summaryrefslogtreecommitdiffstats
path: root/Source
diff options
context:
space:
mode:
Diffstat (limited to 'Source')
-rw-r--r--Source/cmFileCommand.cxx58
-rw-r--r--Source/cmFileCommand.h12
2 files changed, 25 insertions, 45 deletions
diff --git a/Source/cmFileCommand.cxx b/Source/cmFileCommand.cxx
index bb12980..4d9eb79 100644
--- a/Source/cmFileCommand.cxx
+++ b/Source/cmFileCommand.cxx
@@ -2667,9 +2667,8 @@ cmFileCommand::HandleDownloadCommand(std::vector<std::string> const& args)
long inactivity_timeout = 0;
std::string verboseLog;
std::string statusVar;
- std::string caFile;
- bool checkSSL = false;
- bool verifySSL = false;
+ bool tls_verify = this->Makefile->IsOn("CMAKE_TLS_VERIFY");
+ const char* cainfo = this->Makefile->GetDefinition("CMAKE_TLS_CAINFO");
std::string expectedHash;
std::string hashMatchMSG;
cmsys::auto_ptr<cmCryptoHash> hash;
@@ -2723,30 +2722,29 @@ cmFileCommand::HandleDownloadCommand(std::vector<std::string> const& args)
}
statusVar = *i;
}
- else if(*i == "SSL_VERIFY")
+ else if(*i == "TLS_VERIFY")
{
++i;
if(i != args.end())
{
- verifySSL = cmSystemTools::IsOn(i->c_str());
- checkSSL = true;
+ tls_verify = cmSystemTools::IsOn(i->c_str());
}
else
{
- this->SetError("SSL_VERIFY missing bool value.");
+ this->SetError("TLS_VERIFY missing bool value.");
return false;
}
}
- else if(*i == "SSL_CAINFO_FILE")
+ else if(*i == "TLS_CAINFO")
{
++i;
if(i != args.end())
{
- caFile = *i;
+ cainfo = i->c_str();
}
else
{
- this->SetError("SSL_CAFILE missing file value.");
+ this->SetError("TLS_CAFILE missing file value.");
return false;
}
}
@@ -2865,41 +2863,23 @@ cmFileCommand::HandleDownloadCommand(std::vector<std::string> const& args)
cmFileCommandCurlDebugCallback);
check_curl_result(res, "DOWNLOAD cannot set debug function: ");
- // check to see if SSL verification is requested
- const char* verifyValue =
- this->Makefile->GetDefinition("CMAKE_CURLOPT_SSL_VERIFYPEER");
- // if there is a cmake variable or if the command has SSL_VERIFY requested
- if(verifyValue || checkSSL)
+ // check to see if TLS verification is requested
+ if(tls_verify)
{
- // the args to the command come first
- bool verify = verifySSL;
- if(!verify && verifyValue)
- {
- verify = cmSystemTools::IsOn(verifyValue);
- }
- if(verify)
- {
- res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1);
- check_curl_result(res, "Unable to set SSL Verify on: ");
- }
- else
- {
- res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
- check_curl_result(res, "Unable to set SSL Verify off: ");
- }
+ res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1);
+ check_curl_result(res, "Unable to set TLS/SSL Verify on: ");
}
- // check to see if a CAINFO file has been specified
- const char* cainfo =
- this->Makefile->GetDefinition("CMAKE_CURLOPT_CAINFO_FILE");
- // command arg comes first
- if(caFile.size())
+ else
{
- cainfo = caFile.c_str();
+ res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+ check_curl_result(res, "Unable to set TLS/SSL Verify off: ");
}
- if(cainfo)
+ // check to see if a CAINFO file has been specified
+ // command arg comes first
+ if(cainfo && *cainfo)
{
res = ::curl_easy_setopt(curl, CURLOPT_CAINFO, cainfo);
- check_curl_result(res, "Unable to set SSL Verify CAINFO: ");
+ check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
}
cmFileCommandVectorOfChar chunkDebug;
diff --git a/Source/cmFileCommand.h b/Source/cmFileCommand.h
index 413e2f4..bd6f612 100644
--- a/Source/cmFileCommand.h
+++ b/Source/cmFileCommand.h
@@ -85,7 +85,7 @@ public:
" [TIMEOUT timeout] [STATUS status] [LOG log] [SHOW_PROGRESS]\n"
" [EXPECTED_HASH MD5|SHA1|SHA224|SHA256|SHA384|SHA512 hash]\n"
" [EXPECTED_MD5 sum]\n"
- " [SSL_VERIFY on|off] [SSL_CAINFO_FILE file])\n"
+ " [TLS_VERIFY on|off] [TLS_CAINFO file])\n"
" file(UPLOAD filename url [INACTIVITY_TIMEOUT timeout]\n"
" [TIMEOUT timeout] [STATUS status] [LOG log] [SHOW_PROGRESS])\n"
"WRITE will write a message into a file called 'filename'. It "
@@ -177,12 +177,12 @@ public:
"If SHOW_PROGRESS is specified, progress information will be printed "
"as status messages until the operation is complete. "
"For https URLs CMake must be built with OpenSSL. "
- "SSL certificates are not checked by default. "
- "Set SSL_VERIFY to ON to check certificates and/or use "
+ "TLS/SSL certificates are not checked by default. "
+ "Set TLS_VERIFY to ON to check certificates and/or use "
"EXPECTED_HASH to verify downloaded content. "
- "Set SSL_CAINFO_FILE to specify a custom Certificate Authority file. "
- "If either SSL option is not given CMake will check variables "
- "CMAKE_CURLOPT_SSL_VERIFYPEER and CMAKE_CURLOPT_CAINFO_FILE, "
+ "Set TLS_CAINFO to specify a custom Certificate Authority file. "
+ "If either TLS option is not given CMake will check variables "
+ "CMAKE_TLS_VERIFY and CMAKE_TLS_CAINFO, "
"respectively."
"\n"
"UPLOAD will upload the given file to the given URL. "