fast. Okay, copied. Damnit, that problem is fixed but now there's another one. Okay, I'm sidetracking to write this in Perl because I want it relatively soon. Fire up HTML::TreeBuilder and off we go. Huh, that's funny. '500 could not connect'
Here is where the fun begins.
I'll spare you the amazing amount of yak shaving that I went through, but here's how it shakes out:
- OSX 10.11, El Capitan, ships with out-of-date ssl dylibs (specifically, it has libcrypto.0.9.8.dylib and libssl.0.9.8.dylib instead of the 1.0.0 versions); they break a wide swath of software including curl, wget, and other programming languages. I have the up-to-date ones, but no way to update the system that I can find. Ideally I could just switch to root user and copy the files into /usr/lib, update the symlink and be done. Can't do that because...
- ...Apple has neutered root. Yes, there are now large swaths of the OS that root cannot touch. *boggle* There's flags set at the OS level that prevent you from manipulating certain files or directories. This just confounds me; in theory it is to protect casual users, but casual users don't even know that root exists, so the only people who will be effected by it are the people that (should) know what they're doing.
Ohhhkay. My options are to boot into rescue mode and turn off the 'no no, don't touch really you can't be trusted to know what you're doing!!!11!!11!!!' flags, or to rebuild perl with a compile time flag that points to the proper dylibs. FFS, all I wanted to do was spider a website.
The ridiculous part? It's a web forum. It doesn't even need to be HTTPS.
Meh. I'm going to get a sandwich for lunch, then get back to writing.