summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBrad King <brad.king@kitware.com>2012-09-14 19:57:18 (GMT)
committerBrad King <brad.king@kitware.com>2012-09-17 13:03:45 (GMT)
commit7369a8faee40574e7f87eeaa5e7718d0da407ffe (patch)
tree073906d75dbb01b3b8068b47e228ccb8dd0348e1
parent131d91a1f91116e85281d11d175290fdb211f664 (diff)
downloadCMake-7369a8faee40574e7f87eeaa5e7718d0da407ffe.zip
CMake-7369a8faee40574e7f87eeaa5e7718d0da407ffe.tar.gz
CMake-7369a8faee40574e7f87eeaa5e7718d0da407ffe.tar.bz2
file(DOWNLOAD): Make TLS options behave as documented
The logic added in commit e1c89f08 (file(DOWNLOAD): Add options for SSL, 2012-08-21) did not actually provide the documented behavior. Simplify the implementation to read the variable values first and then replace them with the explicit argument values if encountered. Always set the curl option CURLOPT_SSL_VERIFYPEER to either on or off explicitly instead of depending on the curl default behavior.
-rw-r--r--Source/cmFileCommand.cxx46
1 files changed, 13 insertions, 33 deletions
diff --git a/Source/cmFileCommand.cxx b/Source/cmFileCommand.cxx
index 1cb2ece..4d9eb79 100644
--- a/Source/cmFileCommand.cxx
+++ b/Source/cmFileCommand.cxx
@@ -2667,9 +2667,8 @@ cmFileCommand::HandleDownloadCommand(std::vector<std::string> const& args)
long inactivity_timeout = 0;
std::string verboseLog;
std::string statusVar;
- std::string caFile;
- bool checkTLS = false;
- bool verifyTLS = false;
+ bool tls_verify = this->Makefile->IsOn("CMAKE_TLS_VERIFY");
+ const char* cainfo = this->Makefile->GetDefinition("CMAKE_TLS_CAINFO");
std::string expectedHash;
std::string hashMatchMSG;
cmsys::auto_ptr<cmCryptoHash> hash;
@@ -2728,8 +2727,7 @@ cmFileCommand::HandleDownloadCommand(std::vector<std::string> const& args)
++i;
if(i != args.end())
{
- verifyTLS = cmSystemTools::IsOn(i->c_str());
- checkTLS = true;
+ tls_verify = cmSystemTools::IsOn(i->c_str());
}
else
{
@@ -2742,7 +2740,7 @@ cmFileCommand::HandleDownloadCommand(std::vector<std::string> const& args)
++i;
if(i != args.end())
{
- caFile = *i;
+ cainfo = i->c_str();
}
else
{
@@ -2866,37 +2864,19 @@ cmFileCommand::HandleDownloadCommand(std::vector<std::string> const& args)
check_curl_result(res, "DOWNLOAD cannot set debug function: ");
// check to see if TLS verification is requested
- const char* verifyValue =
- this->Makefile->GetDefinition("CMAKE_TLS_VERIFY");
- // if there is a cmake variable or if the command has TLS_VERIFY requested
- if(verifyValue || checkTLS)
+ if(tls_verify)
{
- // the args to the command come first
- bool verify = verifyTLS;
- if(!verify && verifyValue)
- {
- verify = cmSystemTools::IsOn(verifyValue);
- }
- if(verify)
- {
- res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1);
- check_curl_result(res, "Unable to set TLS/SSL Verify on: ");
- }
- else
- {
- res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
- check_curl_result(res, "Unable to set TLS/SSL Verify off: ");
- }
+ res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1);
+ check_curl_result(res, "Unable to set TLS/SSL Verify on: ");
}
- // check to see if a CAINFO file has been specified
- const char* cainfo =
- this->Makefile->GetDefinition("CMAKE_TLS_CAINFO");
- // command arg comes first
- if(caFile.size())
+ else
{
- cainfo = caFile.c_str();
+ res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+ check_curl_result(res, "Unable to set TLS/SSL Verify off: ");
}
- if(cainfo)
+ // check to see if a CAINFO file has been specified
+ // command arg comes first
+ if(cainfo && *cainfo)
{
res = ::curl_easy_setopt(curl, CURLOPT_CAINFO, cainfo);
check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");