Closed
Description
I am trying to build https://github.com/phadej/trustee on macOS Mojave.
$ cabal build -v3
...
Selected http transport implementation: curl
Downloading https://oleg.fi/gentle-introduction-2020.11.tar.gz
...
/usr/bin/curl --config - 'https://oleg.fi/gentle-introduction-2020.11.tar.gz' --output /Users/abel/bin/src/trustee/dist-newstyle/src/gentle-in_-793f49b55a5330da.tar12693-0.gz --location --write-out '%{http_code}' --user-agent 'cabal-install/3.7 (osx; x86_64)' --silent --show-error --dump-header /Users/abel/bin/src/trustee/dist-newstyle/src/curl-headers12693-1.txt
/usr/bin/curl returned ExitFailure 60 with error message:
Warning: <stdin>:2: warning: '--user' requires parameter
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
HTTPS-proxy has similar options --proxy-cacert and --proxy-insecure.
stdin input:
--digest
--user
How to work around this?
After an hour of stumbling through curl docs, cabal docs, and cabal issues, I saw a light at the horizon:
$ cabal --help
...
--http-transport=HttpTransport
Set a transport for http(s) requests. Accepts
'curl', 'wget', 'powershell', and
'plain-http'. (default: 'curl')
Jumping on it:
$ cabal --http-transport=wget build
Downloading https://oleg.fi/gentle-introduction-2020.11.tar.gz
Error: cabal: '/usr/bin/curl' exited with an error:
...
OH NO, SAME ERROR!
In fact, cabal seem to be ignoring the option --http-transport altogether, as I can pass in phantasy methods:
$ cabal --http-transport=semmelknoedel build
Downloading https://oleg.fi/gentle-introduction-2020.11.tar.gz
Error: cabal: '/usr/bin/curl' exited with an error:
...
Too bad, semmelknoedel seems to be just an alias for curl.
Finally, I found that adding http-transport: wget to the cabal.project file does have the desired effect. (Docs: http-transport https://cabal.readthedocs.io/en/3.4/cabal-project.html#cfg-field-http-transport.) However, this was hard to discover.
Questions:
- Can I feed extra arguments to
curl? (It so nicely suggests solutions to my problem, but how to get to them viacabal?) - Could maybe
cabalpoint me to solutions ifcurlfails? (E.g., a troubleshooting page.) - Shouldn't
--http-transportcheck that it gets a valid argument? (Same for fieldhttp-transport.) - Why is
--http-transportignored on the command line (maybe only ifcabal.projectexists), even though there is no value forhttp-transportgiven in thecabal.projectfile?