search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge topic 'cmake-pkg-config-integration'
[kiteware-cmake.git] / Source / cmCurl.cxx
blob65fccd035059627bcb2997659760347dd31619d9
1 /* Distributed under the OSI-approved BSD 3-Clause License. See accompanying
2 file Copyright.txt or https://cmake.org/licensing for details. */
3 #include "cmCurl.h"
4
5 #include <cm/string_view>
6 #include <cmext/string_view>
7
8 #if !defined(CMAKE_USE_SYSTEM_CURL) && !defined(_WIN32) && \
9 !defined(__APPLE__) && !defined(CURL_CA_BUNDLE) && !defined(CURL_CA_PATH)
10 # define CMAKE_FIND_CAFILE
11 #endif
12 #include "cmStringAlgorithms.h"
13 #include "cmSystemTools.h"
14
15 #if defined(_WIN32)
16 # include <vector>
17
18 # include <windows.h>
19
20 # include "cmsys/Encoding.hxx"
21 #endif
22
23 // curl versions before 7.21.5 did not provide this error code
24 #if defined(LIBCURL_VERSION_NUM) && LIBCURL_VERSION_NUM < 0x071505
25 # define CURLE_NOT_BUILT_IN 4
26 #endif
27
28 #define check_curl_result(result, errstr) \
29 do { \
30 if ((result) != CURLE_OK && (result) != CURLE_NOT_BUILT_IN) { \
31 e += e.empty() ? "" : "\n"; \
32 e += (errstr); \
33 e += ::curl_easy_strerror(result); \
34 } \
35 } while (false)
36
37 // curl versions before 7.52.0 did not provide TLS 1.3 support
38 #if defined(LIBCURL_VERSION_NUM) && LIBCURL_VERSION_NUM < 0x073400
39 # define CURL_SSLVERSION_TLSv1_3 CURL_SSLVERSION_LAST
40 #endif
41
42 // curl versions before 7.64.1 referred to Secure Transport as DarwinSSL
43 #if defined(LIBCURL_VERSION_NUM) && LIBCURL_VERSION_NUM < 0x074001
44 # define CURLSSLBACKEND_SECURETRANSPORT CURLSSLBACKEND_DARWINSSL
45 #endif
46
47 // Make sure we keep up with new TLS versions supported by curl.
48 // Do this only for our vendored curl to avoid breaking builds
49 // against external future versions of curl.
50 #if !defined(CMAKE_USE_SYSTEM_CURL)
51 static_assert(CURL_SSLVERSION_LAST == 8,
52 "A new CURL_SSLVERSION_ may be available!");
53 #endif
54
55 void cmCurlInitOnce()
56 {
57 // curl 7.56.0 introduced curl_global_sslset.
58 #if defined(__APPLE__) && defined(CMAKE_USE_SYSTEM_CURL) && \
59 defined(LIBCURL_VERSION_NUM) && LIBCURL_VERSION_NUM >= 0x073800
60 static bool initialized = false;
61 if (initialized) {
62 return;
63 }
64 initialized = true;
65
66 cm::optional<std::string> curl_ssl_backend =
67 cmSystemTools::GetEnvVar("CURL_SSL_BACKEND");
68 if (!curl_ssl_backend || curl_ssl_backend->empty()) {
69 curl_version_info_data* cv = curl_version_info(CURLVERSION_FIRST);
70 // curl 8.3.0 through 8.5.x did not re-initialize LibreSSL correctly,
71 // so prefer the Secure Transport backend by default in those versions.
72 if (cv->version_num >= 0x080300 && cv->version_num < 0x080600) {
73 curl_global_sslset(CURLSSLBACKEND_SECURETRANSPORT, NULL, NULL);
74 }
75 }
76 #endif
77 }
78
79 cm::optional<int> cmCurlParseTLSVersion(cm::string_view tls_version)
80 {
81 cm::optional<int> v;
82 if (tls_version == "1.0"_s) {
83 v = CURL_SSLVERSION_TLSv1_0;
84 } else if (tls_version == "1.1"_s) {
85 v = CURL_SSLVERSION_TLSv1_1;
86 } else if (tls_version == "1.2"_s) {
87 v = CURL_SSLVERSION_TLSv1_2;
88 } else if (tls_version == "1.3"_s) {
89 v = CURL_SSLVERSION_TLSv1_3;
90 }
91 return v;
92 }
93
94 cm::optional<std::string> cmCurlPrintTLSVersion(int curl_tls_version)
95 {
96 cm::optional<std::string> s;
97 switch (curl_tls_version) {
98 case CURL_SSLVERSION_TLSv1_0:
99 s = "CURL_SSLVERSION_TLSv1_0"_s;
100 break;
101 case CURL_SSLVERSION_TLSv1_1:
102 s = "CURL_SSLVERSION_TLSv1_1"_s;
103 break;
104 case CURL_SSLVERSION_TLSv1_2:
105 s = "CURL_SSLVERSION_TLSv1_2"_s;
106 break;
107 case CURL_SSLVERSION_TLSv1_3:
108 s = "CURL_SSLVERSION_TLSv1_3"_s;
109 break;
110 }
111 return s;
112 }
113
114 std::string cmCurlSetCAInfo(::CURL* curl, const std::string& cafile)
115 {
116 std::string e;
117 std::string env_ca;
118 if (!cafile.empty()) {
119 ::CURLcode res = ::curl_easy_setopt(curl, CURLOPT_CAINFO, cafile.c_str());
