# Select a hash backend include(SanitizeInput) sanitizeinput(USE_HTTPS) sanitizeinput(USE_SHA1) sanitizeinput(USE_SHA256) # sha1 if(USE_SHA1 STREQUAL "" OR USE_SHA1 STREQUAL ON OR USE_SHA1 STREQUAL "collisiondetection") SET(USE_SHA1 "builtin") elseif(USE_SHA1 STREQUAL "https") if(USE_HTTPS STREQUAL "securetransport") set(USE_SHA1 "commoncrypto") elseif(USE_HTTPS STREQUAL "schannel") set(USE_SHA1 "win32") elseif(USE_HTTPS STREQUAL "winhttp") set(USE_SHA1 "win32") elseif(USE_HTTPS) set(USE_SHA1 ${USE_HTTPS}) else() message(FATAL_ERROR "asked for HTTPS SHA1 backend but HTTPS is not enabled") endif() endif() if(USE_SHA1 STREQUAL "builtin") set(GIT_SHA1_BUILTIN 1) add_feature_info(SHA1 ON "using bundled collision detection implementation") elseif(USE_SHA1 STREQUAL "openssl") set(GIT_SHA1_OPENSSL 1) add_feature_info(SHA1 ON "using OpenSSL") elseif(USE_SHA1 STREQUAL "openssl-fips") set(GIT_SHA1_OPENSSL_FIPS 1) add_feature_info(SHA1 ON "using OpenSSL-FIPS") elseif(USE_SHA1 STREQUAL "openssl-dynamic") list(APPEND LIBGIT2_SYSTEM_LIBS dl) set(GIT_SHA1_OPENSSL_DYNAMIC 1) add_feature_info(SHA1 ON "using OpenSSL-Dynamic") elseif(USE_SHA1 STREQUAL "commoncrypto") set(GIT_SHA1_COMMON_CRYPTO 1) add_feature_info(SHA1 ON "using CommonCrypto") elseif(USE_SHA1 STREQUAL "mbedtls") set(GIT_SHA1_MBEDTLS 1) add_feature_info(SHA1 ON "using mbedTLS") elseif(USE_SHA1 STREQUAL "win32") set(GIT_SHA1_WIN32 1) add_feature_info(SHA1 ON "using Win32 APIs") else() message(FATAL_ERROR "asked for unknown SHA1 backend: ${USE_SHA1}") endif() # sha256 if(USE_SHA256 STREQUAL "" OR USE_SHA256 STREQUAL ON) if(USE_HTTPS) SET(USE_SHA256 "https") else() SET(USE_SHA256 "builtin") endif() endif() if(USE_SHA256 STREQUAL "https") if(USE_HTTPS STREQUAL "securetransport") set(USE_SHA256 "commoncrypto") elseif(USE_HTTPS STREQUAL "schannel") set(USE_SHA256 "win32") elseif(USE_HTTPS STREQUAL "winhttp") set(USE_SHA256 "win32") elseif(USE_HTTPS) set(USE_SHA256 ${USE_HTTPS}) endif() endif() if(USE_SHA256 STREQUAL "builtin") set(GIT_SHA256_BUILTIN 1) add_feature_info(SHA256 ON "using bundled implementation") elseif(USE_SHA256 STREQUAL "openssl") set(GIT_SHA256_OPENSSL 1) add_feature_info(SHA256 ON "using OpenSSL") elseif(USE_SHA256 STREQUAL "openssl-fips") set(GIT_SHA256_OPENSSL_FIPS 1) add_feature_info(SHA256 ON "using OpenSSL-FIPS") elseif(USE_SHA256 STREQUAL "openssl-dynamic") list(APPEND LIBGIT2_SYSTEM_LIBS dl) set(GIT_SHA256_OPENSSL_DYNAMIC 1) add_feature_info(SHA256 ON "using OpenSSL-Dynamic") elseif(USE_SHA256 STREQUAL "commoncrypto") set(GIT_SHA256_COMMON_CRYPTO 1) add_feature_info(SHA256 ON "using CommonCrypto") elseif(USE_SHA256 STREQUAL "mbedtls") set(GIT_SHA256_MBEDTLS 1) add_feature_info(SHA256 ON "using mbedTLS") elseif(USE_SHA256 STREQUAL "win32") set(GIT_SHA256_WIN32 1) add_feature_info(SHA256 ON "using Win32 APIs") else() message(FATAL_ERROR "asked for unknown SHA256 backend: ${USE_SHA256}") endif() # add library requirements if(USE_SHA1 STREQUAL "openssl" OR USE_SHA256 STREQUAL "openssl" OR USE_SHA1 STREQUAL "openssl-fips" OR USE_SHA256 STREQUAL "openssl-fips") if(CMAKE_SYSTEM_NAME MATCHES "FreeBSD") list(APPEND LIBGIT2_PC_LIBS "-lssl") else() list(APPEND LIBGIT2_PC_REQUIRES "openssl") endif() endif() if(USE_SHA1 STREQUAL "mbedtls" OR USE_SHA256 STREQUAL "mbedtls") list(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR}) list(APPEND LIBGIT2_SYSTEM_LIBS ${MBEDTLS_LIBRARIES}) # mbedTLS has no pkgconfig file, hence we can't require it # https://github.com/ARMmbed/mbedtls/issues/228 # For now, pass its link flags as our own list(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES}) endif() # warn for users who do not use sha1dc if(NOT "${USE_SHA1}" STREQUAL "builtin") list(APPEND WARNINGS "SHA1 support is set to ${USE_SHA1} which is not recommended - git's hash algorithm is sha1dc, it is *not* SHA1. Using SHA1 may leave you and your users susceptible to SHAttered-style attacks.") set(WARNINGS ${WARNINGS} PARENT_SCOPE) endif()