summaryrefslogtreecommitdiff
path: root/cmake
diff options
context:
space:
mode:
authorEtienne Samson <samson.etienne@gmail.com>2019-06-13 16:48:35 +0200
committerEtienne Samson <samson.etienne@gmail.com>2019-06-14 12:07:00 +0200
commit94fc83b6d7f179190142b91abd0d22240aced0c1 (patch)
tree3737f1a6f4340e8e96391f2f9862136ca122c60c /cmake
parent231ccbeb1df01715646c788b6316046dfecda4c7 (diff)
downloadlibgit2-94fc83b6d7f179190142b91abd0d22240aced0c1.tar.gz
cmake: Modulize our TLS & hash detection
The interactions between `USE_HTTPS` and `SHA1_BACKEND` have been streamlined. Previously we would have accepted not quite working configurations (like, `-DUSE_HTTPS=OFF -DSHA1_BACKEND=OpenSSL`) and, as the OpenSSL detection only ran with `USE_HTTPS`, the link would fail. The detection was moved to a new `USE_SHA1`, modeled after `USE_HTTPS`, which takes the values "CollisionDetection/Backend/Generic", to better match how the "hashing backend" is selected, the default (ON) being "CollisionDetection". Note that, as `SHA1_BACKEND` is still used internally, you might need to check what customization you're using it for.
Diffstat (limited to 'cmake')
-rw-r--r--cmake/Modules/SelectHTTPSBackend.cmake126
-rw-r--r--cmake/Modules/SelectHashes.cmake64
2 files changed, 190 insertions, 0 deletions
diff --git a/cmake/Modules/SelectHTTPSBackend.cmake b/cmake/Modules/SelectHTTPSBackend.cmake
new file mode 100644
index 000000000..a97ebe320
--- /dev/null
+++ b/cmake/Modules/SelectHTTPSBackend.cmake
@@ -0,0 +1,126 @@
+# Select the backend to use
+
+# We try to find any packages our backends might use
+FIND_PACKAGE(OpenSSL)
+FIND_PACKAGE(mbedTLS)
+IF (CMAKE_SYSTEM_NAME MATCHES "Darwin")
+ FIND_PACKAGE(Security)
+ FIND_PACKAGE(CoreFoundation)
+ENDIF()
+
+# Auto-select TLS backend
+IF (USE_HTTPS STREQUAL ON)
+ message(ON)
+ IF (SECURITY_FOUND)
+ IF (SECURITY_HAS_SSLCREATECONTEXT)
+ SET(HTTPS_BACKEND "SecureTransport")
+ ELSE()
+ MESSAGE("-- Security framework is too old, falling back to OpenSSL")
+ SET(HTTPS_BACKEND "OpenSSL")
+ ENDIF()
+ ELSEIF (WINHTTP)
+ SET(HTTPS_BACKEND "WinHTTP")
+ ELSEIF(OPENSSL_FOUND)
+ SET(HTTPS_BACKEND "OpenSSL")
+ ELSEIF(MBEDTLS_FOUND)
+ SET(HTTPS_BACKEND "mbedTLS")
+ ELSE()
+ MESSAGE(FATAL_ERROR "Unable to autodetect a usable HTTPS backend."
