Merge topic 'tls-verify'

7139944264 ctest: Fall back to CMake environment variable for TLS server verification c295df53c6 ctest: Test fallback to CMake options for TLS server verification 0d250dd021 ExternalProject: Honor CMAKE_TLS_VERIFY environment variable e8404502b1 ExternalProject: Revise TLS_VERIFY wording to use TLS_VERSION pattern 46faaf9667 file(DOWNLOAD|UPLOAD): Add CMAKE_TLS_VERIFY environment variable 8b0169fe2b file(DOWNLOAD|UPLOAD): Add test covering CMAKE_TLS_VERIFY cmake variable 93886f5c7d file(DOWNLOAD|UPLOAD): Avoid unnecessary CMAKE_TLS_VERIFY variable lookup bed32f400e file(DOWNLOAD|UPLOAD): Document TLS_VERSION fallback to environment variable ... Acked-by: Kitware Robot <kwrobot@kitware.com> Acked-by: scivision <michael@scivision.dev> Merge-request: !9389
author: Brad King <brad.king@kitware.com> 2024-04-01 13:37:06 (GMT)
committer: Kitware Robot <kwrobot@kitware.com> 2024-04-01 13:37:20 (GMT)
commit: 554a9b00c8728ecda29b86aded0785e0748bb984 (patch)
tree: 8a04238e89e9aea7bc0994bbb55143bc9059071b /Modules
parent: 5ebd5daa93bcb354627c87eb0d9d5ede718b15a8 (diff)
parent: 713994426427154100b0f457838dfc671b1d832f (diff)
download: CMake-554a9b00c8728ecda29b86aded0785e0748bb984.zip
CMake-554a9b00c8728ecda29b86aded0785e0748bb984.tar.gz
CMake-554a9b00c8728ecda29b86aded0785e0748bb984.tar.bz2
2 files changed, 32 insertions, 15 deletions
diff --git a/Modules/CTestTargets.cmake b/Modules/CTestTargets.cmake
index f672410..5e8a07d 100644
--- a/Modules/CTestTargets.cmake
+++ b/Modules/CTestTargets.cmake
@@ -28,8 +28,12 @@ block()
       set(CTEST_TLS_VERSION "$ENV{CMAKE_TLS_VERSION}")
     endif()
   endif()
-  if(NOT DEFINED CTEST_TLS_VERIFY AND DEFINED CMAKE_TLS_VERIFY)
-    set(CTEST_TLS_VERIFY "${CMAKE_TLS_VERIFY}")
+  if(NOT DEFINED CTEST_TLS_VERIFY)
+    if(DEFINED CMAKE_TLS_VERIFY)
+      set(CTEST_TLS_VERIFY "${CMAKE_TLS_VERIFY}")
+    elseif(DEFINED ENV{CMAKE_TLS_VERIFY})
+      set(CTEST_TLS_VERIFY "$ENV{CMAKE_TLS_VERIFY}")
+    endif()
   endif()
   if(CTEST_NEW_FORMAT)
     configure_file(
diff --git a/Modules/ExternalProject.cmake b/Modules/ExternalProject.cmake
index b821f1a..3323b18 100644
--- a/Modules/ExternalProject.cmake
+++ b/Modules/ExternalProject.cmake
@@ -242,19 +242,28 @@ URL
 
 ``TLS_VERIFY <bool>``
   Specifies whether certificate verification should be performed for
-  ``https://`` URLs. If this option is not provided, the default behavior
-  is determined by the :variable:`CMAKE_TLS_VERIFY` variable (see
-  :command:`file(DOWNLOAD)`). If that is also not set, certificate
-  verification will not be performed. In situations where ``URL_HASH``
-  cannot be provided, this option can be an alternative verification
-  measure.
+  ``https://`` URLs.  If this option is not provided, the value of the
+  :variable:`CMAKE_TLS_VERIFY` variable or the :envvar:`CMAKE_TLS_VERIFY`
+  environment variable will be used instead (see :command:`file(DOWNLOAD)`).
+  If neither of those is set, certificate verification will not be performed.
+  In situations where ``URL_HASH`` cannot be provided, this option can
+  be an alternative verification measure.
+
+  This option also applies to ``git clone`` invocations, although the
+  default behavior is different.  If none of the ``TLS_VERIFY`` option,
+  :variable:`CMAKE_TLS_VERIFY` variable, or :envvar:`CMAKE_TLS_VERIFY`
+  environment variable is specified, the behavior will be determined by
+  git's default (true) or a ``http.sslVerify`` git config option the
+  user may have set at a global level.
 
   .. versionchanged:: 3.6
-    This option also applies to ``git clone`` invocations, although the
-    default behavior is different.  If neither the ``TLS_VERIFY`` option
-    or :variable:`CMAKE_TLS_VERIFY` variable is specified, the behavior
-    will be determined by git's default (true) or a ``http.sslVerify``
-    git config option the user may have set at a global level.
+
+    Previously this option did not apply to ``git clone`` invocations.
+
+  .. versionchanged:: 3.30
+
+    Previously the :envvar:`CMAKE_TLS_VERIFY` environment variable
+    was not checked.
 
 ``TLS_CAINFO <file>``
   Specify a custom certificate authority file to use if ``TLS_VERIFY``
@@ -1394,8 +1403,12 @@ endfunction()
 
 function(_ep_get_tls_verify name tls_verify_var)
   get_property(tls_verify TARGET ${name} PROPERTY _EP_TLS_VERIFY)
-  if("x${tls_verify}" STREQUAL "x" AND DEFINED CMAKE_TLS_VERIFY)
-    set(tls_verify "${CMAKE_TLS_VERIFY}")
+  if("x${tls_verify}" STREQUAL "x")
+    if(NOT "x${CMAKE_TLS_VERIFY}" STREQUAL "x")
+      set(tls_verify "${CMAKE_TLS_VERIFY}")
+    elseif(NOT "x$ENV{CMAKE_TLS_VERIFY}" STREQUAL "x")
+      set(tls_verify "$ENV{CMAKE_TLS_VERIFY}")
+    endif()
   endif()
   set("${tls_verify_var}" "${tls_verify}" PARENT_SCOPE)
 endfunction()
author	Brad King <brad.king@kitware.com>	2024-04-01 13:37:06 (GMT)
committer	Kitware Robot <kwrobot@kitware.com>	2024-04-01 13:37:20 (GMT)
commit	554a9b00c8728ecda29b86aded0785e0748bb984 (patch)
tree	8a04238e89e9aea7bc0994bbb55143bc9059071b /Modules
parent	5ebd5daa93bcb354627c87eb0d9d5ede718b15a8 (diff)
parent	713994426427154100b0f457838dfc671b1d832f (diff)
download	CMake-554a9b00c8728ecda29b86aded0785e0748bb984.zip CMake-554a9b00c8728ecda29b86aded0785e0748bb984.tar.gz CMake-554a9b00c8728ecda29b86aded0785e0748bb984.tar.bz2