AWS SDK integration - set default ca_bundle and ca_path for curl build.

98c5ab50 · Pavel Kovalenko · Pavel Kovalenko · daf064d1 · 98c5ab50
隐藏空白更改
内联并排

Showing with 6 addition and 72 deletion

contrib/curl-cmake/CMakeLists.txt contrib/curl-cmake/CMakeLists.txt +6 -72

未找到文件。
--- a/contrib/curl-cmake/CMakeLists.txt
+++ b/contrib/curl-cmake/CMakeLists.txt
@@ -181,79 +181,13 @@ else()
    unset(USE_UNIX_SOCKETS CACHE)
 endif()

-#
 # CA handling
-#
-set(CURL_CA_BUNDLE "auto" CACHE STRING
-        "Path to the CA bundle. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.")
-set(CURL_CA_FALLBACK OFF CACHE BOOL
-        "Set ON to use built-in CA store of TLS backend. Defaults to OFF")
-set(CURL_CA_PATH "auto" CACHE STRING
-        "Location of default CA path. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.")
-
-if (NOT OPENSSL_FOUND)
-    set(CURL_CA_PATH "none")
-endif()
-
-if("${CURL_CA_BUNDLE}" STREQUAL "")
-    message(FATAL_ERROR "Invalid value of CURL_CA_BUNDLE. Use 'none', 'auto' or file path.")
-elseif("${CURL_CA_BUNDLE}" STREQUAL "none")
-    unset(CURL_CA_BUNDLE CACHE)
-elseif("${CURL_CA_BUNDLE}" STREQUAL "auto")
-    unset(CURL_CA_BUNDLE CACHE)
-    set(CURL_CA_BUNDLE_AUTODETECT TRUE)
-else()
-    set(CURL_CA_BUNDLE_SET TRUE)
-endif()
-
-if("${CURL_CA_PATH}" STREQUAL "")
-    message(FATAL_ERROR "Invalid value of CURL_CA_PATH. Use 'none', 'auto' or directory path.")
-elseif("${CURL_CA_PATH}" STREQUAL "none")
-    unset(CURL_CA_PATH CACHE)
-elseif("${CURL_CA_PATH}" STREQUAL "auto")
-    unset(CURL_CA_PATH CACHE)
-    set(CURL_CA_PATH_AUTODETECT TRUE)
-else()
-    set(CURL_CA_PATH_SET TRUE)
-endif()
-
-if(CURL_CA_BUNDLE_SET AND CURL_CA_PATH_AUTODETECT)
-    # Skip autodetection of unset CA path because CA bundle is set explicitly
-elseif(CURL_CA_PATH_SET AND CURL_CA_BUNDLE_AUTODETECT)
-    # Skip autodetection of unset CA bundle because CA path is set explicitly
-elseif(CURL_CA_PATH_AUTODETECT OR CURL_CA_BUNDLE_AUTODETECT)
-    # first try autodetecting a CA bundle, then a CA path
-
-    if(CURL_CA_BUNDLE_AUTODETECT)
-        set(SEARCH_CA_BUNDLE_PATHS
-                /etc/ssl/certs/ca-certificates.crt
-                /etc/pki/tls/certs/ca-bundle.crt
-                /usr/share/ssl/certs/ca-bundle.crt
-                /usr/local/share/certs/ca-root-nss.crt
-                /etc/ssl/cert.pem)
-
-        foreach(SEARCH_CA_BUNDLE_PATH ${SEARCH_CA_BUNDLE_PATHS})
-            if(EXISTS "${SEARCH_CA_BUNDLE_PATH}")
-                message(STATUS "Found CA bundle: ${SEARCH_CA_BUNDLE_PATH}")
-                set(CURL_CA_BUNDLE "${SEARCH_CA_BUNDLE_PATH}")
-                set(CURL_CA_BUNDLE_SET TRUE CACHE BOOL "Path to the CA bundle has been set")
-                break()
-            endif()
-        endforeach()
-    endif()
-
-    if(CURL_CA_PATH_AUTODETECT AND (NOT CURL_CA_PATH_SET))
-        if(EXISTS "/etc/ssl/certs")
-            set(CURL_CA_PATH "/etc/ssl/certs")
-            set(CURL_CA_PATH_SET TRUE CACHE BOOL "Path to the CA bundle has been set")
-        endif()
-    endif()
-endif()
-
-if(CURL_CA_PATH_SET AND NOT USE_OPENSSL AND NOT USE_MBEDTLS)
-    message(FATAL_ERROR
-            "CA path only supported by OpenSSL, GnuTLS or mbed TLS. "
-            "Set CURL_CA_PATH=none or enable one of those TLS backends.")
+# Explicitly set to most common case
+if (OPENSSL_FOUND)
+    set(CURL_CA_BUNDLE "/etc/ssl/certs/ca-certificates.crt")
+    set(CURL_CA_BUNDLE_SET TRUE CACHE BOOL "Path to the CA bundle has been set")
+    set(CURL_CA_PATH "/etc/ssl/certs")
+    set(CURL_CA_PATH_SET TRUE CACHE BOOL "Path to the CA bundle has been set")
 endif()

 check_include_file_concat("stdio.h"          HAVE_STDIO_H)