diff options
| author | Etienne Samson <samson.etienne@gmail.com> | 2019-06-13 16:48:35 +0200 |
|---|---|---|
| committer | Etienne Samson <samson.etienne@gmail.com> | 2019-06-14 12:07:00 +0200 |
| commit | 94fc83b6d7f179190142b91abd0d22240aced0c1 (patch) | |
| tree | 3737f1a6f4340e8e96391f2f9862136ca122c60c /src/CMakeLists.txt | |
| parent | 231ccbeb1df01715646c788b6316046dfecda4c7 (diff) | |
| download | libgit2-94fc83b6d7f179190142b91abd0d22240aced0c1.tar.gz | |
cmake: Modulize our TLS & hash detection
The interactions between `USE_HTTPS` and `SHA1_BACKEND` have been
streamlined. Previously we would have accepted not quite working
configurations (like, `-DUSE_HTTPS=OFF -DSHA1_BACKEND=OpenSSL`) and, as
the OpenSSL detection only ran with `USE_HTTPS`, the link would fail.
The detection was moved to a new `USE_SHA1`, modeled after `USE_HTTPS`,
which takes the values "CollisionDetection/Backend/Generic", to better
match how the "hashing backend" is selected, the default (ON) being
"CollisionDetection".
Note that, as `SHA1_BACKEND` is still used internally, you might need to
check what customization you're using it for.
Diffstat (limited to 'src/CMakeLists.txt')
| -rw-r--r-- | src/CMakeLists.txt | 168 |
1 files changed, 2 insertions, 166 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 5a0cf347c..7ab183210 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -122,172 +122,8 @@ IF (WIN32 AND WINHTTP) LIST(APPEND LIBGIT2_PC_LIBS "-lrpcrt4" "-lcrypt32" "-lole32") ENDIF() -IF (USE_HTTPS) - # We try to find any packages our backends might use - FIND_PACKAGE(OpenSSL) - FIND_PACKAGE(mbedTLS) - IF (CMAKE_SYSTEM_NAME MATCHES "Darwin") - FIND_PACKAGE(Security) - FIND_PACKAGE(CoreFoundation) - ENDIF() - - # Auto-select TLS backend - IF (USE_HTTPS STREQUAL ON) - IF (SECURITY_FOUND) - IF (SECURITY_HAS_SSLCREATECONTEXT) - SET(HTTPS_BACKEND "SecureTransport") - ELSE() - MESSAGE("-- Security framework is too old, falling back to OpenSSL") - SET(HTTPS_BACKEND "OpenSSL") - ENDIF() - ELSEIF (WINHTTP) - SET(HTTPS_BACKEND "WinHTTP") - ELSEIF(OPENSSL_FOUND) - SET(HTTPS_BACKEND "OpenSSL") - ELSEIF(MBEDTLS_FOUND) - SET(HTTPS_BACKEND "mbedTLS") - ELSE() - MESSAGE(FATAL_ERROR "Unable to autodetect a usable HTTPS backend." - "Please pass the backend name explicitly (-DUSE_HTTPS=backend)") - ENDIF() - ELSE() - # Backend was explicitly set - SET(HTTPS_BACKEND ${USE_HTTPS}) - ENDIF() - - # Check that we can find what's required for the selected backend - IF (HTTPS_BACKEND STREQUAL "SecureTransport") - IF (NOT COREFOUNDATION_FOUND) - MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, CoreFoundation.framework not found") - ENDIF() - IF (NOT SECURITY_FOUND) - MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, Security.framework not found") - ENDIF() - IF (NOT SECURITY_HAS_SSLCREATECONTEXT) - MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, SSLCreateContext not supported") - ENDIF() - - SET(GIT_SECURE_TRANSPORT 1) - LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${SECURITY_INCLUDE_DIR}) - LIST(APPEND LIBGIT2_LIBS ${COREFOUNDATION_LIBRARIES} ${SECURITY_LIBRARIES}) - LIST(APPEND LIBGIT2_PC_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS}) - ELSEIF (HTTPS_BACKEND STREQUAL "OpenSSL") - IF (NOT OPENSSL_FOUND) - MESSAGE(FATAL_ERROR "Asked for OpenSSL TLS backend, but it wasn't found") - ENDIF() - - SET(GIT_OPENSSL 1) - LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${OPENSSL_INCLUDE_DIR}) - LIST(APPEND LIBGIT2_LIBS ${OPENSSL_LIBRARIES}) - LIST(APPEND LIBGIT2_PC_LIBS ${OPENSSL_LDFLAGS}) - LIST(APPEND LIBGIT2_PC_REQUIRES "openssl") - ELSEIF(HTTPS_BACKEND STREQUAL "mbedTLS") - IF (NOT MBEDTLS_FOUND) - MESSAGE(FATAL_ERROR "Asked for mbedTLS backend, but it wasn't found") - ENDIF() - - IF(NOT CERT_LOCATION) - MESSAGE("Auto-detecting default certificates location") - IF(CMAKE_SYSTEM_NAME MATCHES Darwin) - # Check for an Homebrew installation - SET(OPENSSL_CMD "/usr/local/opt/openssl/bin/openssl") - ELSE() - SET(OPENSSL_CMD "openssl") - ENDIF() - EXECUTE_PROCESS(COMMAND ${OPENSSL_CMD} version -d OUTPUT_VARIABLE OPENSSL_DIR OUTPUT_STRIP_TRAILING_WHITESPACE) - IF(OPENSSL_DIR) - STRING(REGEX REPLACE "^OPENSSLDIR: \"(.