120 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
121 }
122 /* Honor the user-configurable OpenSSL environment variables. */
123 else if (cmSystemTools::GetEnv("SSL_CERT_FILE", env_ca) &&
124 cmSystemTools::FileExists(env_ca, true)) {
125 ::CURLcode res = ::curl_easy_setopt(curl, CURLOPT_CAINFO, env_ca.c_str());
126 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
127 } else if (cmSystemTools::GetEnv("SSL_CERT_DIR", env_ca) &&
128 cmSystemTools::FileIsDirectory(env_ca)) {
129 ::CURLcode res = ::curl_easy_setopt(curl, CURLOPT_CAPATH, env_ca.c_str());
130 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
131 }
132 #ifdef CMAKE_FIND_CAFILE
133 # define CMAKE_CAFILE_FEDORA "/etc/pki/tls/certs/ca-bundle.crt"
134 else if (cmSystemTools::FileExists(CMAKE_CAFILE_FEDORA, true)) {
135 ::CURLcode res =
136 ::curl_easy_setopt(curl, CURLOPT_CAINFO, CMAKE_CAFILE_FEDORA);
137 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
138 }
139 # undef CMAKE_CAFILE_FEDORA
140 else {
141 # define CMAKE_CAFILE_COMMON "/etc/ssl/certs/ca-certificates.crt"
142 if (cmSystemTools::FileExists(CMAKE_CAFILE_COMMON, true)) {
143 ::CURLcode res =
144 ::curl_easy_setopt(curl, CURLOPT_CAINFO, CMAKE_CAFILE_COMMON);
145 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
146 }
147 # undef CMAKE_CAFILE_COMMON
148 # define CMAKE_CAPATH_COMMON "/etc/ssl/certs"
149 if (cmSystemTools::FileIsDirectory(CMAKE_CAPATH_COMMON)) {
150 ::CURLcode res =
151 ::curl_easy_setopt(curl, CURLOPT_CAPATH, CMAKE_CAPATH_COMMON);
152 check_curl_result(res, "Unable to set TLS/SSL Verify CAPATH: ");
153 }
154 # undef CMAKE_CAPATH_COMMON
155 }
156 #endif
157 return e;
158 }
159
160 std::string cmCurlSetNETRCOption(::CURL* curl, const std::string& netrc_level,
161 const std::string& netrc_file)
162 {
163 std::string e;
164 CURL_NETRC_OPTION curl_netrc_level = CURL_NETRC_LAST;
165 ::CURLcode res;
166
167 if (!netrc_level.empty()) {
168 if (netrc_level == "OPTIONAL") {
169 curl_netrc_level = CURL_NETRC_OPTIONAL;
170 } else if (netrc_level == "REQUIRED") {
171 curl_netrc_level = CURL_NETRC_REQUIRED;
172 } else if (netrc_level == "IGNORED") {
173 curl_netrc_level = CURL_NETRC_IGNORED;
174 } else {
175 e = cmStrCat("NETRC accepts OPTIONAL, IGNORED or REQUIRED but got: ",
176 netrc_level);
177 return e;
178 }
179 }
180
181 if (curl_netrc_level != CURL_NETRC_LAST &&
182 curl_netrc_level != CURL_NETRC_IGNORED) {
183 res = ::curl_easy_setopt(curl, CURLOPT_NETRC, curl_netrc_level);
184 check_curl_result(res, "Unable to set netrc level: ");
185 if (!e.empty()) {
186 return e;
187 }
188
189 // check to see if a .netrc file has been specified
190 if (!netrc_file.empty()) {
191 res = ::curl_easy_setopt(curl, CURLOPT_NETRC_FILE, netrc_file.c_str());
192 check_curl_result(res, "Unable to set .netrc file path : ");
193 }
194 }
195 return e;
196 }
197
198 std::string cmCurlFixFileURL(std::string url)
199 {
200 if (!cmHasLiteralPrefix(url, "file://")) {
201 return url;
202 }
203
204 // libcurl 7.77 and below accidentally allowed spaces in URLs in some cases.
205 // One such case was file:// URLs, which CMake has long accepted as a result.
206 // Explicitly encode spaces for a URL.
207 cmSystemTools::ReplaceString(url, " ", "%20");
208
209 #if defined(_WIN32)
210 // libcurl doesn't support file:// urls for unicode filenames on Windows.
211 // Convert string from UTF-8 to ACP if this is a file:// URL.
212 std::wstring wurl = cmsys::Encoding::ToWide(url);
213 if (!wurl.empty()) {
214 int mblen = WideCharToMultiByte(CP_ACP, 0, wurl.c_str(), -1, nullptr, 0,
215 nullptr, nullptr);
216 if (mblen > 0) {
217 std::vector<char> chars(mblen);
218 mblen = WideCharToMultiByte(CP_ACP, 0, wurl.c_str(), -1, &chars[0],
219 mblen, nullptr, nullptr);
220 if (mblen > 0) {
221 url = &chars[0];
222 }
223 }
224 }
225 #endif
226
227 return url;
228 }
CMake is an open-source, cross-platform family of tools designed to build, test and package software