[libgit2.git] / cmake / SelectHTTPSBackend.cmake

include(SanitizeBool)

# We try to find any packages our backends might use
find_package(OpenSSL)
find_package(mbedTLS)
if(CMAKE_SYSTEM_NAME MATCHES "Darwin")
	find_package(Security)
	find_package(CoreFoundation)
endif()

if(USE_HTTPS)
	# Auto-select TLS backend
	sanitizebool(USE_HTTPS)
	if(USE_HTTPS STREQUAL ON)
		if(SECURITY_FOUND)
			if(SECURITY_HAS_SSLCREATECONTEXT)
				set(USE_HTTPS "SecureTransport")
			else()
				message(STATUS "Security framework is too old, falling back to OpenSSL")
				set(USE_HTTPS "OpenSSL")
			endif()
		elseif(USE_WINHTTP)
			set(USE_HTTPS "WinHTTP")
		elseif(OPENSSL_FOUND)
			set(USE_HTTPS "OpenSSL")
		elseif(MBEDTLS_FOUND)
			set(USE_HTTPS "mbedTLS")
		else()
			message(FATAL_ERROR "Unable to autodetect a usable HTTPS backend."
				"Please pass the backend name explicitly (-DUSE_HTTPS=backend)")
		endif()
	endif()

	# Check that we can find what's required for the selected backend
	if(USE_HTTPS STREQUAL "SecureTransport")
		if(NOT COREFOUNDATION_FOUND)
			message(FATAL_ERROR "Cannot use SecureTransport backend, CoreFoundation.framework not found")
		endif()
		if(NOT SECURITY_FOUND)
			message(FATAL_ERROR "Cannot use SecureTransport backend, Security.framework not found")
		endif()
		if(NOT SECURITY_HAS_SSLCREATECONTEXT)
			message(FATAL_ERROR "Cannot use SecureTransport backend, SSLCreateContext not supported")
		endif()

		set(GIT_SECURE_TRANSPORT 1)
		list(APPEND LIBGIT2_SYSTEM_INCLUDES ${SECURITY_INCLUDE_DIR})
		list(APPEND LIBGIT2_SYSTEM_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
		list(APPEND LIBGIT2_PC_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
	elseif(USE_HTTPS STREQUAL "OpenSSL")
		if(NOT OPENSSL_FOUND)
			message(FATAL_ERROR "Asked for OpenSSL TLS backend, but it wasn't found")
		endif()

		set(GIT_OPENSSL 1)
		list(APPEND LIBGIT2_SYSTEM_INCLUDES ${OPENSSL_INCLUDE_DIR})
		list(APPEND LIBGIT2_SYSTEM_LIBS ${OPENSSL_LIBRARIES})
		list(APPEND LIBGIT2_PC_LIBS ${OPENSSL_LDFLAGS})
		list(APPEND LIBGIT2_PC_REQUIRES "openssl")
	elseif(USE_HTTPS STREQUAL "mbedTLS")
		if(NOT MBEDTLS_FOUND)
			message(FATAL_ERROR "Asked for mbedTLS backend, but it wasn't found")
		endif()

		if(NOT CERT_LOCATION)
			message(STATUS "Auto-detecting default certificates location")
			if(EXISTS "/usr/local/opt/openssl/bin/openssl")
				# Check for an Homebrew installation
				set(OPENSSL_CMD "/usr/local/opt/openssl/bin/openssl")
			else()
				set(OPENSSL_CMD "openssl")
			endif()
			execute_process(COMMAND ${OPENSSL_CMD} version -d OUTPUT_VARIABLE OPENSSL_DIR OUTPUT_STRIP_TRAILING_WHITESPACE)
			if(OPENSSL_DIR)
				string(REGEX REPLACE "^OPENSSLDIR: \"(.*)\"$" "\\1/" OPENSSL_DIR ${OPENSSL_DIR})

				set(OPENSSL_CA_LOCATIONS
					"ca-bundle.pem"             # OpenSUSE Leap 42.1
					"cert.pem"                  # Ubuntu 14.04, FreeBSD
					"certs/ca-certificates.crt" # Ubuntu 16.04
					"certs/ca.pem"              # Debian 7
				)
				foreach(SUFFIX IN LISTS OPENSSL_CA_LOCATIONS)
					set(LOC "${OPENSSL_DIR}${SUFFIX}")
					if(NOT CERT_LOCATION AND EXISTS "${OPENSSL_DIR}${SUFFIX}")
						set(CERT_LOCATION ${LOC})
					endif()
				endforeach()
			else()
				message(FATAL_ERROR "Unable to find OpenSSL executable. Please provide default certificate location via CERT_LOCATION")
			endif()
		endif()

