"Portable" `openssl.cafile` location fails to be detected properly on Windows

[schlessera]

If the openssl.cafile location is used on Windows with a portable path like openssl.cafile = "\dev\xampp\apache\bin\curl-ca-bundle.crt", Composer will fail to properly detect and validate it, falling back to the bundled CA instead.

Note the backslashes and the lack of a drive letter (i.e. d:).

Such a setup is used by the portable version of XAMPP on Windows. It checks the folder on the currently active drive for the process.

If the configuration is changed to openssl.cafile = "d:\dev\xampp\apache\bin\curl-ca-bundle.crt" it seems to work correctly.

I'm not 100% sure this can or should be solved by Composer, but wanted to keep track of the issue here nevertheless.

See related issue where this was detected: wp-cli/package-command#104 (comment)

[Seldaek]

This is read at https://github.com/composer/ca-bundle/blob/master/src/CaBundle.php#L85 - I guess what happens is you run composer in some path on c:/ or some other partition than d:, so the relative path resolves fine but relative to the composer path, and not relative to the PHP_BINARY path as it should from php.ini. Probably fixable but to be honest not super high priority so feel free to send a PR to canonicalize the openssl.cafile/capath according to PHP_BINARY path if possible and if it fixes it.