view CMakeLists.txt @ 1373:00fcb9c4d16b

(issue179) Handle SW verify failures and try to redownload the update
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 24 Nov 2014 16:46:08 +0100
parents 8897c90b8166
children c64b6c56ce96
line wrap: on
line source
# Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
# Software engineering by Intevation GmbH
#
# This file is Free Software under the GNU GPL (v>=2)
# and comes with ABSOLUTELY NO WARRANTY!
# See LICENSE.txt for details.

cmake_minimum_required(VERSION 2.8.8)
project(trustbridge)

option(DO_RELEASE_BUILD "Build for a public release." OFF)
option(ENABLE_PROFILING "Set to enable profiling." OFF)
option(USE_CURL "Use libcurl to download updates and certificate lists." ON)
option(USE_CLANG "Use clang to compile trustbridge." OFF)

set(DOWNLOAD_SERVER "https://tb-devel.intevation.de:443" CACHE STRING "Used as download server" )
set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/cmake/")

#Old qtmain linking behavior to be compatible with cmake versions < 2.8.11

if(POLICY CMP0020)
  cmake_policy(SET CMP0020 OLD)
endif()

if (USE_CLANG)
   message (STATUS "Using clang options to build trustbridge.")
   # This is a bit of a hack but necessary on Ubuntu 14.4
   include_directories(/usr/include/c++/4.8 /usr/include/x86_64-linux-gnu/c++/4.8/)
endif()

include(CTest)
include(HGVersion)

if(HG_REVISION)
   If(HG_REVISION_DIST STREQUAL "0")
      add_definitions(-DIS_TAG_BUILD)
   endif()
   set(PROJECT_VERSION ${HG_REVISION})
else()
   set(PROJECT_VERSION unknown)
endif()

add_definitions(-DVERSION="${PROJECT_VERSION}")

find_package(PolarSSL)
include_directories(${POLARSSL_INCLUDE_DIR})

find_package(Qt5Widgets)

find_program(OSSLSIGNCODE_EXECUTABLE osslsigncode)

if (WIN32 AND NOT OSSLSIGNCODE_EXECUTABLE)
   message (STATUS "WARNING: osslsigncode not found. Code verification and code verification tests will fail.")
endif()

if (NOT WIN32)
   find_package(NSS)
else ()
   # Use static NSS for Windows
   if (NOT EXISTS "${CMAKE_SOURCE_DIR}/nss-cmake-static")
      MESSAGE(FATAL_ERROR "Could not find nss-cmake-static checkout. Please run: \n hg clone https://wald.intevation.org/hg/trustbridge/nss-cmake-static '${CMAKE_SOURCE_DIR}/nss-cmake-static'")
   endif()
  set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/nss-cmake-static/")
  set(NSS_STATIC_PATH "${CMAKE_SOURCE_DIR}/nss-cmake-static")
  include (nss-cmake-static)
endif()

# Use cmake's automoc and make sure the generated files are included
set(CMAKE_AUTOMOC ON)
set(CMAKE_INCLUDE_CURRENT_DIR ON)

if(DO_RELEASE_BUILD)
   if (NOT CMAKE_BUILD_TYPE)
      set (CMAKE_BUILD_TYPE RELEASE)
   endif (NOT CMAKE_BUILD_TYPE)
   add_definitions (-DRELEASE_BUILD)
   set(USE_REAL_RESOURCES ON)
else()
# Default to debug build
   if (NOT CMAKE_BUILD_TYPE)
     set (CMAKE_BUILD_TYPE Debug)
     set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g")
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g")
   endif (NOT CMAKE_BUILD_TYPE)
endif()

if(USE_REAL_RESOURCES)
   add_definitions (-DUSE_REAL_RESOURCES)
endif()

if (NOT USE_CLANG)
# Warn level to be used for privileged parts
   set(WARN_HARDENING_FLAGS " -Wextra -Wconversion -Wformat-security")