+ "Please pass the backend name explicitly (-DUSE_HTTPS=backend)")
+ ENDIF()
+ELSEIF(USE_HTTPS)
+ message(expl)
+ # HTTPS backend was explicitly set
+ SET(HTTPS_BACKEND ${USE_HTTPS})
+ELSE()
+ SET(HTTPS_BACKEND NO)
+ENDIF()
+
+IF(HTTPS_BACKEND)
+ # Check that we can find what's required for the selected backend
+ IF (HTTPS_BACKEND STREQUAL "SecureTransport")
+ IF (NOT COREFOUNDATION_FOUND)
+ MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, CoreFoundation.framework not found")
+ ENDIF()
+ IF (NOT SECURITY_FOUND)
+ MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, Security.framework not found")
+ ENDIF()
+ IF (NOT SECURITY_HAS_SSLCREATECONTEXT)
+ MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, SSLCreateContext not supported")
+ ENDIF()
+
+ SET(GIT_SECURE_TRANSPORT 1)
+ LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${SECURITY_INCLUDE_DIR})
+ LIST(APPEND LIBGIT2_LIBS ${COREFOUNDATION_LIBRARIES} ${SECURITY_LIBRARIES})
+ LIST(APPEND LIBGIT2_PC_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
+ ELSEIF (HTTPS_BACKEND STREQUAL "OpenSSL")
+ IF (NOT OPENSSL_FOUND)
+ MESSAGE(FATAL_ERROR "Asked for OpenSSL TLS backend, but it wasn't found")
+ ENDIF()
+
+ SET(GIT_OPENSSL 1)
+ LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${OPENSSL_INCLUDE_DIR})
+ LIST(APPEND LIBGIT2_LIBS ${OPENSSL_LIBRARIES})
+ LIST(APPEND LIBGIT2_PC_LIBS ${OPENSSL_LDFLAGS})
+ LIST(APPEND LIBGIT2_PC_REQUIRES "openssl")
+ ELSEIF(HTTPS_BACKEND STREQUAL "mbedTLS")
+ IF (NOT MBEDTLS_FOUND)
+ MESSAGE(FATAL_ERROR "Asked for mbedTLS backend, but it wasn't found")
+ ENDIF()
+
+ IF(NOT CERT_LOCATION)
+ MESSAGE("Auto-detecting default certificates location")
+ IF(CMAKE_SYSTEM_NAME MATCHES Darwin)
+ # Check for an Homebrew installation
+ SET(OPENSSL_CMD "/usr/local/opt/openssl/bin/openssl")
+ ELSE()
+ SET(OPENSSL_CMD "openssl")
+ ENDIF()
+ EXECUTE_PROCESS(COMMAND ${OPENSSL_CMD} version -d OUTPUT_VARIABLE OPENSSL_DIR OUTPUT_STRIP_TRAILING_WHITESPACE)
+ IF(OPENSSL_DIR)
+ STRING(REGEX REPLACE "^OPENSSLDIR: \"(.*)\"$" "\\1/" OPENSSL_DIR ${OPENSSL_DIR})
+
+ SET(OPENSSL_CA_LOCATIONS
+ "ca-bundle.pem" # OpenSUSE Leap 42.1
+ "cert.pem" # Ubuntu 14.04, FreeBSD
+ "certs/ca-certificates.crt" # Ubuntu 16.04
+ "certs/ca.pem" # Debian 7
+ )
+ FOREACH(SUFFIX IN LISTS OPENSSL_CA_LOCATIONS)
+ SET(LOC "${OPENSSL_DIR}${SUFFIX}")
+ IF(NOT CERT_LOCATION AND EXISTS "${OPENSSL_DIR}${SUFFIX}")
+ SET(CERT_LOCATION ${LOC})
+ ENDIF()
+ ENDFOREACH()
+ ELSE()
+ MESSAGE("Unable to find OpenSSL executable. Please provide default certificate location via CERT_LOCATION")
+ ENDIF()
+ ENDIF()
+
+ IF(CERT_LOCATION)
+ IF(NOT EXISTS ${CERT_LOCATION})
+ MESSAGE(FATAL_ERROR "Cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist")
+ ENDIF()
+ ADD_FEATURE_INFO(CERT_LOCATION ON "using certificates from ${CERT_LOCATION}")
+ ADD_DEFINITIONS(-DGIT_DEFAULT_CERT_LOCATION="${CERT_LOCATION}")
+ ENDIF()
+
+ SET(GIT_MBEDTLS 1)
+ LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR})
+ LIST(APPEND LIBGIT2_LIBS ${MBEDTLS_LIBRARIES})
+ # mbedTLS has no pkgconfig file, hence we can't require it
