This version introduced CURLE_NOT_BUILT_IN which we have used since
commit v3.4.0-rc1~211^2~4 (cmCurl: Tolerate lack of CURLOPT_CAPATH
support, 2015-08-12). For older versions, just define the name to the
then-unused error code so that we can compile.
Since curl 7.39 the CURLOPT_CAPATH setting may be rejected with a
CURLE_NOT_BUILT_IN error. Simply tolerate this with silent failure
since we just will not use the CAPATH setting in this case.
When using system curl, we trust it to be configured with desired CA
certs. When using our own build of curl, we use os-configured CA certs
on Windows and OS X. On other systems, try to achieve this by searching
for common CA cert locations. According to a brief investigation, the
curl packages on popular Linux distros are currently configured as:
* Arch: /etc/ssl/certs/ca-certificates.crt
* Debian with OpenSSL: /etc/ssl/certs
* Debian with GNU TLS: /etc/ssl/certs/ca-certificates.crt
* Debian with NSS: /etc/ssl/certs/ca-certificates.crt
* Fedora: /etc/pki/tls/certs/ca-bundle.crt
* Gentoo with OpenSSL: /etc/ssl/certs
* Gentoo without OpenSSL: /etc/ssl/certs/ca-certificates.crt
Teach CMake and CTest to look for these paths and use them as a CA path
or bundle when no other os-configured or user-specified CAs are
available.