		if(CERT_LOCATION)
			if(NOT EXISTS ${CERT_LOCATION})
				message(FATAL_ERROR "Cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist")
			endif()
			add_feature_info(CERT_LOCATION ON "using certificates from ${CERT_LOCATION}")
			add_definitions(-DGIT_DEFAULT_CERT_LOCATION="${CERT_LOCATION}")
		endif()

		set(GIT_MBEDTLS 1)
		list(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR})
		list(APPEND LIBGIT2_SYSTEM_LIBS ${MBEDTLS_LIBRARIES})
		# mbedTLS has no pkgconfig file, hence we can't require it
		# https://github.com/ARMmbed/mbedtls/issues/228
		# For now, pass its link flags as our own
		list(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES})
	elseif(USE_HTTPS STREQUAL "WinHTTP")
		# WinHTTP setup was handled in the WinHTTP-specific block above
	elseif(USE_HTTPS STREQUAL "OpenSSL-Dynamic")
		set(GIT_OPENSSL 1)
		set(GIT_OPENSSL_DYNAMIC 1)
		list(APPEND LIBGIT2_SYSTEM_LIBS dl)
	else()
		message(FATAL_ERROR "Asked for backend ${USE_HTTPS} but it wasn't found")
	endif()

	set(GIT_HTTPS 1)
	add_feature_info(HTTPS GIT_HTTPS "using ${USE_HTTPS}")
else()
	set(GIT_HTTPS 0)
	add_feature_info(HTTPS NO "")
endif()
Commit	Line	Data
e579e0f7	1	include(SanitizeBool)
22a2d3d5 UG	2
22a2d3d5 UG	3	# We try to find any packages our backends might use
e579e0f7 MB	4	find_package(OpenSSL)
	5	find_package(mbedTLS)
	6	if(CMAKE_SYSTEM_NAME MATCHES "Darwin")
	7	find_package(Security)
	8	find_package(CoreFoundation)
	9	endif()
22a2d3d5	10
e579e0f7	11	if(USE_HTTPS)
22a2d3d5	12	# Auto-select TLS backend
e579e0f7 MB	13	sanitizebool(USE_HTTPS)
	14	if(USE_HTTPS STREQUAL ON)
	15	if(SECURITY_FOUND)
	16	if(SECURITY_HAS_SSLCREATECONTEXT)
	17	set(USE_HTTPS "SecureTransport")
	18	else()
	19	message(STATUS "Security framework is too old, falling back to OpenSSL")
	20	set(USE_HTTPS "OpenSSL")
	21	endif()
	22	elseif(USE_WINHTTP)
	23	set(USE_HTTPS "WinHTTP")
	24	elseif(OPENSSL_FOUND)
	25	set(USE_HTTPS "OpenSSL")
	26	elseif(MBEDTLS_FOUND)
	27	set(USE_HTTPS "mbedTLS")
	28	else()
	29	message(FATAL_ERROR "Unable to autodetect a usable HTTPS backend."
22a2d3d5	30	"Please pass the backend name explicitly (-DUSE_HTTPS=backend)")
e579e0f7 MB	31	endif()
e579e0f7 MB	32	endif()
22a2d3d5 UG	33
22a2d3d5 UG	34	# Check that we can find what's required for the selected backend
e579e0f7 MB	35	if(USE_HTTPS STREQUAL "SecureTransport")
	36	if(NOT COREFOUNDATION_FOUND)
	37	message(FATAL_ERROR "Cannot use SecureTransport backend, CoreFoundation.framework not found")
	38	endif()
	39	if(NOT SECURITY_FOUND)
	40	message(FATAL_ERROR "Cannot use SecureTransport backend, Security.framework not found")
	41	endif()
	42	if(NOT SECURITY_HAS_SSLCREATECONTEXT)
	43	message(FATAL_ERROR "Cannot use SecureTransport backend, SSLCreateContext not supported")
	44	endif()
22a2d3d5	45
e579e0f7 MB	46	set(GIT_SECURE_TRANSPORT 1)
	47	list(APPEND LIBGIT2_SYSTEM_INCLUDES ${SECURITY_INCLUDE_DIR})
	48	list(APPEND LIBGIT2_SYSTEM_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
	49	list(APPEND LIBGIT2_PC_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
	50	elseif(USE_HTTPS STREQUAL "OpenSSL")