+ # https://github.com/ARMmbed/mbedtls/issues/228
+ # For now, pass its link flags as our own
+ LIST(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES})
+ ELSEIF (HTTPS_BACKEND STREQUAL "WinHTTP")
+ # WinHTTP setup was handled in the WinHTTP-specific block above
+ ELSE()
+ MESSAGE(FATAL_ERROR "Asked for backend ${HTTPS_BACKEND} but it wasn't found")
+ ENDIF()
+
+ SET(GIT_HTTPS 1)
+ ADD_FEATURE_INFO(HTTPS GIT_HTTPS "using ${HTTPS_BACKEND}")
+ELSE()
+ SET(GIT_HTTPS 0)
+ ADD_FEATURE_INFO(HTTPS NO "")
+ENDIF()
diff --git a/cmake/Modules/SelectHashes.cmake b/cmake/Modules/SelectHashes.cmake
new file mode 100644
index 000000000..450e2bddb
--- /dev/null
+++ b/cmake/Modules/SelectHashes.cmake
@@ -0,0 +1,64 @@
+# Select a hash backend
+
+# USE_SHA1=CollisionDetection(ON)/HTTPS/Generic/OFF
+
+IF(USE_SHA1 STREQUAL ON OR USE_SHA1 STREQUAL "CollisionDetection")
+ SET(SHA1_BACKEND "CollisionDetection")
+ELSEIF(USE_SHA1 STREQUAL "HTTPS")
+ message("Checking HTTPS backend… ${HTTPS_BACKEND}")
+ IF(HTTPS_BACKEND STREQUAL "SecureTransport")
+ SET(SHA1_BACKEND "CommonCrypto")
+ ELSEIF(HTTPS_BACKEND STREQUAL "WinHTTP")
+ SET(SHA1_BACKEND "Win32")
+ ELSEIF(HTTPS_BACKEND)
+ SET(SHA1_BACKEND ${HTTPS_BACKEND})
+ ELSE()
+ ENDIF()
+ IF(NOT HTTPS_BACKEND)
+ SET(SHA1_BACKEND "CollisionDetection")
+ ENDIF()
+ message(STATUS "Using SHA1 backend ${SHA1_BACKEND}")
+ELSEIF(USE_SHA1 STREQUAL "Generic")
+ SET(SHA1_BACKEND "Generic")
+# ELSEIF(NOT USE_SHA1)
+ELSE()
+ MESSAGE(FATAL_ERROR "Invalid value for USE_SHA1: ${USE_SHA1}")
+ENDIF()
+
+IF(SHA1_BACKEND STREQUAL "CollisionDetection")
+ SET(GIT_SHA1_COLLISIONDETECT 1)
+ ADD_DEFINITIONS(-DSHA1DC_NO_STANDARD_INCLUDES=1)
+ ADD_DEFINITIONS(-DSHA1DC_CUSTOM_INCLUDE_SHA1_C=\"common.h\")
+ ADD_DEFINITIONS(-DSHA1DC_CUSTOM_INCLUDE_UBC_CHECK_C=\"common.h\")
+ FILE(GLOB SRC_SHA1 hash/hash_collisiondetect.c hash/sha1dc/*)
+ELSEIF(SHA1_BACKEND STREQUAL "OpenSSL")
+ # OPENSSL_FOUND should already be set, we're checking HTTPS_BACKEND
+
+ SET(GIT_SHA1_OPENSSL 1)
+ IF(CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
+ LIST(APPEND LIBGIT2_PC_LIBS "-lssl")
+ ELSE()
+ LIST(APPEND LIBGIT2_PC_REQUIRES "openssl")
+ ENDIF()
+ELSEIF(SHA1_BACKEND STREQUAL "CommonCrypto")
+ SET(GIT_SHA1_COMMON_CRYPTO 1)
+ELSEIF(SHA1_BACKEND STREQUAL "mbedTLS")
+ SET(GIT_SHA1_MBEDTLS 1)
+ FILE(GLOB SRC_SHA1 hash/hash_mbedtls.c)
+ LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR})
+ LIST(APPEND LIBGIT2_LIBS ${MBEDTLS_LIBRARIES})
+ # mbedTLS has no pkgconfig file, hence we can't require it
+ # https://github.com/ARMmbed/mbedtls/issues/228
+ # For now, pass its link flags as our own
+ LIST(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES})
+ELSEIF(SHA1_BACKEND STREQUAL "Win32")
+ SET(GIT_SHA1_WIN32 1)
+ FILE(GLOB SRC_SHA1 hash/hash_win32.c)
+ELSEIF(SHA1_BACKEND STREQUAL "Generic")
+ FILE(GLOB SRC_SHA1 hash/hash_generic.c)
+# ELSEIF(NOT USE_SHA1)
+ELSE()
+ MESSAGE(FATAL_ERROR "Asked for unknown SHA1 backend: ${SHA1_BACKEND}")
+ENDIF()
+
+ADD_FEATURE_INFO(SHA ON "using ${SHA1_BACKEND}")
View Lorry Controller Status