1 /* Distributed under the OSI-approved BSD 3-Clause License. See accompanying
2 file Copyright.txt or https://cmake.org/licensing for details. */
5 #if !defined(CMAKE_USE_SYSTEM_CURL) && !defined(_WIN32) && \
6 !defined(__APPLE__) && !defined(CURL_CA_BUNDLE) && !defined(CURL_CA_PATH)
7 # define CMAKE_FIND_CAFILE
9 #include "cmStringAlgorithms.h"
10 #include "cmSystemTools.h"
17 # include "cmsys/Encoding.hxx"
20 // curl versions before 7.21.5 did not provide this error code
21 #if defined(LIBCURL_VERSION_NUM) && LIBCURL_VERSION_NUM < 0x071505
22 # define CURLE_NOT_BUILT_IN 4
25 #define check_curl_result(result, errstr) \
27 if ((result) != CURLE_OK && (result) != CURLE_NOT_BUILT_IN) { \
28 e += e.empty() ? "" : "\n"; \
30 e += ::curl_easy_strerror(result); \
34 std::string cmCurlSetCAInfo(::CURL* curl, const std::string& cafile)
38 if (!cafile.empty()) {
39 ::CURLcode res = ::curl_easy_setopt(curl, CURLOPT_CAINFO, cafile.c_str());
40 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
42 /* Honor the user-configurable OpenSSL environment variables. */
43 else if (cmSystemTools::GetEnv("SSL_CERT_FILE", env_ca) &&
44 cmSystemTools::FileExists(env_ca, true)) {
45 ::CURLcode res = ::curl_easy_setopt(curl, CURLOPT_CAINFO, env_ca.c_str());
46 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
47 } else if (cmSystemTools::GetEnv("SSL_CERT_DIR", env_ca) &&
48 cmSystemTools::FileIsDirectory(env_ca)) {
49 ::CURLcode res = ::curl_easy_setopt(curl, CURLOPT_CAPATH, env_ca.c_str());
50 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
52 #ifdef CMAKE_FIND_CAFILE
53 # define CMAKE_CAFILE_FEDORA "/etc/pki/tls/certs/ca-bundle.crt"
54 else if (cmSystemTools::FileExists(CMAKE_CAFILE_FEDORA, true)) {
56 ::curl_easy_setopt(curl, CURLOPT_CAINFO, CMAKE_CAFILE_FEDORA);
57 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
59 # undef CMAKE_CAFILE_FEDORA
61 # define CMAKE_CAFILE_COMMON "/etc/ssl/certs/ca-certificates.crt"
62 if (cmSystemTools::FileExists(CMAKE_CAFILE_COMMON, true)) {
64 ::curl_easy_setopt(curl, CURLOPT_CAINFO, CMAKE_CAFILE_COMMON);
65 check_curl_result(res, "Unable to set TLS/SSL Verify CAINFO: ");
67 # undef CMAKE_CAFILE_COMMON
68 # define CMAKE_CAPATH_COMMON "/etc/ssl/certs"
69 if (cmSystemTools::FileIsDirectory(CMAKE_CAPATH_COMMON)) {
71 ::curl_easy_setopt(curl, CURLOPT_CAPATH, CMAKE_CAPATH_COMMON);
72 check_curl_result(res, "Unable to set TLS/SSL Verify CAPATH: ");
74 # undef CMAKE_CAPATH_COMMON
80 std::string cmCurlSetNETRCOption(::CURL* curl, const std::string& netrc_level,
81 const std::string& netrc_file)
84 CURL_NETRC_OPTION curl_netrc_level = CURL_NETRC_LAST;
87 if (!netrc_level.empty()) {
88 if (netrc_level == "OPTIONAL") {
89 curl_netrc_level = CURL_NETRC_OPTIONAL;
90 } else if (netrc_level == "REQUIRED") {
91 curl_netrc_level = CURL_NETRC_REQUIRED;
92 } else if (netrc_level == "IGNORED") {
93 curl_netrc_level = CURL_NETRC_IGNORED;
95 e = cmStrCat("NETRC accepts OPTIONAL, IGNORED or REQUIRED but got: ",
101 if (curl_netrc_level != CURL_NETRC_LAST &&
102 curl_netrc_level != CURL_NETRC_IGNORED) {
103 res = ::curl_easy_setopt(curl, CURLOPT_NETRC, curl_netrc_level);
104 check_curl_result(res, "Unable to set netrc level: ");
109 // check to see if a .netrc file has been specified
110 if (!netrc_file.empty()) {
111 res = ::curl_easy_setopt(curl, CURLOPT_NETRC_FILE, netrc_file.c_str());
112 check_curl_result(res, "Unable to set .netrc file path : ");
118 std::string cmCurlFixFileURL(std::string url)
120 if (!cmHasLiteralPrefix(url, "file://")) {
124 // libcurl 7.77 and below accidentally allowed spaces in URLs in some cases.
125 // One such case was file:// URLs, which CMake has long accepted as a result.
126 // Explicitly encode spaces for a URL.
127 cmSystemTools::ReplaceString(url, " ", "%20");
130 // libcurl doesn't support file:// urls for unicode filenames on Windows.
131 // Convert string from UTF-8 to ACP if this is a file:// URL.
132 std::wstring wurl = cmsys::Encoding::ToWide(url);
135 WideCharToMultiByte(CP_ACP, 0, wurl.c_str(), -1, NULL, 0, NULL, NULL);
137 std::vector<char> chars(mblen);
138 mblen = WideCharToMultiByte(CP_ACP, 0, wurl.c_str(), -1, &chars[0],