mirror/CMake
1
0
Fork 0
mirror of https://github.com/Kitware/CMake.git synced 2026-04-23 14:48:19 -05:00
Code Issues Packages Projects Releases Wiki Activity

file(DOWNLOAD/UPLOAD): Verify TLS server certificate by default

Browse Source 
If the connection fails in a way that might be a certificate error, and
verification was enabled by the new default, mention environment
variable `CMAKE_TLS_VERIFY` in the diagnostic to help users that were
relying on the old behavior turn off server certificate verification in
their environment.

Fixes: #23608
This commit is contained in:
Brad King
2024-09-20 16:55:26 -04:00
parent dcaea54898
commit 8e92ee34f6
6 changed files with 61 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Help/variable/CMAKE_TLS_VERIFY.rst
+6 -1
View File
@@ -5,7 +5,12 @@ Specify the default value for the :command:`file(DOWNLOAD)` and
:command:`file(UPLOAD)` commands' ``TLS_VERIFY`` options.
If this variable is not set, the commands check the
:envvar:`CMAKE_TLS_VERIFY` environment variable.
If neither is set, the default is *off*.
If neither is set, the default is *on*.
.. versionchanged:: 3.31
The default is on. Previously, the default was off.
Users may set the :envvar:`CMAKE_TLS_VERIFY` environment
variable to ``0`` to restore the old default.
This variable is also used by the :module:`ExternalProject` and
:module:`FetchContent` modules for internal calls to :command:`file(DOWNLOAD)`.