Skip to content

Commit d62cc47

Browse files
committed
build: harden CPM bootstrap download
1 parent cf075cf commit d62cc47

2 files changed

Lines changed: 96 additions & 12 deletions

File tree

cmake/CPM.cmake

Lines changed: 47 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10,12 +10,54 @@ else()
1010
set(CPM_DOWNLOAD_LOCATION "${CMAKE_BINARY_DIR}/cmake/CPM_${CPM_DOWNLOAD_VERSION}.cmake")
1111
endif()
1212

13-
if(NOT (EXISTS ${CPM_DOWNLOAD_LOCATION}))
14-
message(STATUS "Downloading CPM.cmake to ${CPM_DOWNLOAD_LOCATION}")
13+
set(CRTSYS_CPM_DOWNLOAD_URL "https://github.com/cpm-cmake/CPM.cmake/releases/download/v${CPM_DOWNLOAD_VERSION}/CPM.cmake")
14+
15+
function(crtsys_validate_cpm_download cpm_path out_var)
16+
set(cpm_is_valid FALSE)
17+
if(EXISTS "${cpm_path}")
18+
file(READ "${cpm_path}" cpm_download_content LIMIT 1048576)
19+
string(FIND "${cpm_download_content}" "CPMAddPackage" cpm_add_package_index)
20+
if(NOT cpm_add_package_index EQUAL -1)
21+
set(cpm_is_valid TRUE)
22+
endif()
23+
endif()
24+
25+
set("${out_var}" "${cpm_is_valid}" PARENT_SCOPE)
26+
endfunction()
27+
28+
function(crtsys_download_cpm cpm_url cpm_path)
29+
message(STATUS "Downloading CPM.cmake to ${cpm_path}")
30+
get_filename_component(CPM_DOWNLOAD_DIRECTORY "${cpm_path}" DIRECTORY)
31+
file(MAKE_DIRECTORY "${CPM_DOWNLOAD_DIRECTORY}")
1532
file(DOWNLOAD
16-
https://github.com/cpm-cmake/CPM.cmake/releases/download/v${CPM_DOWNLOAD_VERSION}/CPM.cmake
17-
${CPM_DOWNLOAD_LOCATION}
33+
"${cpm_url}"
34+
"${cpm_path}"
35+
STATUS CPM_DOWNLOAD_STATUS
36+
LOG CPM_DOWNLOAD_LOG
37+
TLS_VERIFY ON
1838
)
39+
list(GET CPM_DOWNLOAD_STATUS 0 CPM_DOWNLOAD_STATUS_CODE)
40+
list(GET CPM_DOWNLOAD_STATUS 1 CPM_DOWNLOAD_STATUS_MESSAGE)
41+
if(NOT CPM_DOWNLOAD_STATUS_CODE EQUAL 0)
42+
message(FATAL_ERROR "Failed to download CPM.cmake: ${CPM_DOWNLOAD_STATUS_MESSAGE}\n${CPM_DOWNLOAD_LOG}")
43+
endif()
44+
endfunction()
45+
46+
crtsys_validate_cpm_download("${CPM_DOWNLOAD_LOCATION}" CPM_DOWNLOAD_VALID)
47+
if(NOT CPM_DOWNLOAD_VALID)
48+
if(EXISTS "${CPM_DOWNLOAD_LOCATION}")
49+
message(WARNING "Existing CPM.cmake does not look valid; re-downloading ${CPM_DOWNLOAD_LOCATION}")
50+
file(REMOVE "${CPM_DOWNLOAD_LOCATION}")
51+
endif()
52+
53+
crtsys_download_cpm("${CRTSYS_CPM_DOWNLOAD_URL}" "${CPM_DOWNLOAD_LOCATION}")
54+
crtsys_validate_cpm_download("${CPM_DOWNLOAD_LOCATION}" CPM_DOWNLOAD_VALID)
55+
if(NOT CPM_DOWNLOAD_VALID)
56+
message(FATAL_ERROR "Downloaded CPM.cmake does not contain CPMAddPackage: ${CPM_DOWNLOAD_LOCATION}")
57+
endif()
1958
endif()
2059

21-
include(${CPM_DOWNLOAD_LOCATION})
60+
include("${CPM_DOWNLOAD_LOCATION}")
61+
if(NOT COMMAND CPMAddPackage)
62+
message(FATAL_ERROR "Downloaded CPM.cmake did not define CPMAddPackage: ${CPM_DOWNLOAD_LOCATION}")
63+
endif()

cmake/CrtSys.cmake

Lines changed: 49 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -66,15 +66,57 @@ else()
6666
set(CPM_DOWNLOAD_LOCATION "${CMAKE_BINARY_DIR}/cmake/CPM_${CPM_DOWNLOAD_VERSION}.cmake")
6767
endif()
6868

