Loading CMakeLists.txt +53 −10 Original line number Diff line number Diff line Loading @@ -633,22 +633,65 @@ set(CURL_CA_FALLBACK OFF CACHE BOOL set(CURL_CA_PATH "auto" CACHE STRING "Location of default CA path. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") if("${CURL_CA_BUNDLE}" STREQUAL "none") if("${CURL_CA_BUNDLE}" STREQUAL "") message(FATAL_ERROR "Invalid value of CURL_CA_BUNDLE. Use 'none', 'auto' or file path.") elseif("${CURL_CA_BUNDLE}" STREQUAL "none") unset(CURL_CA_BUNDLE CACHE) elseif("${CURL_CA_BUNDLE}" STREQUAL "auto") # TODO: implement message(SEND_ERROR "Auto mode not implemented for CURL_CA_BUNDLE") elseif("${CURL_CA_BUNDLE}" STREQUAL "") message(SEND_ERROR "Invalid value of CURL_CA_BUNDLE. Use 'none', 'auto' or path.") unset(CURL_CA_BUNDLE CACHE) set(CURL_CA_BUNDLE_AUTODETECT TRUE) else() set(CURL_CA_BUNDLE_SET TRUE) endif() if("${CURL_CA_PATH}" STREQUAL "none") if("${CURL_CA_PATH}" STREQUAL "") message(FATAL_ERROR "Invalid value of CURL_CA_PATH. Use 'none', 'auto' or directory path.") elseif("${CURL_CA_PATH}" STREQUAL "none") unset(CURL_CA_PATH CACHE) elseif("${CURL_CA_PATH}" STREQUAL "auto") # TODO: implement message(SEND_ERROR "Auto mode not implemented for CURL_CA_PATH") elseif("${CURL_CA_PATH}" STREQUAL "") message(SEND_ERROR "Invalid value of CURL_CA_PATH. Use 'none', 'auto' or path.") unset(CURL_CA_PATH CACHE) set(CURL_CA_PATH_AUTODETECT TRUE) else() set(CURL_CA_PATH_SET TRUE) endif() if(CURL_CA_BUNDLE_SET AND CURL_CA_PATH_AUTODETECT) # Skip autodetection of unset CA path because CA bundle is set explicitly elseif(CURL_CA_PATH_SET AND CURL_CA_BUNDLE_AUTODETECT) # Skip autodetection of unset CA bundle because CA path is set explicitly elseif(CURL_CA_PATH_AUTODETECT OR CURL_CA_BUNDLE_AUTODETECT) # first try autodetecting a CA bundle, then a CA path if(CURL_CA_BUNDLE_AUTODETECT) set(SEARCH_CA_BUNDLE_PATHS /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt /usr/share/ssl/certs/ca-bundle.crt /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem) foreach(SEARCH_CA_BUNDLE_PATH ${SEARCH_CA_BUNDLE_PATHS}) if(EXISTS "${SEARCH_CA_BUNDLE_PATH}") message(STATUS "Found CA bundle: ${SEARCH_CA_BUNDLE_PATH}") set(CURL_CA_BUNDLE "${SEARCH_CA_BUNDLE_PATH}") set(CURL_CA_BUNDLE_SET TRUE CACHE) break() endif() endforeach() endif() if(CURL_CA_PATH_AUTODETECT AND (NOT CURL_CA_PATH_SET)) if(EXISTS "/etc/ssl/certs") set(CURL_CA_PATH "/etc/ssl/certs") set(CURL_CA_PATH_SET TRUE CACHE) endif() endif() endif() if(CURL_CA_PATH_SET AND NOT (USE_OPENSSL OR GNUTLS_ENABLED)) message(FATAL_ERROR "CA path only supported by OpenSSL, GnuTLS or PolarSSL. " "Set CURL_CA_PATH=none or enable one of those TLS backends.") endif() Loading Loading
CMakeLists.txt +53 −10 Original line number Diff line number Diff line Loading @@ -633,22 +633,65 @@ set(CURL_CA_FALLBACK OFF CACHE BOOL set(CURL_CA_PATH "auto" CACHE STRING "Location of default CA path. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") if("${CURL_CA_BUNDLE}" STREQUAL "none") if("${CURL_CA_BUNDLE}" STREQUAL "") message(FATAL_ERROR "Invalid value of CURL_CA_BUNDLE. Use 'none', 'auto' or file path.") elseif("${CURL_CA_BUNDLE}" STREQUAL "none") unset(CURL_CA_BUNDLE CACHE) elseif("${CURL_CA_BUNDLE}" STREQUAL "auto") # TODO: implement message(SEND_ERROR "Auto mode not implemented for CURL_CA_BUNDLE") elseif("${CURL_CA_BUNDLE}" STREQUAL "") message(SEND_ERROR "Invalid value of CURL_CA_BUNDLE. Use 'none', 'auto' or path.") unset(CURL_CA_BUNDLE CACHE) set(CURL_CA_BUNDLE_AUTODETECT TRUE) else() set(CURL_CA_BUNDLE_SET TRUE) endif() if("${CURL_CA_PATH}" STREQUAL "none") if("${CURL_CA_PATH}" STREQUAL "") message(FATAL_ERROR "Invalid value of CURL_CA_PATH. Use 'none', 'auto' or directory path.") elseif("${CURL_CA_PATH}" STREQUAL "none") unset(CURL_CA_PATH CACHE) elseif("${CURL_CA_PATH}" STREQUAL "auto") # TODO: implement message(SEND_ERROR "Auto mode not implemented for CURL_CA_PATH") elseif("${CURL_CA_PATH}" STREQUAL "") message(SEND_ERROR "Invalid value of CURL_CA_PATH. Use 'none', 'auto' or path.") unset(CURL_CA_PATH CACHE) set(CURL_CA_PATH_AUTODETECT TRUE) else() set(CURL_CA_PATH_SET TRUE) endif() if(CURL_CA_BUNDLE_SET AND CURL_CA_PATH_AUTODETECT) # Skip autodetection of unset CA path because CA bundle is set explicitly elseif(CURL_CA_PATH_SET AND CURL_CA_BUNDLE_AUTODETECT) # Skip autodetection of unset CA bundle because CA path is set explicitly elseif(CURL_CA_PATH_AUTODETECT OR CURL_CA_BUNDLE_AUTODETECT) # first try autodetecting a CA bundle, then a CA path if(CURL_CA_BUNDLE_AUTODETECT) set(SEARCH_CA_BUNDLE_PATHS /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt /usr/share/ssl/certs/ca-bundle.crt /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem) foreach(SEARCH_CA_BUNDLE_PATH ${SEARCH_CA_BUNDLE_PATHS}) if(EXISTS "${SEARCH_CA_BUNDLE_PATH}") message(STATUS "Found CA bundle: ${SEARCH_CA_BUNDLE_PATH}") set(CURL_CA_BUNDLE "${SEARCH_CA_BUNDLE_PATH}") set(CURL_CA_BUNDLE_SET TRUE CACHE) break() endif() endforeach() endif() if(CURL_CA_PATH_AUTODETECT AND (NOT CURL_CA_PATH_SET)) if(EXISTS "/etc/ssl/certs") set(CURL_CA_PATH "/etc/ssl/certs") set(CURL_CA_PATH_SET TRUE CACHE) endif() endif() endif() if(CURL_CA_PATH_SET AND NOT (USE_OPENSSL OR GNUTLS_ENABLED)) message(FATAL_ERROR "CA path only supported by OpenSSL, GnuTLS or PolarSSL. " "Set CURL_CA_PATH=none or enable one of those TLS backends.") endif() Loading
