diff options
author | Bill Hoffman <bill.hoffman@kitware.com> | 2012-09-12 22:31:52 (GMT) |
---|---|---|
committer | Bill Hoffman <bill.hoffman@kitware.com> | 2012-09-12 22:31:52 (GMT) |
commit | c2664610845199f90f7f71664bfaf2d1c1a60ea9 (patch) | |
tree | 48bef7d437992a3aff8a43fb3f0217123c0cfa87 | |
parent | beb8a8309bc0ce08e4884a59329607ac09c322ac (diff) | |
download | CMake-c2664610845199f90f7f71664bfaf2d1c1a60ea9.zip CMake-c2664610845199f90f7f71664bfaf2d1c1a60ea9.tar.gz CMake-c2664610845199f90f7f71664bfaf2d1c1a60ea9.tar.bz2 |
Add SSL_VERIFYPEER and CAINFO file options to ExternalProject_Add.
This commit adds the ability to turn on and off ssl certificate
authority checking. It also adds the ability to specify a
certificate authority information file. This can be done
by setting global cmake variables CMAKE_CURLOPT_CAINFO_FILE
and or CMAKE_CURLOPT_SSL_VERIFYPEER in the project calling
ExternalProject_Add, or by passing those options to individual
ExternalProject_Add calls.
-rw-r--r-- | Modules/ExternalProject.cmake | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/Modules/ExternalProject.cmake b/Modules/ExternalProject.cmake index c61e8f7..d2e00a8 100644 --- a/Modules/ExternalProject.cmake +++ b/Modules/ExternalProject.cmake @@ -26,6 +26,8 @@ # [URL /.../src.tgz] # Full path or URL of source # [URL_HASH ALGO=value] # Hash of file at URL # [URL_MD5 md5] # Equivalent to URL_HASH MD5=md5 +# [SSL_VERIFYPEER bool] # Should certificate for https be checked +# [CAINFO_FILE file] # Path to a certificate authority file # [TIMEOUT seconds] # Time allowed for file download operations # #--Update/Patch step---------- # [UPDATE_COMMAND cmd...] # Source work-tree update command @@ -399,7 +401,7 @@ endif() endfunction() -function(_ep_write_downloadfile_script script_filename remote local timeout hash) +function(_ep_write_downloadfile_script script_filename remote local timeout hash ssl_verify cainfo_file) if(timeout) set(timeout_args TIMEOUT ${timeout}) set(timeout_msg "${timeout} seconds") @@ -413,6 +415,27 @@ function(_ep_write_downloadfile_script script_filename remote local timeout hash else() set(hash_args "# no EXPECTED_HASH") endif() + # check for curl globals in the project + if(DEFINED CMAKE_CURLOPT_SSL_VERIFYPEER) + set(ssl_verify "set(CMAKE_CURLOPT_SSL_VERIFYPEER ${CMAKE_CURLOPT_SSL_VERIFYPEER})") + endif() + if(DEFINED CMAKE_CURLOPT_CAINFO_FILE) + set(ssl_cainfo "set(CMAKE_CURLOPT_CAINFO_FILE \"${CMAKE_CURLOPT_CAINFO_FILE}\")") + endif() + + # now check for curl locals so that the local values + # will override the globals + + # check for ssl_verify argument + string(LENGTH "${ssl_verify}" ssl_verify_len) + if(ssl_verify_len GREATER 0) + set(ssl_verify "set(CMAKE_CURLOPT_SSL_VERIFYPEER ${ssl_verify})") + endif() + # check for cainfo_file argument + string(LENGTH "${cainfo_file}" cainfo_file_len) + if(cainfo_file_len GREATER 0) + set(ssl_cainfo "set(CMAKE_CURLOPT_CAINFO_FILE \"${cainfo_file}\")") + endif() file(WRITE ${script_filename} "message(STATUS \"downloading... @@ -420,6 +443,9 @@ function(_ep_write_downloadfile_script script_filename remote local timeout hash dst='${local}' timeout='${timeout_msg}'\") +${ssl_verify} +${ssl_cainfo} + file(DOWNLOAD \"${remote}\" \"${local}\" @@ -1281,7 +1307,10 @@ function(_ep_add_download_command name) string(REPLACE ";" "-" fname "${fname}") set(file ${download_dir}/${fname}) get_property(timeout TARGET ${name} PROPERTY _EP_TIMEOUT) - _ep_write_downloadfile_script("${stamp_dir}/download-${name}.cmake" "${url}" "${file}" "${timeout}" "${hash}") + get_property(ssl_verify TARGET ${name} PROPERTY _EP_SSL_VERIFYPEER) + get_property(cainfo_file TARGET ${name} PROPERTY _EP_CAINFO_FILE) + _ep_write_downloadfile_script("${stamp_dir}/download-${name}.cmake" + "${url}" "${file}" "${timeout}" "${hash}" "${ssl_verify}" "${cainfo_file}") set(cmd ${CMAKE_COMMAND} -P ${stamp_dir}/download-${name}.cmake COMMAND) set(comment "Performing download step (download, verify and extract) for '${name}'") |