	51	if(NOT OPENSSL_FOUND)
	52	message(FATAL_ERROR "Asked for OpenSSL TLS backend, but it wasn't found")
	53	endif()
22a2d3d5	54
e579e0f7 MB	55	set(GIT_OPENSSL 1)
	56	list(APPEND LIBGIT2_SYSTEM_INCLUDES ${OPENSSL_INCLUDE_DIR})
	57	list(APPEND LIBGIT2_SYSTEM_LIBS ${OPENSSL_LIBRARIES})
	58	list(APPEND LIBGIT2_PC_LIBS ${OPENSSL_LDFLAGS})
	59	list(APPEND LIBGIT2_PC_REQUIRES "openssl")
	60	elseif(USE_HTTPS STREQUAL "mbedTLS")
	61	if(NOT MBEDTLS_FOUND)
	62	message(FATAL_ERROR "Asked for mbedTLS backend, but it wasn't found")
	63	endif()
22a2d3d5	64
e579e0f7 MB	65	if(NOT CERT_LOCATION)
e579e0f7 MB	66	message(STATUS "Auto-detecting default certificates location")
ad5611d8	67	if(EXISTS "/usr/local/opt/openssl/bin/openssl")
22a2d3d5	68	# Check for an Homebrew installation
e579e0f7 MB	69	set(OPENSSL_CMD "/usr/local/opt/openssl/bin/openssl")
	70	else()
	71	set(OPENSSL_CMD "openssl")
	72	endif()
	73	execute_process(COMMAND ${OPENSSL_CMD} version -d OUTPUT_VARIABLE OPENSSL_DIR OUTPUT_STRIP_TRAILING_WHITESPACE)
	74	if(OPENSSL_DIR)
	75	string(REGEX REPLACE "^OPENSSLDIR: \"(.*)\"$" "\\1/" OPENSSL_DIR ${OPENSSL_DIR})
22a2d3d5	76
e579e0f7	77	set(OPENSSL_CA_LOCATIONS
22a2d3d5 UG	78	"ca-bundle.pem" # OpenSUSE Leap 42.1
	79	"cert.pem" # Ubuntu 14.04, FreeBSD
	80	"certs/ca-certificates.crt" # Ubuntu 16.04
	81	"certs/ca.pem" # Debian 7
	82	)
e579e0f7 MB	83	foreach(SUFFIX IN LISTS OPENSSL_CA_LOCATIONS)
	84	set(LOC "${OPENSSL_DIR}${SUFFIX}")
	85	if(NOT CERT_LOCATION AND EXISTS "${OPENSSL_DIR}${SUFFIX}")
	86	set(CERT_LOCATION ${LOC})
	87	endif()
	88	endforeach()
	89	else()
	90	message(FATAL_ERROR "Unable to find OpenSSL executable. Please provide default certificate location via CERT_LOCATION")
	91	endif()
	92	endif()
22a2d3d5	93
e579e0f7 MB	94	if(CERT_LOCATION)
	95	if(NOT EXISTS ${CERT_LOCATION})
	96	message(FATAL_ERROR "Cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist")
	97	endif()
	98	add_feature_info(CERT_LOCATION ON "using certificates from ${CERT_LOCATION}")
	99	add_definitions(-DGIT_DEFAULT_CERT_LOCATION="${CERT_LOCATION}")
	100	endif()
22a2d3d5	101
e579e0f7 MB	102	set(GIT_MBEDTLS 1)
	103	list(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR})
	104	list(APPEND LIBGIT2_SYSTEM_LIBS ${MBEDTLS_LIBRARIES})
22a2d3d5 UG	105	# mbedTLS has no pkgconfig file, hence we can't require it
	106	# https://github.com/ARMmbed/mbedtls/issues/228
	107	# For now, pass its link flags as our own
e579e0f7 MB	108	list(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES})
e579e0f7 MB	109	elseif(USE_HTTPS STREQUAL "WinHTTP")
22a2d3d5	110	# WinHTTP setup was handled in the WinHTTP-specific block above
e579e0f7 MB	111	elseif(USE_HTTPS STREQUAL "OpenSSL-Dynamic")
	112	set(GIT_OPENSSL 1)
	113	set(GIT_OPENSSL_DYNAMIC 1)
	114	list(APPEND LIBGIT2_SYSTEM_LIBS dl)
	115	else()
	116	message(FATAL_ERROR "Asked for backend ${USE_HTTPS} but it wasn't found")
	117	endif()
22a2d3d5	118
e579e0f7 MB	119	set(GIT_HTTPS 1)
	120	add_feature_info(HTTPS GIT_HTTPS "using ${USE_HTTPS}")
	121	else()
	122	set(GIT_HTTPS 0)
	123	add_feature_info(HTTPS NO "")
	124	endif()