Failing to install old package versions on Windows with MitM proxy gives unhelpful error message

[mb706]

See #1624

Trying to install an old package on such a system does not give a helpful error message:

renv::install("lintr@2.0.1")
#> # Downloading packages -----------------------------------------------
#> Warning: failed to find binary for 'lintr 2.0.1' in package repositories
#> Warning: failed to find source for 'lintr 2.0.1' in package repositories
#> Error: failed to retrieve package 'lintr@2.0.1'

(The "repos" option is set to "https://packagemanager.posit.co/cran/2023-10-05", if that matters. Unfortunately I don't have Windows with MitM proxy handy any more, so I cant try out a more minimal version of this.)

Tracing this through the debugger ultimately shows that the following fails:

renv:::renv_download_impl(
  url = "https://packagemanager.posit.co/cran/2023-10-05/src/contrib/Archive/lintr/lintr_2.0.1.tar.gz",
  destfile = "test.txt", type = NULL, request = "HEAD", headers = character(0))
#> <simpleWarning: curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - Die Sperrfunktion konnte keine Sperrpr�fung f�r das Zertifikat durchf�hren.>

Running C:\Windows\System32\curl.exe "https://google.com" gives the same error message, so this is ultimately because the system's curl is broken here.

#1624 already solved this problem, and the workaround is already built into renv:

Sys.setenv("R_LIBCURL_SSL_REVOKE_BEST_EFFORT" = "T")

It would be helpful if the error message could inform the user about this option here; I only found this option by going through the source code.

It would be even nicer if downloading source-versions of old packages could work in a more robust way, maybe using a different download method as fallback? Downloading up-to-date packages also seems to work with no issues, after all.

[kevinushey]

Thanks; we now set this by default here: d88ec6c