69-
if(NOT (EXISTS ${CPM_DOWNLOAD_LOCATION}))
70-
message(STATUS "Downloading CPM.cmake to ${CPM_DOWNLOAD_LOCATION}")
71-
file(DOWNLOAD
72-
https://github.com/cpm-cmake/CPM.cmake/releases/download/v${CPM_DOWNLOAD_VERSION}/CPM.cmake
73-
${CPM_DOWNLOAD_LOCATION}
74-
)
69+
set(CRTSYS_CPM_DOWNLOAD_URL "https://github.com/cpm-cmake/CPM.cmake/releases/download/v${CPM_DOWNLOAD_VERSION}/CPM.cmake")
70+
71+
function(crtsys_validate_cpm_download cpm_path out_var)
72+
set(cpm_is_valid FALSE)
73+
if(EXISTS "${cpm_path}")
74+
file(READ "${cpm_path}" cpm_download_content LIMIT 1048576)
75+
string(FIND "${cpm_download_content}" "CPMAddPackage" cpm_add_package_index)
76+
if(NOT cpm_add_package_index EQUAL -1)
77+
set(cpm_is_valid TRUE)
78+
endif()
79+
endif()
80+
81+
set("${out_var}" "${cpm_is_valid}" PARENT_SCOPE)
82+
endfunction()
83+
84+
function(crtsys_download_cpm cpm_url cpm_path)
85+
message(STATUS "Downloading CPM.cmake to ${cpm_path}")
86+
get_filename_component(CPM_DOWNLOAD_DIRECTORY "${cpm_path}" DIRECTORY)
87+
file(MAKE_DIRECTORY "${CPM_DOWNLOAD_DIRECTORY}")
88+
file(DOWNLOAD
89+
"${cpm_url}"
90+
"${cpm_path}"
91+
STATUS CPM_DOWNLOAD_STATUS
92+
LOG CPM_DOWNLOAD_LOG
93+
TLS_VERIFY ON
94+
)
95+
list(GET CPM_DOWNLOAD_STATUS 0 CPM_DOWNLOAD_STATUS_CODE)
96+
list(GET CPM_DOWNLOAD_STATUS 1 CPM_DOWNLOAD_STATUS_MESSAGE)
97+
if(NOT CPM_DOWNLOAD_STATUS_CODE EQUAL 0)
98+
message(FATAL_ERROR "Failed to download CPM.cmake: ${CPM_DOWNLOAD_STATUS_MESSAGE}\n${CPM_DOWNLOAD_LOG}")
99+
endif()
100+
endfunction()
101+
102+
crtsys_validate_cpm_download("${CPM_DOWNLOAD_LOCATION}" CPM_DOWNLOAD_VALID)
103+
if(NOT CPM_DOWNLOAD_VALID)
104+
if(EXISTS "${CPM_DOWNLOAD_LOCATION}")
105+
message(WARNING "Existing CPM.cmake does not look valid; re-downloading ${CPM_DOWNLOAD_LOCATION}")
106+
file(REMOVE "${CPM_DOWNLOAD_LOCATION}")
107+
endif()
108+
109+
crtsys_download_cpm("${CRTSYS_CPM_DOWNLOAD_URL}" "${CPM_DOWNLOAD_LOCATION}")
110+
crtsys_validate_cpm_download("${CPM_DOWNLOAD_LOCATION}" CPM_DOWNLOAD_VALID)
111+
if(NOT CPM_DOWNLOAD_VALID)
112+
message(FATAL_ERROR "Downloaded CPM.cmake does not contain CPMAddPackage: ${CPM_DOWNLOAD_LOCATION}")
113+
endif()
75114
endif()
76115

77-
include(${CPM_DOWNLOAD_LOCATION})
116+
include("${CPM_DOWNLOAD_LOCATION}")
117+
if(NOT COMMAND CPMAddPackage)
118+
message(FATAL_ERROR "Downloaded CPM.cmake did not define CPMAddPackage: ${CPM_DOWNLOAD_LOCATION}")
119+
endif()
78120
#---------------------------------------------------------------------------------------------------
79121

80122

0 commit comments

Comments
 (0)