*)\"$" "\\1/" OPENSSL_DIR ${OPENSSL_DIR}) - - SET(OPENSSL_CA_LOCATIONS - "ca-bundle.pem" # OpenSUSE Leap 42.1 - "cert.pem" # Ubuntu 14.04, FreeBSD - "certs/ca-certificates.crt" # Ubuntu 16.04 - "certs/ca.pem" # Debian 7 - ) - FOREACH(SUFFIX IN LISTS OPENSSL_CA_LOCATIONS) - SET(LOC "${OPENSSL_DIR}${SUFFIX}") - IF(NOT CERT_LOCATION AND EXISTS "${OPENSSL_DIR}${SUFFIX}") - SET(CERT_LOCATION ${LOC}) - ENDIF() - ENDFOREACH() - ELSE() - MESSAGE("Unable to find OpenSSL executable. Please provide default certificate location via CERT_LOCATION") - ENDIF() - ENDIF() - - IF(CERT_LOCATION) - IF(NOT EXISTS ${CERT_LOCATION}) - MESSAGE(FATAL_ERROR "Cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist") - ENDIF() - ADD_FEATURE_INFO(CERT_LOCATION ON "using certificates from ${CERT_LOCATION}") - ADD_DEFINITIONS(-DGIT_DEFAULT_CERT_LOCATION="${CERT_LOCATION}") - ENDIF() - - SET(GIT_MBEDTLS 1) - LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR}) - LIST(APPEND LIBGIT2_LIBS ${MBEDTLS_LIBRARIES}) - # mbedTLS has no pkgconfig file, hence we can't require it - # https://github.com/ARMmbed/mbedtls/issues/228 - # For now, pass its link flags as our own - LIST(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES}) - ELSEIF (HTTPS_BACKEND STREQUAL "WinHTTP") - # WinHTTP setup was handled in the WinHTTP-specific block above - ELSE() - MESSAGE(FATAL_ERROR "Asked for backend ${HTTPS_BACKEND} but it wasn't found") - ENDIF() - - ADD_FEATURE_INFO(HTTPS ON "using ${HTTPS_BACKEND}") - SET(GIT_HTTPS 1) -ELSE() - ADD_FEATURE_INFO(HTTPS OFF "no support") -ENDIF() - -# Specify sha1 implementation -IF(SHA1_BACKEND STREQUAL "OpenSSL") - IF(NOT OPENSSL_FOUND) - FIND_PACKAGE(OpenSSL) - IF(NOT OPENSSL_FOUND) - MESSAGE(FATAL_ERROR "Requested OpenSSL SHA1 backend, but OpenSSL could not be found") - ENDIF() - ENDIF() - - ADD_FEATURE_INFO(SHA ON "using OpenSSL") - SET(GIT_SHA1_OPENSSL 1) - IF(CMAKE_SYSTEM_NAME MATCHES "FreeBSD") - LIST(APPEND LIBGIT2_PC_LIBS "-lssl") - ELSE() - LIST(APPEND LIBGIT2_PC_REQUIRES "openssl") - ENDIF() -ELSEIF(SHA1_BACKEND STREQUAL "CollisionDetection") - ADD_FEATURE_INFO(SHA ON "using CollisionDetection") - SET(GIT_SHA1_COLLISIONDETECT 1) - ADD_DEFINITIONS(-DSHA1DC_NO_STANDARD_INCLUDES=1) - ADD_DEFINITIONS(-DSHA1DC_CUSTOM_INCLUDE_SHA1_C=\"common.h\") - ADD_DEFINITIONS(-DSHA1DC_CUSTOM_INCLUDE_UBC_CHECK_C=\"common.h\") - FILE(GLOB SRC_SHA1 hash/hash_collisiondetect.c hash/sha1dc/*) -ELSEIF(SHA1_BACKEND STREQUAL "Generic") - ADD_FEATURE_INFO(SHA ON "using Generic") - FILE(GLOB SRC_SHA1 hash/hash_generic.c) -ELSEIF(SHA1_BACKEND STREQUAL "Win32") - ADD_FEATURE_INFO(SHA ON "using Win32") - SET(GIT_SHA1_WIN32 1) - FILE(GLOB SRC_SHA1 hash/hash_win32.c) -ELSEIF(SHA1_BACKEND STREQUAL "CommonCrypto") - ADD_FEATURE_INFO(SHA ON "using CommonCrypto") - SET(GIT_SHA1_COMMON_CRYPTO 1) -ELSEIF (SHA1_BACKEND STREQUAL "mbedTLS") - ADD_FEATURE_INFO(SHA ON "using mbedTLS") - SET(GIT_SHA1_MBEDTLS 1) - FILE(GLOB SRC_SHA1 hash/hash_mbedtls.c) - LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR}) - LIST(APPEND LIBGIT2_LIBS ${MBEDTLS_LIBRARIES}) - # mbedTLS has no pkgconfig file, hence we can't require it - # https://github.com/ARMmbed/mbedtls/issues/228 - # For now, pass its link flags as our own - LIST(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES}) -ELSE() - MESSAGE(FATAL_ERROR "Asked for unknown SHA1 backend ${SHA1_BACKEND}") -ENDIF() +Include(SelectHTTPSBackend) +Include(SelectHashes) # Specify regular expression implementation FIND_PACKAGE(PCRE) |