1INCLUDE(SanitizeBool)
2
3# We try to find any packages our backends might use
4FIND_PACKAGE(OpenSSL)
5FIND_PACKAGE(mbedTLS)
6IF (CMAKE_SYSTEM_NAME MATCHES "Darwin")
7	FIND_PACKAGE(Security)
8	FIND_PACKAGE(CoreFoundation)
9ENDIF()
10
11IF(USE_HTTPS)
12	# Auto-select TLS backend
13	SanitizeBool(USE_HTTPS)
14	IF (USE_HTTPS STREQUAL ON)
15		IF (SECURITY_FOUND)
16			IF (SECURITY_HAS_SSLCREATECONTEXT)
17				SET(USE_HTTPS "SecureTransport")
18			ELSE()
19				MESSAGE(STATUS "Security framework is too old, falling back to OpenSSL")
20				SET(USE_HTTPS "OpenSSL")
21			ENDIF()
22		ELSEIF (WINHTTP)
23			SET(USE_HTTPS "WinHTTP")
24		ELSEIF(OPENSSL_FOUND)
25			SET(USE_HTTPS "OpenSSL")
26		ELSEIF(MBEDTLS_FOUND)
27			SET(USE_HTTPS "mbedTLS")
28		ELSE()
29			MESSAGE(FATAL_ERROR "Unable to autodetect a usable HTTPS backend."
30				"Please pass the backend name explicitly (-DUSE_HTTPS=backend)")
31		ENDIF()
32	ENDIF()
33
34	# Check that we can find what's required for the selected backend
35	IF (USE_HTTPS STREQUAL "SecureTransport")
36		IF (NOT COREFOUNDATION_FOUND)
37			MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, CoreFoundation.framework not found")
38		ENDIF()
39		IF (NOT SECURITY_FOUND)
40			MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, Security.framework not found")
41		ENDIF()
42		IF (NOT SECURITY_HAS_SSLCREATECONTEXT)
43			MESSAGE(FATAL_ERROR "Cannot use SecureTransport backend, SSLCreateContext not supported")
44		ENDIF()
45
46		SET(GIT_SECURE_TRANSPORT 1)
47		LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${SECURITY_INCLUDE_DIR})
48		LIST(APPEND LIBGIT2_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
49		LIST(APPEND LIBGIT2_PC_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS})
50	ELSEIF (USE_HTTPS STREQUAL "OpenSSL")
51		IF (NOT OPENSSL_FOUND)
52			MESSAGE(FATAL_ERROR "Asked for OpenSSL TLS backend, but it wasn't found")
53		ENDIF()
54
55		SET(GIT_OPENSSL 1)
56		LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${OPENSSL_INCLUDE_DIR})
57		LIST(APPEND LIBGIT2_LIBS ${OPENSSL_LIBRARIES})
58		LIST(APPEND LIBGIT2_PC_LIBS ${OPENSSL_LDFLAGS})
59		LIST(APPEND LIBGIT2_PC_REQUIRES "openssl")
60	ELSEIF(USE_HTTPS STREQUAL "mbedTLS")
61		IF (NOT MBEDTLS_FOUND)
62			MESSAGE(FATAL_ERROR "Asked for mbedTLS backend, but it wasn't found")
63		ENDIF()
64
65		IF(NOT CERT_LOCATION)
66			MESSAGE(STATUS "Auto-detecting default certificates location")
67			IF(CMAKE_SYSTEM_NAME MATCHES Darwin)
68				# Check for an Homebrew installation
69				SET(OPENSSL_CMD "/usr/local/opt/openssl/bin/openssl")
70			ELSE()
71				SET(OPENSSL_CMD "openssl")
72			ENDIF()
73			EXECUTE_PROCESS(COMMAND ${OPENSSL_CMD} version -d OUTPUT_VARIABLE OPENSSL_DIR OUTPUT_STRIP_TRAILING_WHITESPACE)
74			IF(OPENSSL_DIR)
75				STRING(REGEX REPLACE "^OPENSSLDIR: \"(.*)\"$" "\\1/" OPENSSL_DIR ${OPENSSL_DIR})
76
77				SET(OPENSSL_CA_LOCATIONS
78					"ca-bundle.pem"             # OpenSUSE Leap 42.1
79					"cert.pem"                  # Ubuntu 14.04, FreeBSD
80					"certs/ca-certificates.crt" # Ubuntu 16.04
81					"certs/ca.pem"              # Debian 7
82				)
83				FOREACH(SUFFIX IN LISTS OPENSSL_CA_LOCATIONS)
84					SET(LOC "${OPENSSL_DIR}${SUFFIX}")
85					IF(NOT CERT_LOCATION AND EXISTS "${OPENSSL_DIR}${SUFFIX}")
86						SET(CERT_LOCATION ${LOC})
87					ENDIF()
88				ENDFOREACH()
89			ELSE()
90				MESSAGE(FATAL_ERROR "Unable to find OpenSSL executable. Please provide default certificate location via CERT_LOCATION")
91			ENDIF()
92		ENDIF()
93
94		IF(CERT_LOCATION)
95			IF(NOT EXISTS ${CERT_LOCATION})
96				MESSAGE(FATAL_ERROR "Cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist")
97			ENDIF()
98			ADD_FEATURE_INFO(CERT_LOCATION ON "using certificates from ${CERT_LOCATION}")
99			ADD_DEFINITIONS(-DGIT_DEFAULT_CERT_LOCATION="${CERT_LOCATION}")
100		ENDIF()
101
102		SET(GIT_MBEDTLS 1)
103		LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR})
104		LIST(APPEND LIBGIT2_LIBS ${MBEDTLS_LIBRARIES})
105		# mbedTLS has no pkgconfig file, hence we can't require it
106		# https://github.com/ARMmbed/mbedtls/issues/228
107		# For now, pass its link flags as our own
108		LIST(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES})
109	ELSEIF (USE_HTTPS STREQUAL "WinHTTP")
110		# WinHTTP setup was handled in the WinHTTP-specific block above
111	ELSEIF (USE_HTTPS STREQUAL "OpenSSL-Dynamic")
112		SET(GIT_OPENSSL 1)
113		SET(GIT_OPENSSL_DYNAMIC 1)
114		LIST(APPEND LIBGIT2_LIBS dl)
115	ELSE()
116		MESSAGE(FATAL_ERROR "Asked for backend ${USE_HTTPS} but it wasn't found")
117	ENDIF()
118
119	SET(GIT_HTTPS 1)
120	ADD_FEATURE_INFO(HTTPS GIT_HTTPS "using ${USE_HTTPS}")
121ELSE()
122	SET(GIT_HTTPS 0)
123	ADD_FEATURE_INFO(HTTPS NO "")
124ENDIF()
125