[libgit2.git] / cmake / Modules / SelectHTTPSBackend.cmake

# Select the backend to use

INCLUDE(SanitizeBool)

# We try to find any packages our backends might use
FIND_PACKAGE(OpenSSL)
FIND_PACKAGE(mbedTLS)
IF (CMAKE_SYSTEM_NAME MATCHES "Darwin")
	FIND_PACKAGE(Security)
	FIND_PACKAGE(CoreFoundation)
ENDIF()

# Auto-select TLS backend
SanitizeBool(USE_HTTPS)
IF (USE_HTTPS STREQUAL ON)
	IF (SECURITY_FOUND)
		IF (SECURITY_HAS_SSLCREATECONTEXT)
			SET(HTTPS_BACKEND "SecureTransport")
		ELSE()
			MESSAGE(STATUS "Security framework is too old, falling back to OpenSSL")
			SET(HTTPS_BACKEND "OpenSSL")
		ENDIF()
	ELSEIF (WINHTTP)
		SET(HTTPS_BACKEND "WinHTTP")
	ELSEIF(OPENSSL_FOUND)
		SET(HTTPS_BACKEND "OpenSSL")
	ELSEIF(MBEDTLS_FOUND)
		SET(HTTPS_BACKEND "mbedTLS")
	ELSE()
		MESSAGE(FATAL_ERROR "Unable to autodetect a usable HTTPS backend."
			"Please pass the backend name explicitly (-DUSE_HTTPS=backend)")
	ENDIF()
ELSEIF(USE_HTTPS)
	# HTTPS backend was explicitly set
	SET(HTTPS_BACKEND ${USE_HTTPS})
ELSE()
	SET(HTTPS_BACKEND NO)
ENDIF()

IF(HTTPS_BACKEND)
	# Check that we can find what's required for the selected backend
	IF (HTTPS_BACKEND STREQUAL "SecureTransport")
		IF (NOT COREFOUNDATION_FOUND)
			MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, CoreFoundation.framework not found")
		ENDIF()
		IF (NOT SECURITY_FOUND)
			MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, Security.framework not found")
		ENDIF()
		IF (NOT SECURITY_HAS_SSLCREATECONTEXT)
			MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, SSLCreateContext not supported")
		ENDIF()

		SET(GIT_SECURE_TRANSPORT 1)
		LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${SECURITY_INCLUDE_DIR})
		LIST(APPEND LIBGIT2_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
		LIST(APPEND LIBGIT2_PC_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
	ELSEIF (HTTPS_BACKEND STREQUAL "OpenSSL")
		IF (NOT OPENSSL_FOUND)
			MESSAGE(FATAL_ERROR "Asked for OpenSSL TLS backend, but it wasn't found")
		ENDIF()

		SET(GIT_OPENSSL 1)
		LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${OPENSSL_INCLUDE_DIR})
		LIST(APPEND LIBGIT2_LIBS ${OPENSSL_LIBRARIES})
		LIST(APPEND LIBGIT2_PC_LIBS ${OPENSSL_LDFLAGS})
		LIST(APPEND LIBGIT2_PC_REQUIRES "openssl")
	ELSEIF(HTTPS_BACKEND STREQUAL "mbedTLS")
		IF (NOT MBEDTLS_FOUND)
			MESSAGE(FATAL_ERROR "Asked for mbedTLS backend, but it wasn't found")
		ENDIF()

		IF(NOT CERT_LOCATION)
			MESSAGE(STATUS "Auto-detecting default certificates location")
			IF(CMAKE_SYSTEM_NAME MATCHES Darwin)
				# Check for an Homebrew installation
				SET(OPENSSL_CMD "/usr/local/opt/openssl/bin/openssl")
			ELSE()
				SET(OPENSSL_CMD "openssl")
			ENDIF()
			EXECUTE_PROCESS(COMMAND ${OPENSSL_CMD} version -d OUTPUT_VARIABLE OPENSSL_DIR OUTPUT_STRIP_TRAILING_WHITESPACE)
			IF(OPENSSL_DIR)
				STRING(REGEX REPLACE "^OPENSSLDIR: \"(.*)\"$" "\\1/" OPENSSL_DIR ${OPENSSL_DIR})

