cURL / Mailing Lists / curl-users / Single Mail


bug: curl behaviour without CA path set

From: Tomáš Čech <>
Date: Sat, 21 Mar 2015 17:33:59 +0100


on GuixSD distribution I have found really weird behaviour of command
line curl program.

  $ curl
  curl: (4) A requested feature, protocol or option was not found built-in in this libcurl due to a build-time decision.

I walk through the code with debugger and it seems to be related to

So I conducted experiment to verify my suspicion:

  $ SSL_CERT_DIR="" curl
  <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
  <TITLE>302 Moved</TITLE></HEAD><BODY>
  <H1>302 Moved</H1>
  The document has moved
  <A HREF=";ei=YFcNVaqxKYzz8QPX_ID4CQ">here</A>.

I have SSL_CERT_DIR variable set which prevents curl from working for
any protocol, even those without TLS.

I checked the way we build curl package and we don't have either
enabled or disabled central CA path through --with-ca-path
resp. --without-ca-path, but in the end of configure output I can see:

  ca cert bundle: no
  ca cert path: no

When I enabled --with-ca-path=/some/dir, I got configure error:

  checking default CA cert bundle/path... configure: error: --with-ca-path only works with openSSL or PolarSSL

So, I can't enable the relevant part of the code and will get always
the CURLE_NOT_BUILT_IN in this code path because of my TLS library

I don't know whether GnuTLS can have CA path configured or not, but
mere environment variable set shouldn't prevent cURL from working. I
believe that this is bug.

Do you have any ideas how to fix it?

Best regards,

Tomáš Čech

List admin:

  • application/pgp-signature attachment: stored
Received on 2015-03-21