# Hardening flags
   set(HARDENING_FLAGS " -Wall -fstack-protector-all -fno-exceptions")
   set(HARDENING_FLAGS " ${HARDENING_FLAGS} -Wstack-protector")
   set(HARDENING_FLAGS " ${HARDENING_FLAGS} --param ssp-buffer-size=4")
   set(HARDENING_FLAGS " ${HARDENING_FLAGS} -D_FORTIFY_SOURCE=2 -O0")
else()
   set(HARDENING_FLAGS " -Weverything")
endif()

if(ENABLE_PROFILING)
   set(PROFILING_FLAGS "-fprofile-arcs -ftest-coverage")
   set(PROFILING_LIBS gcov)
endif()

if(WIN32)
   add_definitions(-D_WIN32_WINNT=0x0600) # Windows vista
   add_definitions(-DWINVER=0x0600)
   add_definitions(-DMINGW_HAS_SECURE_API) # for _s functions
endif(WIN32)

if(UNIX AND NOT USE_CLANG)
   set(HARDENING_FLAGS " ${HARDENING_FLAGS} -pie -fPIE -ftrapv")
   set(HARDENING_FLAGS " ${HARDENING_FLAGS} -Wl,-z,relro,-z,now")
elseif(WIN32 AND NOT USE_CLANG)
   set(HARDENING_FLAGS " ${HARDENING_FLAGS} -Wl,--dynamicbase -Wl,--nxcompat")
endif()

set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${HARDENING_FLAGS} ${PROFILING_FLAGS}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${WARN_HARDENING_FLAGS} ${HARDENING_FLAGS} ${PROFILING_FLAGS}")

add_custom_target(static_check)

# FlawFinder
find_program(FLAWFINDER_PATH flawfinder DOC "flawfinder path")
if (FLAWFINDER_PATH)
    add_custom_target(flawfinder COMMENT "FlawFinder" VERBATIM COMMAND ${FLAWFINDER_PATH}
       ${CMAKE_SOURCE_DIR}/ui
       ${CMAKE_SOURCE_DIR}/cinst
       ${CMAKE_SOURCE_DIR}/common
    )
    add_dependencies(static_check flawfinder)
endif (FLAWFINDER_PATH)

if(WIN32)
  add_subdirectory(nss-cmake-static)
  add_definitions(-D_WIN32_WINNT=0x0600) # Windows vista. NSS defines its own winver.
endif()

# No chance to compile nss with -Werror
if (NOT USE_CLANG)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror")
   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror")
endif()

# Cmake does not correctly identify gcc windres when cross compiling
# making this line neccessary to set the correct flags for it.
# See: http://public.kitware.com/Bug/view.php?id=11773
SET(CMAKE_RC_COMPILE_OBJECT
      "<CMAKE_RC_COMPILER> <FLAGS> <DEFINES> -Ocoff <SOURCE> <OBJECT>")

add_subdirectory(common)

add_subdirectory(cinst)
if(Qt5Widgets_FOUND)
    add_subdirectory(ui)
else()
   message(STATUS "WARNING: Could not find qt. GUI parts will not be built.")
endif()

# Documentation
configure_file (doc/apidoc/Doxyfile.in doc/apidoc/Doxyfile)
add_subdirectory(doc/apidoc)

find_package(Sphinx)

if (NOT SPHINX_FOUND)
   message (STATUS "WARNING could not find sphinx (Package python-sphinx). Manuals will not be built.")
else()
   add_subdirectory(doc/help)
endif()

add_subdirectory(packaging)

if (ENABLE_PROFILING)
   configure_file (make-coverage.sh.in make-coverage.sh)
   add_custom_target(lcov COMMENT "Lcov coverage report" VERBATIM COMMAND /bin/bash
      ${CMAKE_CURRENT_BINARY_DIR}/make-coverage.sh
   )
endif()

http://wald.intevation.org/projects/trustbridge/