echo/CMake
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Help: Document CMAKE_TLS_VERIFY variable explicitly

Browse Source 
Previously it was mentioned only in the `file` and `ExternalProject`
documentation.
This commit is contained in:
Michael Hirsch 2021-04-29 10:45:05 -04:00 committed by Brad King
parent 9edff7f43e
commit 7398993f5b
4 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Help/command/file.rst
View File

@ -1070,7 +1070,7 @@ If neither ``NETRC`` option is given CMake will check variables
For ``https://`` URLs CMake must be built with OpenSSL support. ``TLS/SSL`` For ``https://`` URLs CMake must be built with OpenSSL support. ``TLS/SSL``
certificates are not checked by default. Set ``TLS_VERIFY`` to ``ON`` to certificates are not checked by default. Set ``TLS_VERIFY`` to ``ON`` to
check certificates. If neither ``TLS`` option is given CMake will check check certificates. If neither ``TLS`` option is given CMake will check
variables ``CMAKE_TLS_VERIFY`` and ``CMAKE_TLS_CAINFO``, respectively. variables :variable:`CMAKE_TLS_VERIFY` and ``CMAKE_TLS_CAINFO``, respectively.
Additional options to ``DOWNLOAD`` are: Additional options to ``DOWNLOAD`` are:

1
Help/manual/cmake-variables.7.rst
View File

@ -245,6 +245,7 @@ Variables that Change Behavior
/variable/CMAKE_SYSTEM_LIBRARY_PATH /variable/CMAKE_SYSTEM_LIBRARY_PATH
/variable/CMAKE_SYSTEM_PREFIX_PATH /variable/CMAKE_SYSTEM_PREFIX_PATH
/variable/CMAKE_SYSTEM_PROGRAM_PATH /variable/CMAKE_SYSTEM_PROGRAM_PATH
/variable/CMAKE_TLS_VERIFY
/variable/CMAKE_USER_MAKE_RULES_OVERRIDE /variable/CMAKE_USER_MAKE_RULES_OVERRIDE
/variable/CMAKE_WARN_DEPRECATED /variable/CMAKE_WARN_DEPRECATED
/variable/CMAKE_WARN_ON_ABSOLUTE_INSTALL_DESTINATION /variable/CMAKE_WARN_ON_ABSOLUTE_INSTALL_DESTINATION

17
Help/variable/CMAKE_TLS_VERIFY.rst Normal file
View File

@ -0,0 +1,17 @@
CMAKE_TLS_VERIFY
----------------
Specify the default value for the :command:`file(DOWNLOAD)` and
:command:`file(UPLOAD)` commands' ``TLS_VERIFY`` options.
If not set, the default is *off*.
This setting is also used by the :module:`ExternalProject` module
for internal calls to :command:`file(DOWNLOAD)`.
TLS verification can help provide confidence that one is connecting
to the desired server. When downloading known content, one should
also use file hashes to verify it.
.. code-block:: cmake
set(CMAKE_TLS_VERIFY TRUE)

2
Modules/ExternalProject.cmake
View File

@ -212,7 +212,7 @@ External Project Definition
``TLS_VERIFY <bool>`` ``TLS_VERIFY <bool>``
Specifies whether certificate verification should be performed for Specifies whether certificate verification should be performed for
https URLs. If this option is not provided, the default behavior is https URLs. If this option is not provided, the default behavior is
determined by the ``CMAKE_TLS_VERIFY`` variable (see determined by the :variable:`CMAKE_TLS_VERIFY` variable (see
:command:`file(DOWNLOAD)`). If that is also not set, certificate :command:`file(DOWNLOAD)`). If that is also not set, certificate
verification will not be performed. In situations where ``URL_HASH`` verification will not be performed. In situations where ``URL_HASH``
cannot be provided, this option can be an alternative verification cannot be provided, this option can be an alternative verification