diff options
| author | Michael Hirsch <scivision@users.noreply.gitlab.kitware.com> | 2021-04-29 14:45:05 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2021-05-04 16:29:13 (GMT) |
| commit | 7398993f5b0444d6c7997d5bf14f96c982d07021 (patch) | |
| tree | 32b671379ced5f4631f76783f1773abe9ac2c8b8 | |
| parent | 9edff7f43e6c679a4ce4b3c97432894cf98fb56c (diff) | |
| download | CMake-7398993f5b0444d6c7997d5bf14f96c982d07021.zip CMake-7398993f5b0444d6c7997d5bf14f96c982d07021.tar.gz CMake-7398993f5b0444d6c7997d5bf14f96c982d07021.tar.bz2 | |
Help: Document CMAKE_TLS_VERIFY variable explicitly
Previously it was mentioned only in the `file` and `ExternalProject`
documentation.
| -rw-r--r-- | Help/command/file.rst | 2 | ||||
| -rw-r--r-- | Help/manual/cmake-variables.7.rst | 1 | ||||
| -rw-r--r-- | Help/variable/CMAKE_TLS_VERIFY.rst | 17 | ||||
| -rw-r--r-- | Modules/ExternalProject.cmake | 2 |
4 files changed, 20 insertions, 2 deletions
diff --git a/Help/command/file.rst b/Help/command/file.rst index e170526..f46e55a 100644 --- a/Help/command/file.rst +++ b/Help/command/file.rst @@ -1070,7 +1070,7 @@ If neither ``NETRC`` option is given CMake will check variables For ``https://`` URLs CMake must be built with OpenSSL support. ``TLS/SSL`` certificates are not checked by default. Set ``TLS_VERIFY`` to ``ON`` to check certificates. If neither ``TLS`` option is given CMake will check -variables ``CMAKE_TLS_VERIFY`` and ``CMAKE_TLS_CAINFO``, respectively. +variables :variable:`CMAKE_TLS_VERIFY` and ``CMAKE_TLS_CAINFO``, respectively. Additional options to ``DOWNLOAD`` are: diff --git a/Help/manual/cmake-variables.7.rst b/Help/manual/cmake-variables.7.rst index 37ef053..c4aaa59 100644 --- a/Help/manual/cmake-variables.7.rst +++ b/Help/manual/cmake-variables.7.rst @@ -245,6 +245,7 @@ Variables that Change Behavior /variable/CMAKE_SYSTEM_LIBRARY_PATH /variable/CMAKE_SYSTEM_PREFIX_PATH /variable/CMAKE_SYSTEM_PROGRAM_PATH + /variable/CMAKE_TLS_VERIFY /variable/CMAKE_USER_MAKE_RULES_OVERRIDE /variable/CMAKE_WARN_DEPRECATED /variable/CMAKE_WARN_ON_ABSOLUTE_INSTALL_DESTINATION diff --git a/Help/variable/CMAKE_TLS_VERIFY.rst b/Help/variable/CMAKE_TLS_VERIFY.rst new file mode 100644 index 0000000..24f8a25 --- /dev/null +++ b/Help/variable/CMAKE_TLS_VERIFY.rst @@ -0,0 +1,17 @@ +CMAKE_TLS_VERIFY +---------------- + +Specify the default value for the :command:`file(DOWNLOAD)` and +:command:`file(UPLOAD)` commands' ``TLS_VERIFY`` options. +If not set, the default is *off*. + +This setting is also used by the :module:`ExternalProject` module +for internal calls to :command:`file(DOWNLOAD)`. + +TLS verification can help provide confidence that one is connecting +to the desired server. When downloading known content, one should +also use file hashes to verify it. + +.. code-block:: cmake + + set(CMAKE_TLS_VERIFY TRUE) diff --git a/Modules/ExternalProject.cmake b/Modules/ExternalProject.cmake index 56525080..45b6124 100644 --- a/Modules/ExternalProject.cmake +++ b/Modules/ExternalProject.cmake @@ -212,7 +212,7 @@ External Project Definition ``TLS_VERIFY <bool>`` Specifies whether certificate verification should be performed for https URLs. If this option is not provided, the default behavior is - determined by the ``CMAKE_TLS_VERIFY`` variable (see + determined by the :variable:`CMAKE_TLS_VERIFY` variable (see :command:`file(DOWNLOAD)`). If that is also not set, certificate verification will not be performed. In situations where ``URL_HASH`` cannot be provided, this option can be an alternative verification |