Commit f85ff14d authored by Michael Maltese's avatar Michael Maltese Committed by Peter Wu
Browse files

CMake: Reorganize SSL support, separate WinSSL and SSPI 

This is closer to how configure.ac does it

Ref: https://github.com/curl/curl/pull/1228
parent 21512a01

CMakeLists.txt

+59 −57
Original line number Diff line number Diff line
@@ -289,33 +289,60 @@ endif(NOT NOT_NEED_LIBNSL) 


check_function_exists(gethostname HAVE_GETHOSTNAME)



set(OPENSSL_DEFAULT ON)

if(WIN32)

  set(OPENSSL_DEFAULT OFF)

  check_library_exists_concat("ws2_32" getch        HAVE_LIBWS2_32)

  check_library_exists_concat("winmm"  getch        HAVE_LIBWINMM)

endif()



option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ${OPENSSL_DEFAULT})

mark_as_advanced(CMAKE_USE_OPENSSL)

# check SSL libraries

# TODO support GNUTLS, NSS, POLARSSL, AXTLS, CYASSL, DARWINSSL



if(WIN32)

  CMAKE_DEPENDENT_OPTION(CURL_WINDOWS_SSPI "Use windows libraries to allow NTLM authentication without openssl" ON

    "NOT CMAKE_USE_OPENSSL" OFF)

  mark_as_advanced(CURL_WINDOWS_SSPI)

  option(CMAKE_USE_WINSSL "enable Windows native SSL/TLS" OFF)

  cmake_dependent_option(CURL_WINDOWS_SSPI "Use windows libraries to allow NTLM authentication without openssl" ON

    CMAKE_USE_WINSSL OFF)

endif()



set(USE_OPENSSL OFF)

set(HAVE_LIBCRYPTO OFF)

set(HAVE_LIBSSL OFF)

set(openssl_default ON)

if(WIN32)

    set(openssl_default OFF)

endif()

option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ${openssl_default})



if(CMAKE_USE_OPENSSL)

  find_package(OpenSSL)

  if(OPENSSL_FOUND)

    list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})

if(CMAKE_USE_WINSSL AND NOT SSL_ENABLED)

  set(SSL_ENABLED ON)

  set(USE_SCHANNEL ON) # Windows native SSL/TLS support

  set(USE_WINDOWS_SSPI ON) # CMAKE_USE_WINSSL implies CURL_WINDOWS_SSPI

  list(APPEND CURL_LIBS "crypt32")

endif()

if(CURL_WINDOWS_SSPI)

  set(USE_WINDOWS_SSPI ON)

  set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -DSECURITY_WIN32")

endif()



if(CMAKE_USE_DARWINSSL)

  find_library(COREFOUNDATION_FRAMEWORK "CoreFoundation")

  if(NOT COREFOUNDATION_FRAMEWORK)

      message(FATAL_ERROR "CoreFoundation framework not found")

  endif()



  find_library(SECURITY_FRAMEWORK "Security")

  if(NOT SECURITY_FRAMEWORK)

     message(FATAL_ERROR "Security framework not found")

  endif()



  set(SSL_ENABLED ON)

  set(USE_DARWINSSL ON)

  list(APPEND CURL_LIBS "${COREFOUNDATION_FRAMEWORK}" "${SECURITY_FRAMEWORK}")

endif()



if(CMAKE_USE_OPENSSL AND NOT SSL_ENABLED)

  find_package(OpenSSL REQUIRED)

  set(SSL_ENABLED ON)

  set(USE_OPENSSL ON)

  set(HAVE_LIBCRYPTO ON)

  set(HAVE_LIBSSL ON)

  list(APPEND CURL_LIBS ${OPENSSL_LIBRARIES})

  include_directories(${OPENSSL_INCLUDE_DIR})

  set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})

  check_include_file("openssl/crypto.h" HAVE_OPENSSL_CRYPTO_H)
@@ -327,9 +354,9 @@ if(CMAKE_USE_OPENSSL) 
  check_include_file("openssl/ssl.h"    HAVE_OPENSSL_SSL_H)

  check_include_file("openssl/x509.h"   HAVE_OPENSSL_X509_H)

  check_include_file("openssl/rand.h"   HAVE_OPENSSL_RAND_H)

  elseif(WIN32)

    set(CURL_WINDOWS_SSPI ON)

  endif()

  check_symbol_exists(RAND_status "${CURL_INCLUDES}" HAVE_RAND_STATUS)

  check_symbol_exists(RAND_screen "${CURL_INCLUDES}" HAVE_RAND_SCREEN)

  check_symbol_exists(RAND_egd    "${CURL_INCLUDES}" HAVE_RAND_EGD)

endif()



option(USE_NGHTTP2 "Use Nghttp2 library" OFF)
@@ -578,19 +605,7 @@ if(NOT UNIX) 
  check_include_file_concat("winsock.h"      HAVE_WINSOCK_H)

  check_include_file_concat("ws2tcpip.h"     HAVE_WS2TCPIP_H)

  check_include_file_concat("winsock2.h"     HAVE_WINSOCK2_H)

  if(CURL_WINDOWS_SSPI)

    set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -DSECURITY_WIN32")

    check_include_file_concat("sspi.h"       HAVE_SSPI_H)

    if(HAVE_SSPI_H)

      check_include_file_concat("schannel.h" HAVE_SCHANNEL_H)

      set(USE_WINDOWS_SSPI ON)

      if(HAVE_SCHANNEL_H)

        set(USE_SCHANNEL ON)

        set(SSL_ENABLED ON)

        set(CURL_LIBS ${CURL_LIBS} "crypt32")

      endif()

    endif()

  elseif(USE_OPENSSL)

  if(NOT CURL_WINDOWS_SSPI AND USE_OPENSSL)

    set(CURL_LIBS ${CURL_LIBS} "crypt32")

  endif()

endif(NOT UNIX)
@@ -781,14 +796,6 @@ check_symbol_exists(strlcat "${CURL_INCLUDES}" HAVE_STRLCAT) 
check_symbol_exists(getpwuid      "${CURL_INCLUDES}" HAVE_GETPWUID)

check_symbol_exists(geteuid       "${CURL_INCLUDES}" HAVE_GETEUID)

check_symbol_exists(utime         "${CURL_INCLUDES}" HAVE_UTIME)

if(CMAKE_USE_OPENSSL)

  check_symbol_exists(RAND_status   "${CURL_INCLUDES}" HAVE_RAND_STATUS)

  check_symbol_exists(RAND_screen   "${CURL_INCLUDES}" HAVE_RAND_SCREEN)

  check_symbol_exists(RAND_egd      "${CURL_INCLUDES}" HAVE_RAND_EGD)

  if(HAVE_LIBCRYPTO AND HAVE_LIBSSL)

    set(USE_OPENSSL 1)

  endif(HAVE_LIBCRYPTO AND HAVE_LIBSSL)

endif(CMAKE_USE_OPENSSL)

check_symbol_exists(gmtime_r      "${CURL_INCLUDES}" HAVE_GMTIME_R)

check_symbol_exists(localtime_r   "${CURL_INCLUDES}" HAVE_LOCALTIME_R)
@@ -1063,11 +1070,6 @@ if(BUILD_TESTING) 
  add_subdirectory(tests)

endif()



# TODO support GNUTLS, NSS, POLARSSL, AXTLS, CYASSL, WINSSL, DARWINSSL

if(USE_OPENSSL)

  set(SSL_ENABLED 1)

endif()



# Helper to populate a list (_items) with a label when conditions (the remaining

# args) are satisfied

function(_add_if label)