From e4563257ba66266017fadf24c1b97fd103a138e4 Mon Sep 17 00:00:00 2001
From: Brad King <brad.king@kitware.com>
Date: Mon, 15 Dec 2014 14:36:59 -0500
Subject: curl: Use OS X SSL/TLS native implementation

On OS X, when CMAKE_USE_OPENSSL is OFF, use the OS implementation.
This will allow the OS-configured CA list to be trusted automatically.

This is supported on OS X 10.6 and above using AppleClang, Clang, and
GNU compilers.
---
 Help/release/dev/curl-darwinssl.rst |  9 +++++++++
 Utilities/cmcurl/CMakeLists.txt     | 19 +++++++++++++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 Help/release/dev/curl-darwinssl.rst

diff --git a/Help/release/dev/curl-darwinssl.rst b/Help/release/dev/curl-darwinssl.rst
new file mode 100644
index 0000000..3571bd1
--- /dev/null
+++ b/Help/release/dev/curl-darwinssl.rst
@@ -0,0 +1,9 @@
+curl-darwinssl
+--------------
+
+* On OS X, commands supporting network communication, such as
+  :command:`file(DOWNLOAD)`, :command:`file(UPLOAD)`, and
+  :command:`ctest_submit`, now support SSL/TLS even when CMake
+  is not built against OpenSSL.  The OS X native SSL/TLS
+  implementation is used by default.  OS-configured certificate
+  authorities will be trusted automatically.
diff --git a/Utilities/cmcurl/CMakeLists.txt b/Utilities/cmcurl/CMakeLists.txt
index 1092e48..0db741e 100644
--- a/Utilities/cmcurl/CMakeLists.txt
+++ b/Utilities/cmcurl/CMakeLists.txt
@@ -464,6 +464,25 @@ elseif(WIN32)
   # Use Windows SSL/TLS native implementation.
   add_definitions(-DUSE_SCHANNEL)
   set(USE_WINDOWS_SSPI 1)
+elseif(APPLE)
+  # Use OS X SSL/TLS native implementation if available on target version.
+  if(CMAKE_OSX_DEPLOYMENT_TARGET)
+    set(OSX_VERSION ${CMAKE_OSX_DEPLOYMENT_TARGET})
+  else()
+    execute_process(
+      COMMAND sw_vers -productVersion
+      OUTPUT_VARIABLE OSX_VERSION
+      OUTPUT_STRIP_TRAILING_WHITESPACE
+      )
+  endif()
+  if(NOT OSX_VERSION VERSION_LESS 10.6 AND
+     CMAKE_C_COMPILER_ID MATCHES "GNU|Clang|AppleClang")
+    add_definitions(-DUSE_DARWINSSL)
+    list(APPEND CURL_LIBS
+      "-framework CoreFoundation"
+      "-framework Security"
+      )
+  endif()
 endif()
 
 #libSSH2
-- 
cgit v0.12