On versions of OSX/macOS up to 10.11, TLS handshakes can still fail and crash?

If I compile on 10.9.5 I can access the lobby with tls without issues.

I need the --without-ssl flag (which doesn't do what it says and only disables system TLS) and to change the libsodium url (because their website doesn't load on OsX 10.9.5)

That RC is available on the forums and people who tested it so far with later versions of Mac says it works

@elexis Yeah, it's the clock_gettime thing...

In rP21940#31688, @Stan wrote:

I need the --without-ssl flag (which doesn't do what it says and only disables system TLS) and to change the libsodium url (because their website doesn't load on OsX 10.9.5)

You are mixing things up. The missing flag is for curl, and the libsodium is also curl (but the system one).

In rP21940#31688, @Stan wrote:

That RC is available on the forums and people who tested it so far with later versions of Mac says it works

@elexis We can rely on Stan for the RCs generation, so that there is no crash on old OSX, but honestly I'd rather rely on trompetin so that our build system on Mac really catches up, and make up for the lost time: that implies letting things break on old versions of OSX, because Apple is not really into retrocompatibility ? It is possible to circumvent the crash with the TLS option, so I think it's an acceptable compromise between the comfort of users and the sanity of our macOS development environment.

Ah right.

As for the TLS option I have it enabled on my build. So there is no need to circumvent anything.

If it crashes for everyone on 10.9, 10.10, 10.11, we can disable TLS in the config and remove that one TLS sentence for OSX.

(The relevant GDPR article is 32 and it says

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk

which I interpret as us having to enable TLS if we just have to tick a box, but not if the entire software stack is broken and there not being any private personal data processed other than the pw.)

The question I have is just: What crash?

It doesn't crash on any of those platforms if I build the game.

It crashes only because trompetin17 is building on 10.14 and that gnutls is detecting special kernel functions that were introduced in 10.12. such as __clock_gettime(), look on the forums for the crashlog I posted.

If I build the game I'm able to

• Log on the lobby with TLS.
• Log on the lobby without TLS.
• Log on Modio.

If I use trompetin17's bundle,

• Logging on the lobby with TLS crashes because it fails to load the symbols. (GnuTLS uses stuff that isn't present on my kernel such as __clock_gettime())
• Logging on the lobby without TLS works.
• Logging on Modio fails because of the certificate. (Because libcurl was built without the --without-ssl flag)

Tell me if I'm not clear.

Clarifying a small thing in Stan's answer (which is correct): when D1687 is committed (tonight probably, as trompetin is testing it as we speak), mod.io will work for everyone, regardless of who built the game.

Also, none of the users who tested in the forums PM convo had a version below 10.12, which is probably why you didn't remember us having the clock_gettime bug.