[Cmake-commits] CMake branch, next, updated. v3.5.1-840-gc1277fe
Brad King
brad.king at kitware.com
Wed Apr 6 16:49:54 EDT 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, next has been updated
via c1277fe5fd7aa965458bfc11f77b1f383745f06f (commit)
via 4d8c988caa1f5e13821a6fb392cd72e681082e97 (commit)
via 23a71e4e4d5ca6bdb39e250335074a2b8ab74a02 (commit)
from b5effe8d07183406758dabd76ab0506af7dc77e9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=c1277fe5fd7aa965458bfc11f77b1f383745f06f
commit c1277fe5fd7aa965458bfc11f77b1f383745f06f
Merge: b5effe8 4d8c988
Author: Brad King <brad.king at kitware.com>
AuthorDate: Wed Apr 6 16:49:53 2016 -0400
Commit: CMake Topic Stage <kwrobot at kitware.com>
CommitDate: Wed Apr 6 16:49:53 2016 -0400
Merge topic 'ExternalProject-TLS_VERIFY-fixes' into next
4d8c988c ExternalProject: Fix file download script with CMAKE_TLS_{VERIFY,CAINFO}
23a71e4e ExternalProject: Tell Git not to verify certs only if TLS_VERIFY is OFF
https://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=4d8c988caa1f5e13821a6fb392cd72e681082e97
commit 4d8c988caa1f5e13821a6fb392cd72e681082e97
Author: Brad King <brad.king at kitware.com>
AuthorDate: Wed Apr 6 16:21:16 2016 -0400
Commit: Brad King <brad.king at kitware.com>
CommitDate: Wed Apr 6 16:49:13 2016 -0400
ExternalProject: Fix file download script with CMAKE_TLS_{VERIFY,CAINFO}
Avoid generating incorrect code such as
set(CMAKE_TLS_VERIFY set(CMAKE_TLS_VERIFY 1))
when one of these variables is set in the calling project.
diff --git a/Modules/ExternalProject.cmake b/Modules/ExternalProject.cmake
index 1859890..1f3dc38 100644
--- a/Modules/ExternalProject.cmake
+++ b/Modules/ExternalProject.cmake
@@ -859,12 +859,15 @@ function(_ep_write_downloadfile_script script_filename remote local timeout no_p
set(hash_check "")
endif()
+ set(tls_verify_code "")
+ set(tls_cainfo_code "")
+
# check for curl globals in the project
if(DEFINED CMAKE_TLS_VERIFY)
- set(tls_verify "set(CMAKE_TLS_VERIFY ${CMAKE_TLS_VERIFY})")
+ set(tls_verify_code "set(CMAKE_TLS_VERIFY ${CMAKE_TLS_VERIFY})")
endif()
if(DEFINED CMAKE_TLS_CAINFO)
- set(tls_cainfo "set(CMAKE_TLS_CAINFO \"${CMAKE_TLS_CAINFO}\")")
+ set(tls_cainfo_code "set(CMAKE_TLS_CAINFO \"${CMAKE_TLS_CAINFO}\")")
endif()
# now check for curl locals so that the local values
@@ -873,12 +876,12 @@ function(_ep_write_downloadfile_script script_filename remote local timeout no_p
# check for tls_verify argument
string(LENGTH "${tls_verify}" tls_verify_len)
if(tls_verify_len GREATER 0)
- set(tls_verify "set(CMAKE_TLS_VERIFY ${tls_verify})")
+ set(tls_verify_code "set(CMAKE_TLS_VERIFY ${tls_verify})")
endif()
# check for tls_cainfo argument
string(LENGTH "${tls_cainfo}" tls_cainfo_len)
if(tls_cainfo_len GREATER 0)
- set(tls_cainfo "set(CMAKE_TLS_CAINFO \"${tls_cainfo}\")")
+ set(tls_cainfo_code "set(CMAKE_TLS_CAINFO \"${tls_cainfo}\")")
endif()
file(WRITE ${script_filename}
@@ -887,8 +890,8 @@ function(_ep_write_downloadfile_script script_filename remote local timeout no_p
dst='${local}'
timeout='${timeout_msg}'\")
-${tls_verify}
-${tls_cainfo}
+${tls_verify_code}
+${tls_cainfo_code}
file(DOWNLOAD
\"${remote}\"
https://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=23a71e4e4d5ca6bdb39e250335074a2b8ab74a02
commit 23a71e4e4d5ca6bdb39e250335074a2b8ab74a02
Author: Brad King <brad.king at kitware.com>
AuthorDate: Wed Apr 6 16:39:46 2016 -0400
Commit: Brad King <brad.king at kitware.com>
CommitDate: Wed Apr 6 16:49:13 2016 -0400
ExternalProject: Tell Git not to verify certs only if TLS_VERIFY is OFF
Since commit 272779ce (ExternalProject: Allow TLS_VERIFY for git clones,
2016-04-01) we pass the `-c http.sslVerify=false` option to `git clone`
even if no explicit `TLS_VERIFY` option was set. This changes behavior
because we used to use the default Git behavior by default. Revise the
logic to preserve the old default behavior by passing the new option
only if `TLS_VERIFY` was explicitly passed as `OFF`.
While at it, also honor `CMAKE_TLS_VERIFY` if the explicit `TLS_VERIFY`
option is not given.
diff --git a/Modules/ExternalProject.cmake b/Modules/ExternalProject.cmake
index 8d8382f..1859890 100644
--- a/Modules/ExternalProject.cmake
+++ b/Modules/ExternalProject.cmake
@@ -525,7 +525,10 @@ if(error_code)
endif()
set(git_options)
-if(NOT tls_verify)
+
+# disable cert checking if explicitly told not to do it
+set(tls_verify \"${tls_verify}\")
+if(NOT \"x${tls_verify}\" STREQUAL \"x\" AND NOT tls_verify)
list(APPEND git_options
-c http.sslVerify=false)
endif()
@@ -1784,8 +1787,8 @@ function(_ep_add_download_command name)
endif()
get_property(tls_verify TARGET ${name} PROPERTY _EP_TLS_VERIFY)
- if(NOT tls_verify)
- set(tls_verify OFF)
+ if("x${tls_verify}" STREQUAL "x" AND DEFINED CMAKE_TLS_VERIFY)
+ set(tls_verify "${CMAKE_TLS_VERIFY}")
endif()
# For the download step, and the git clone operation, only the repository
@@ -1812,7 +1815,7 @@ function(_ep_add_download_command name)
#
_ep_write_gitclone_script(${tmp_dir}/${name}-gitclone.cmake ${source_dir}
${GIT_EXECUTABLE} ${git_repository} ${git_tag} ${git_remote_name} "${git_submodules}" ${src_name} ${work_dir}
- ${stamp_dir}/${name}-gitinfo.txt ${stamp_dir}/${name}-gitclone-lastrun.txt ${tls_verify}
+ ${stamp_dir}/${name}-gitinfo.txt ${stamp_dir}/${name}-gitclone-lastrun.txt "${tls_verify}"
)
set(comment "Performing download step (git clone) for '${name}'")
set(cmd ${CMAKE_COMMAND} -P ${tmp_dir}/${name}-gitclone.cmake)
-----------------------------------------------------------------------
Summary of changes:
Modules/ExternalProject.cmake | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
hooks/post-receive
--
CMake
More information about the Cmake-commits
mailing list