				SET(OPENSSL_CA_LOCATIONS
					"ca-bundle.pem"             # OpenSUSE Leap 42.1
					"cert.pem"                  # Ubuntu 14.04, FreeBSD
					"certs/ca-certificates.crt" # Ubuntu 16.04
					"certs/ca.pem"              # Debian 7
				)
				FOREACH(SUFFIX IN LISTS OPENSSL_CA_LOCATIONS)
					SET(LOC "${OPENSSL_DIR}${SUFFIX}")
					IF(NOT CERT_LOCATION AND EXISTS "${OPENSSL_DIR}${SUFFIX}")
						SET(CERT_LOCATION ${LOC})
					ENDIF()
				ENDFOREACH()
			ELSE()
				MESSAGE(FATAL_ERROR "Unable to find OpenSSL executable. Please provide default certificate location via CERT_LOCATION")
			ENDIF()
		ENDIF()

		IF(CERT_LOCATION)
			IF(NOT EXISTS ${CERT_LOCATION})
				MESSAGE(FATAL_ERROR "Cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist")
			ENDIF()
			ADD_FEATURE_INFO(CERT_LOCATION ON "using certificates from ${CERT_LOCATION}")
			ADD_DEFINITIONS(-DGIT_DEFAULT_CERT_LOCATION="${CERT_LOCATION}")
		ENDIF()

		SET(GIT_MBEDTLS 1)
		LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR})
		LIST(APPEND LIBGIT2_LIBS ${MBEDTLS_LIBRARIES})
		# mbedTLS has no pkgconfig file, hence we can't require it
		# https://github.com/ARMmbed/mbedtls/issues/228
		# For now, pass its link flags as our own
		LIST(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES})
	ELSEIF (HTTPS_BACKEND STREQUAL "WinHTTP")
		# WinHTTP setup was handled in the WinHTTP-specific block above
	ELSE()
		MESSAGE(FATAL_ERROR "Asked for backend ${HTTPS_BACKEND} but it wasn't found")
	ENDIF()

