summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBill Hoffman <bill.hoffman@kitware.com>2012-09-12 22:31:52 (GMT)
committerBill Hoffman <bill.hoffman@kitware.com>2012-09-12 22:31:52 (GMT)
commitc2664610845199f90f7f71664bfaf2d1c1a60ea9 (patch)
tree48bef7d437992a3aff8a43fb3f0217123c0cfa87
parentbeb8a8309bc0ce08e4884a59329607ac09c322ac (diff)
downloadCMake-c2664610845199f90f7f71664bfaf2d1c1a60ea9.zip
CMake-c2664610845199f90f7f71664bfaf2d1c1a60ea9.tar.gz
CMake-c2664610845199f90f7f71664bfaf2d1c1a60ea9.tar.bz2
Add SSL_VERIFYPEER and CAINFO file options to ExternalProject_Add.
This commit adds the ability to turn on and off ssl certificate authority checking. It also adds the ability to specify a certificate authority information file. This can be done by setting global cmake variables CMAKE_CURLOPT_CAINFO_FILE and or CMAKE_CURLOPT_SSL_VERIFYPEER in the project calling ExternalProject_Add, or by passing those options to individual ExternalProject_Add calls.
-rw-r--r--Modules/ExternalProject.cmake33
1 files changed, 31 insertions, 2 deletions
diff --git a/Modules/ExternalProject.cmake b/Modules/ExternalProject.cmake
index c61e8f7..d2e00a8 100644
--- a/Modules/ExternalProject.cmake
+++ b/Modules/ExternalProject.cmake
@@ -26,6 +26,8 @@
# [URL /.../src.tgz] # Full path or URL of source
# [URL_HASH ALGO=value] # Hash of file at URL
# [URL_MD5 md5] # Equivalent to URL_HASH MD5=md5
+# [SSL_VERIFYPEER bool] # Should certificate for https be checked
+# [CAINFO_FILE file] # Path to a certificate authority file
# [TIMEOUT seconds] # Time allowed for file download operations
# #--Update/Patch step----------
# [UPDATE_COMMAND cmd...] # Source work-tree update command
@@ -399,7 +401,7 @@ endif()
endfunction()
-function(_ep_write_downloadfile_script script_filename remote local timeout hash)
+function(_ep_write_downloadfile_script script_filename remote local timeout hash ssl_verify cainfo_file)
if(timeout)
set(timeout_args TIMEOUT ${timeout})
set(timeout_msg "${timeout} seconds")
@@ -413,6 +415,27 @@ function(_ep_write_downloadfile_script script_filename remote local timeout hash
else()
set(hash_args "# no EXPECTED_HASH")
endif()
+ # check for curl globals in the project
+ if(DEFINED CMAKE_CURLOPT_SSL_VERIFYPEER)
+ set(ssl_verify "set(CMAKE_CURLOPT_SSL_VERIFYPEER ${CMAKE_CURLOPT_SSL_VERIFYPEER})")
+ endif()
+ if(DEFINED CMAKE_CURLOPT_CAINFO_FILE)
+ set(ssl_cainfo "set(CMAKE_CURLOPT_CAINFO_FILE \"${CMAKE_CURLOPT_CAINFO_FILE}\")")
+ endif()
+
+ # now check for curl locals so that the local values
+ # will override the globals
+
+ # check for ssl_verify argument
+ string(LENGTH "${ssl_verify}" ssl_verify_len)
+ if(ssl_verify_len GREATER 0)
+ set(ssl_verify "set(CMAKE_CURLOPT_SSL_VERIFYPEER ${ssl_verify})")
+ endif()
+ # check for cainfo_file argument
+ string(LENGTH "${cainfo_file}" cainfo_file_len)
+ if(cainfo_file_len GREATER 0)
+ set(ssl_cainfo "set(CMAKE_CURLOPT_CAINFO_FILE \"${cainfo_file}\")")
+ endif()
file(WRITE ${script_filename}
"message(STATUS \"downloading...
@@ -420,6 +443,9 @@ function(_ep_write_downloadfile_script script_filename remote local timeout hash
dst='${local}'
timeout='${timeout_msg}'\")
+${ssl_verify}
+${ssl_cainfo}
+
file(DOWNLOAD
\"${remote}\"
\"${local}\"
@@ -1281,7 +1307,10 @@ function(_ep_add_download_command name)
string(REPLACE ";" "-" fname "${fname}")
set(file ${download_dir}/${fname})
get_property(timeout TARGET ${name} PROPERTY _EP_TIMEOUT)
- _ep_write_downloadfile_script("${stamp_dir}/download-${name}.cmake" "${url}" "${file}" "${timeout}" "${hash}")
+ get_property(ssl_verify TARGET ${name} PROPERTY _EP_SSL_VERIFYPEER)
+ get_property(cainfo_file TARGET ${name} PROPERTY _EP_CAINFO_FILE)
+ _ep_write_downloadfile_script("${stamp_dir}/download-${name}.cmake"
+ "${url}" "${file}" "${timeout}" "${hash}" "${ssl_verify}" "${cainfo_file}")
set(cmd ${CMAKE_COMMAND} -P ${stamp_dir}/download-${name}.cmake
COMMAND)
set(comment "Performing download step (download, verify and extract) for '${name}'")