diff options
| author | Brad King <brad.king@kitware.com> | 2024-02-26 16:36:02 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2024-02-28 13:40:27 (GMT) |
| commit | fb9a6cf909381de8eabe88913349312cce411714 (patch) | |
| tree | 27b5fd0ba8a45dffc047a44b726f45f3fab08f27 | |
| parent | 8e6776b9f3f17aa234e38ead7047f64c539cda1c (diff) | |
| download | CMake-fb9a6cf909381de8eabe88913349312cce411714.zip CMake-fb9a6cf909381de8eabe88913349312cce411714.tar.gz CMake-fb9a6cf909381de8eabe88913349312cce411714.tar.bz2 | |
file(DOWNLOAD|UPLOAD): Add CMAKE_TLS_VERSION variable
Issue: #25701
| -rw-r--r-- | Help/command/file.rst | 3 | ||||
| -rw-r--r-- | Help/manual/cmake-variables.7.rst | 1 | ||||
| -rw-r--r-- | Help/release/dev/curl-tls-version.rst | 4 | ||||
| -rw-r--r-- | Help/variable/CMAKE_TLS_VERSION.rst | 17 | ||||
| -rw-r--r-- | Source/cmFileCommand.cxx | 12 | ||||
| -rw-r--r-- | Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad-stderr.txt | 5 | ||||
| -rw-r--r-- | Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad.cmake | 4 |
7 files changed, 46 insertions, 0 deletions
diff --git a/Help/command/file.rst b/Help/command/file.rst index dfbd483..41d0a3b 100644 --- a/Help/command/file.rst +++ b/Help/command/file.rst @@ -1101,6 +1101,9 @@ Transfer .. versionadded:: 3.30 Specify minimum TLS version for ``https://`` URLs. + If this option is not specified, the value of the + :variable:`CMAKE_TLS_VERSION` variable will be used instead. + See that variable for allowed values. ``TLS_VERIFY <ON|OFF>`` Specify whether to verify the server certificate for ``https://`` URLs. diff --git a/Help/manual/cmake-variables.7.rst b/Help/manual/cmake-variables.7.rst index c7efdcf..d08ee2c 100644 --- a/Help/manual/cmake-variables.7.rst +++ b/Help/manual/cmake-variables.7.rst @@ -272,6 +272,7 @@ Variables that Change Behavior /variable/CMAKE_SYSTEM_PROGRAM_PATH /variable/CMAKE_TLS_CAINFO /variable/CMAKE_TLS_VERIFY + /variable/CMAKE_TLS_VERSION /variable/CMAKE_USER_MAKE_RULES_OVERRIDE /variable/CMAKE_WARN_DEPRECATED /variable/CMAKE_WARN_ON_ABSOLUTE_INSTALL_DESTINATION diff --git a/Help/release/dev/curl-tls-version.rst b/Help/release/dev/curl-tls-version.rst index 1896f45..fcc0648 100644 --- a/Help/release/dev/curl-tls-version.rst +++ b/Help/release/dev/curl-tls-version.rst @@ -4,3 +4,7 @@ curl-tls-version * The :command:`file(DOWNLOAD)` and :command:`file(UPLOAD)` commands gained a ``TLS_VERSION <min>`` option to specify the minimum TLS version for connections to ``https://`` URLs. + +* The :variable:`CMAKE_TLS_VERSION` variable was added to specify a + default minimum TLS version for connections to ``https://`` URLs by + the :command:`file(DOWNLOAD)` and :command:`file(UPLOAD)` commands. diff --git a/Help/variable/CMAKE_TLS_VERSION.rst b/Help/variable/CMAKE_TLS_VERSION.rst new file mode 100644 index 0000000..fd790b3 --- /dev/null +++ b/Help/variable/CMAKE_TLS_VERSION.rst @@ -0,0 +1,17 @@ +CMAKE_TLS_VERSION +----------------- + +.. versionadded:: 3.30 + +Specify the default value for the :command:`file(DOWNLOAD)` and +:command:`file(UPLOAD)` commands' ``TLS_VERSION`` option. + +The value may be one of: + +* ``1.0`` + +* ``1.1`` + +* ``1.2`` + +* ``1.3`` diff --git a/Source/cmFileCommand.cxx b/Source/cmFileCommand.cxx index dcdb1ae..d193375 100644 --- a/Source/cmFileCommand.cxx +++ b/Source/cmFileCommand.cxx @@ -2025,6 +2025,12 @@ bool HandleDownloadCommand(std::vector<std::string> const& args, ++i; } + if (!tls_version) { + if (cmValue v = status.GetMakefile().GetDefinition("CMAKE_TLS_VERSION")) { + tls_version = *v; + } + } + // Can't calculate hash if we don't save the file. // TODO Incrementally calculate hash in the write callback as the file is // being downloaded so this check can be relaxed. @@ -2410,6 +2416,12 @@ bool HandleUploadCommand(std::vector<std::string> const& args, ++i; } + if (!tls_version) { + if (cmValue v = status.GetMakefile().GetDefinition("CMAKE_TLS_VERSION")) { + tls_version = *v; + } + } + // Open file for reading: // FILE* fin = cmsys::SystemTools::Fopen(filename, "rb"); diff --git a/Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad-stderr.txt b/Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad-stderr.txt index 3a1d453..e2ed989 100644 --- a/Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad-stderr.txt +++ b/Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad-stderr.txt @@ -1,4 +1,9 @@ ^CMake Error at TLS_VERSION-bad\.cmake:[0-9]+ \(file\): + file DOWNLOAD given unknown TLS/SSL version bad-var +Call Stack \(most recent call first\): + CMakeLists\.txt:[0-9]+ \(include\) ++ +CMake Error at TLS_VERSION-bad\.cmake:[0-9]+ \(file\): file DOWNLOAD given unknown TLS/SSL version bad-arg Call Stack \(most recent call first\): CMakeLists\.txt:[0-9]+ \(include\)$ diff --git a/Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad.cmake b/Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad.cmake index 846af16..74c01a3 100644 --- a/Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad.cmake +++ b/Tests/RunCMake/file-DOWNLOAD/TLS_VERSION-bad.cmake @@ -1 +1,5 @@ +set(CMAKE_TLS_VERSION bad-var) +file(DOWNLOAD "" TLS_VERIFY 1 STATUS status LOG log) + +# The explicit argument overrides the cmake variable. file(DOWNLOAD "" TLS_VERSION bad-arg TLS_VERIFY 1 STATUS status LOG log) |