diff --git a/Modules/ExternalProject.cmake b/Modules/ExternalProject.cmake index d2e00a885..39236859b 100644 --- a/Modules/ExternalProject.cmake +++ b/Modules/ExternalProject.cmake @@ -26,8 +26,8 @@ # [URL /.../src.tgz] # Full path or URL of source # [URL_HASH ALGO=value] # Hash of file at URL # [URL_MD5 md5] # Equivalent to URL_HASH MD5=md5 -# [SSL_VERIFYPEER bool] # Should certificate for https be checked -# [CAINFO_FILE file] # Path to a certificate authority file +# [TLS_VERIFY bool] # Should certificate for https be checked +# [TLS_CAINFO file] # Path to a certificate authority file # [TIMEOUT seconds] # Time allowed for file download operations # #--Update/Patch step---------- # [UPDATE_COMMAND cmd...] # Source work-tree update command @@ -401,7 +401,7 @@ endif() endfunction() -function(_ep_write_downloadfile_script script_filename remote local timeout hash ssl_verify cainfo_file) +function(_ep_write_downloadfile_script script_filename remote local timeout hash tls_verify tls_cainfo) if(timeout) set(timeout_args TIMEOUT ${timeout}) set(timeout_msg "${timeout} seconds") @@ -416,25 +416,25 @@ function(_ep_write_downloadfile_script script_filename remote local timeout hash set(hash_args "# no EXPECTED_HASH") endif() # check for curl globals in the project - if(DEFINED CMAKE_CURLOPT_SSL_VERIFYPEER) - set(ssl_verify "set(CMAKE_CURLOPT_SSL_VERIFYPEER ${CMAKE_CURLOPT_SSL_VERIFYPEER})") + if(DEFINED CMAKE_TLS_VERIFY) + set(tls_verify "set(CMAKE_TLS_VERIFY ${CMAKE_TLS_VERIFY})") endif() - if(DEFINED CMAKE_CURLOPT_CAINFO_FILE) - set(ssl_cainfo "set(CMAKE_CURLOPT_CAINFO_FILE \"${CMAKE_CURLOPT_CAINFO_FILE}\")") + if(DEFINED CMAKE_TLS_CAINFO) + set(tls_cainfo "set(CMAKE_TLS_CAINFO \"${CMAKE_TLS_CAINFO}\")") endif() # now check for curl locals so that the local values # will override the globals - # check for ssl_verify argument - string(LENGTH "${ssl_verify}" ssl_verify_len) - if(ssl_verify_len GREATER 0) - set(ssl_verify "set(CMAKE_CURLOPT_SSL_VERIFYPEER ${ssl_verify})") + # check for tls_verify argument + string(LENGTH "${tls_verify}" tls_verify_len) + if(tls_verify_len GREATER 0) + set(tls_verify "set(CMAKE_TLS_VERIFY ${tls_verify})") endif() - # check for cainfo_file argument - string(LENGTH "${cainfo_file}" cainfo_file_len) - if(cainfo_file_len GREATER 0) - set(ssl_cainfo "set(CMAKE_CURLOPT_CAINFO_FILE \"${cainfo_file}\")") + # check for tls_cainfo argument + string(LENGTH "${tls_cainfo}" tls_cainfo_len) + if(tls_cainfo_len GREATER 0) + set(tls_cainfo "set(CMAKE_TLS_CAINFO \"${tls_cainfo}\")") endif() file(WRITE ${script_filename} @@ -443,8 +443,8 @@ function(_ep_write_downloadfile_script script_filename remote local timeout hash dst='${local}' timeout='${timeout_msg}'\") -${ssl_verify} -${ssl_cainfo} +${tls_verify} +${tls_cainfo} file(DOWNLOAD \"${remote}\" @@ -1307,10 +1307,10 @@ function(_ep_add_download_command name) string(REPLACE ";" "-" fname "${fname}") set(file ${download_dir}/${fname}) get_property(timeout TARGET ${name} PROPERTY _EP_TIMEOUT) - get_property(ssl_verify TARGET ${name} PROPERTY _EP_SSL_VERIFYPEER) - get_property(cainfo_file TARGET ${name} PROPERTY _EP_CAINFO_FILE) + get_property(tls_verify TARGET ${name} PROPERTY _EP_TLS_VERIFY) + get_property(tls_cainfo TARGET ${name} PROPERTY _EP_TLS_CAINFO) _ep_write_downloadfile_script("${stamp_dir}/download-${name}.cmake" - "${url}" "${file}" "${timeout}" "${hash}" "${ssl_verify}" "${cainfo_file}") + "${url}" "${file}" "${timeout}" "${hash}" "${tls_verify}" "${tls_cainfo}") set(cmd ${CMAKE_COMMAND} -P ${stamp_dir}/download-${name}.cmake COMMAND) set(comment "Performing download step (download, verify and extract) for '${name}'") diff --git a/Source/cmFileCommand.cxx b/Source/cmFileCommand.cxx index bb129804e..1cb2ece6c 100644 --- a/Source/cmFileCommand.cxx +++ b/Source/cmFileCommand.cxx @@ -2668,8 +2668,8 @@ cmFileCommand::HandleDownloadCommand(std::vector const& args) std::string verboseLog; std::string statusVar; std::string caFile; - bool checkSSL = false; - bool verifySSL = false; + bool checkTLS = false; + bool verifyTLS = false; std::string expectedHash; std::string hashMatchMSG; cmsys::auto_ptr hash; @@ -2723,21 +2723,21 @@ cmFileCommand::HandleDownloadCommand(std::vector const& args) } statusVar = *i; } - else if(*i == "SSL_VERIFY") + else if(*i == "TLS_VERIFY") { ++i; if(i != args.end()) { - verifySSL = cmSystemTools::IsOn(i->c_str()); - checkSSL = true; + verifyTLS = cmSystemTools::IsOn(i->c_str()); + checkTLS = true; } else { - this->SetError("SSL_VERIFY missing bool value."); + this->SetError("TLS_VERIFY missing bool value."); return false; } } - else if(*i == "SSL_CAINFO_FILE") + else if(*i == "TLS_CAINFO") { ++i; if(i != args.end()) @@ -2746,7 +2746,7 @@ cmFileCommand::HandleDownloadCommand(std::vector const& args) } else { - this->SetError("SSL_CAFILE missing file value."); + this->SetError("TLS_CAFILE missing file value."); return false; } } @@ -2865,14 +2865,14 @@ cmFileCommand::HandleDownloadCommand(std::vector const& args) cmFileCommandCurlDebugCallback); check_curl_result(res, "DOWNLOAD cannot set debug function: "); - // check to see if SSL verification is requested + // check to see if TLS verification is requested const char* verifyValue = - this->Makefile->GetDefinition("CMAKE_CURLOPT_SSL_VERIFYPEER"); - // if there is a cmake variable or if the command has SSL_VERIFY requested - if(verifyValue || checkSSL) + this->Makefile->GetDefinition("CMAKE_TLS_VERIFY"); + // if there is a cmake variable or if the command has TLS_VERIFY requested + if(verifyValue || checkTLS) { // the args to the command come first - bool verify = verifySSL; + bool verify = verifyTLS; if(!verify && verifyValue) { verify = cmSystemTools::IsOn(verifyValue); @@ -2880,17 +2880,17 @@ cmFileCommand::HandleDownloadCommand(std::vector const& args) if(verify) { res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1); - check_curl_result(res, "Unable to set SSL Verify on: "); + check_curl_result(res, "Unable to set TLS/SSL Verify on: "); } else { res = ::curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); - check_curl_result(res, "Unable to set SSL Verify off: "); + check_curl_result(res, "Unable to set TLS/SSL Verify off: "); } } // check to see if a CAINFO file has been specified const char* cainfo = - this->Makefile->GetDefinition("CMAKE_CURLOPT_CAINFO_FILE"); + this->Makefile->GetDefinition("CMAKE_TLS_CAINFO"); // command arg comes first if(caFile.size()) { @@ -2899,7 +2899,7 @@ cmFileCommand::HandleDownloadCommand(std::vector const& args) if(cainfo) { res = ::curl_easy_setopt(curl, CURLOPT_CAINFO, cainfo); - check_curl_result(res, "Unable to set SSL Verify CAINFO: "); + check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: "); } cmFileCommandVectorOfChar chunkDebug; diff --git a/Source/cmFileCommand.h b/Source/cmFileCommand.h index 413e2f4e2..bd6f612f1 100644 --- a/Source/cmFileCommand.h +++ b/Source/cmFileCommand.h @@ -85,7 +85,7 @@ public: " [TIMEOUT timeout] [STATUS status] [LOG log] [SHOW_PROGRESS]\n" " [EXPECTED_HASH MD5|SHA1|SHA224|SHA256|SHA384|SHA512 hash]\n" " [EXPECTED_MD5 sum]\n" - " [SSL_VERIFY on|off] [SSL_CAINFO_FILE file])\n" + " [TLS_VERIFY on|off] [TLS_CAINFO file])\n" " file(UPLOAD filename url [INACTIVITY_TIMEOUT timeout]\n" " [TIMEOUT timeout] [STATUS status] [LOG log] [SHOW_PROGRESS])\n" "WRITE will write a message into a file called 'filename'. It " @@ -177,12 +177,12 @@ public: "If SHOW_PROGRESS is specified, progress information will be printed " "as status messages until the operation is complete. " "For https URLs CMake must be built with OpenSSL. " - "SSL certificates are not checked by default. " - "Set SSL_VERIFY to ON to check certificates and/or use " + "TLS/SSL certificates are not checked by default. " + "Set TLS_VERIFY to ON to check certificates and/or use " "EXPECTED_HASH to verify downloaded content. " - "Set SSL_CAINFO_FILE to specify a custom Certificate Authority file. " - "If either SSL option is not given CMake will check variables " - "CMAKE_CURLOPT_SSL_VERIFYPEER and CMAKE_CURLOPT_CAINFO_FILE, " + "Set TLS_CAINFO to specify a custom Certificate Authority file. " + "If either TLS option is not given CMake will check variables " + "CMAKE_TLS_VERIFY and CMAKE_TLS_CAINFO, " "respectively." "\n" "UPLOAD will upload the given file to the given URL. "