	SET(GIT_HTTPS 1)
	ADD_FEATURE_INFO(HTTPS GIT_HTTPS "using ${HTTPS_BACKEND}")
ELSE()
	SET(GIT_HTTPS 0)
	ADD_FEATURE_INFO(HTTPS NO "")
ENDIF()
Commit	Line	Data
0c9c969a UG	1	# Select the backend to use
0c9c969a UG	2
66a70851 UG	3	INCLUDE(SanitizeBool)
66a70851 UG	4
0c9c969a UG	5	# We try to find any packages our backends might use
	6	FIND_PACKAGE(OpenSSL)
	7	FIND_PACKAGE(mbedTLS)
	8	IF (CMAKE_SYSTEM_NAME MATCHES "Darwin")
	9	FIND_PACKAGE(Security)
	10	FIND_PACKAGE(CoreFoundation)
	11	ENDIF()
	12
	13	# Auto-select TLS backend
66a70851	14	SanitizeBool(USE_HTTPS)
0c9c969a UG	15	IF (USE_HTTPS STREQUAL ON)
	16	IF (SECURITY_FOUND)
	17	IF (SECURITY_HAS_SSLCREATECONTEXT)
	18	SET(HTTPS_BACKEND "SecureTransport")
	19	ELSE()
	20	MESSAGE(STATUS "Security framework is too old, falling back to OpenSSL")
	21	SET(HTTPS_BACKEND "OpenSSL")
	22	ENDIF()
	23	ELSEIF (WINHTTP)
	24	SET(HTTPS_BACKEND "WinHTTP")
	25	ELSEIF(OPENSSL_FOUND)
	26	SET(HTTPS_BACKEND "OpenSSL")
	27	ELSEIF(MBEDTLS_FOUND)
	28	SET(HTTPS_BACKEND "mbedTLS")
	29	ELSE()
	30	MESSAGE(FATAL_ERROR "Unable to autodetect a usable HTTPS backend."
	31	"Please pass the backend name explicitly (-DUSE_HTTPS=backend)")
	32	ENDIF()
	33	ELSEIF(USE_HTTPS)
	34	# HTTPS backend was explicitly set
	35	SET(HTTPS_BACKEND ${USE_HTTPS})
	36	ELSE()
	37	SET(HTTPS_BACKEND NO)
	38	ENDIF()
	39
	40	IF(HTTPS_BACKEND)
	41	# Check that we can find what's required for the selected backend
	42	IF (HTTPS_BACKEND STREQUAL "SecureTransport")
	43	IF (NOT COREFOUNDATION_FOUND)
	44	MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, CoreFoundation.framework not found")
	45	ENDIF()
	46	IF (NOT SECURITY_FOUND)
	47	MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, Security.framework not found")
	48	ENDIF()
	49	IF (NOT SECURITY_HAS_SSLCREATECONTEXT)
	50	MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, SSLCreateContext not supported")
	51	ENDIF()
	52
	53	SET(GIT_SECURE_TRANSPORT 1)
	54	LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${SECURITY_INCLUDE_DIR})
	55	LIST(APPEND LIBGIT2_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
	56	LIST(APPEND LIBGIT2_PC_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
	57	ELSEIF (HTTPS_BACKEND STREQUAL "OpenSSL")
	58	IF (NOT OPENSSL_FOUND)
	59	MESSAGE(FATAL_ERROR "Asked for OpenSSL TLS backend, but it wasn't found")
	60	ENDIF()
	61
	62	SET(GIT_OPENSSL 1)
	63	LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${OPENSSL_INCLUDE_DIR})
	64	LIST(APPEND LIBGIT2_LIBS ${OPENSSL_LIBRARIES})
	65	LIST(APPEND LIBGIT2_PC_LIBS ${OPENSSL_LDFLAGS})
	66	LIST(APPEND LIBGIT2_PC_REQUIRES "openssl")
	67	ELSEIF(HTTPS_BACKEND STREQUAL "mbedTLS")
	68	IF (NOT MBEDTLS_FOUND)
	69	MESSAGE(FATAL_ERROR "Asked for mbedTLS backend, but it wasn't found")
	70	ENDIF()
	71
	72	IF(NOT CERT_LOCATION)
	73	MESSAGE(STATUS "Auto-detecting default certificates location")
	74	IF(CMAKE_SYSTEM_NAME MATCHES Darwin)
	75	# Check for an Homebrew installation
	76	SET(OPENSSL_CMD "/usr/local/opt/openssl/bin/openssl")
	77	ELSE()
	78	SET(OPENSSL_CMD "openssl")
79	ENDIF()
80	EXECUTE_PROCESS(COMMAND ${OPENSSL_CMD} version -d OUTPUT_VARIABLE OPENSSL_DIR OUTPUT_STRIP_TRAILING_WHITESPACE)
81	IF(OPENSSL_DIR)
82	STRING(REGEX REPLACE "^OPENSSLDIR: \"(.*)\"$" "\\1/" OPENSSL_DIR ${OPENSSL_DIR})
83
84	SET(OPENSSL_CA_LOCATIONS
85	"ca-bundle.pem" # OpenSUSE Leap 42.1
86	"cert.pem" # Ubuntu 14.04, FreeBSD
87	"certs/ca-certificates.crt" # Ubuntu 16.04
88	"certs/ca.pem" # Debian 7
89	)
90	FOREACH(SUFFIX IN LISTS OPENSSL_CA_LOCATIONS)
91	SET(LOC "${OPENSSL_DIR}${SUFFIX}")
92	IF(NOT CERT_LOCATION AND EXISTS "${OPENSSL_DIR}${SUFFIX}")
93	SET(CERT_LOCATION ${LOC})
94	ENDIF()
95	ENDFOREACH()
96	ELSE()
97	MESSAGE(FATAL_ERROR "Unable to find OpenSSL executable. Please provide default certificate location via CERT_LOCATION")
98	ENDIF()
99	ENDIF()
100
101	IF(CERT_LOCATION)
102	IF(NOT EXISTS ${CERT_LOCATION})
103	MESSAGE(FATAL_ERROR "Cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist")
104	ENDIF()
105	ADD_FEATURE_INFO(CERT_LOCATION ON "using certificates from ${CERT_LOCATION}")
106	ADD_DEFINITIONS(-DGIT_DEFAULT_CERT_LOCATION="${CERT_LOCATION}")
107	ENDIF()
108
109	SET(GIT_MBEDTLS 1)
110	LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR})
111	LIST(APPEND LIBGIT2_LIBS ${MBEDTLS_LIBRARIES})
112	# mbedTLS has no pkgconfig file, hence we can't require it
113	# https://github.com/ARMmbed/mbedtls/issues/228
114	# For now, pass its link flags as our own
115	LIST(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES})
116	ELSEIF (HTTPS_BACKEND STREQUAL "WinHTTP")
117	# WinHTTP setup was handled in the WinHTTP-specific block above
118	ELSE()
119	MESSAGE(FATAL_ERROR "Asked for backend ${HTTPS_BACKEND} but it wasn't found")
120	ENDIF()
121
122	SET(GIT_HTTPS 1)
123	ADD_FEATURE_INFO(HTTPS GIT_HTTPS "using ${HTTPS_BACKEND}")
124	ELSE()
125	SET(GIT_HTTPS 0)
126	ADD_FEATURE_INFO(HTTPS NO "")
127	ENDIF()