|
Packit |
ae235b |
|
|
Packit |
ae235b |
<html>
|
|
Packit |
ae235b |
<head>
|
|
Packit |
ae235b |
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
|
Packit |
ae235b |
<title>GTlsConnection: GIO Reference Manual</title>
|
|
Packit |
ae235b |
<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
|
|
Packit |
ae235b |
<link rel="home" href="index.html" title="GIO Reference Manual">
|
|
Packit |
ae235b |
<link rel="up" href="tls.html" title="TLS (SSL) support">
|
|
Packit |
ae235b |
<link rel="prev" href="GTlsCertificate.html" title="GTlsCertificate">
|
|
Packit |
ae235b |
<link rel="next" href="GTlsClientConnection.html" title="GTlsClientConnection">
|
|
Packit |
ae235b |
<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
|
|
Packit |
ae235b |
<link rel="stylesheet" href="style.css" type="text/css">
|
|
Packit |
ae235b |
</head>
|
|
Packit |
ae235b |
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Top |
|
|
Packit |
ae235b |
Description |
|
|
Packit |
ae235b |
Object Hierarchy |
|
|
Packit |
ae235b |
Known Derived Interfaces |
|
|
Packit |
ae235b |
Properties |
|
|
Packit |
ae235b |
Signals
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsConnection
|
|
Packit |
ae235b |
GTlsConnection — TLS connection type
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Functions
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_certificate ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsCertificate *
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_certificate ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsCertificate *
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_peer_certificate ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsCertificateFlags
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_peer_certificate_errors ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_require_close_notify ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_require_close_notify ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_rehandshake_mode ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsRehandshakeMode
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_rehandshake_mode ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_use_system_certdb ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_use_system_certdb ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsDatabase *
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_database ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_database ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsInteraction *
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_interaction ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_interaction ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_handshake ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_handshake_async ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_handshake_finish ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_emit_accept_certificate ()
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Properties
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GIOStream *
|
|
Packit |
ae235b |
base-io-stream
|
|
Packit |
ae235b |
Read / Write / Construct Only
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsCertificate *
|
|
Packit |
ae235b |
certificate
|
|
Packit |
ae235b |
Read / Write
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsDatabase *
|
|
Packit |
ae235b |
database
|
|
Packit |
ae235b |
Read / Write
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsInteraction *
|
|
Packit |
ae235b |
interaction
|
|
Packit |
ae235b |
Read / Write
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsCertificate *
|
|
Packit |
ae235b |
peer-certificate
|
|
Packit |
ae235b |
Read
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsCertificateFlags
|
|
Packit |
ae235b |
peer-certificate-errors
|
|
Packit |
ae235b |
Read
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsRehandshakeMode
|
|
Packit |
ae235b |
rehandshake-mode
|
|
Packit |
ae235b |
Read / Write / Construct
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
require-close-notify
|
|
Packit |
ae235b |
Read / Write / Construct
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
use-system-certdb
|
|
Packit |
ae235b |
Read / Write / Construct
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Signals
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
accept-certificate
|
|
Packit |
ae235b |
Run Last
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Types and Values
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
enum
|
|
Packit |
ae235b |
GTlsRehandshakeMode
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Object Hierarchy
|
|
Packit |
ae235b |
GObject
|
|
Packit |
ae235b |
╰── GIOStream
|
|
Packit |
ae235b |
╰── GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Known Derived Interfaces
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsConnection is required by
|
|
Packit |
ae235b |
GTlsClientConnection and GTlsServerConnection.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Includes
|
|
Packit |
ae235b |
#include <gio/gio.h>
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Description
|
|
Packit |
ae235b |
GTlsConnection is the base TLS connection class type, which wraps
|
|
Packit |
ae235b |
a GIOStream and provides TLS encryption on top of it. Its
|
|
Packit |
ae235b |
subclasses, GTlsClientConnection and GTlsServerConnection,
|
|
Packit |
ae235b |
implement client-side and server-side TLS, respectively.
|
|
Packit |
ae235b |
For DTLS (Datagram TLS) support, see GDtlsConnection.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Functions
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_certificate ()
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
g_tls_connection_set_certificate (GTlsConnection *conn ,
|
|
Packit |
ae235b |
GTlsCertificate *certificate );
|
|
Packit |
ae235b |
This sets the certificate that conn
|
|
Packit |
ae235b |
will present to its peer
|
|
Packit |
ae235b |
during the TLS handshake. For a GTlsServerConnection, it is
|
|
Packit |
ae235b |
mandatory to set this, and that will normally be done at construct
|
|
Packit |
ae235b |
time.
|
|
Packit |
ae235b |
For a GTlsClientConnection, this is optional. If a handshake fails
|
|
Packit |
ae235b |
with G_TLS_ERROR_CERTIFICATE_REQUIRED , that means that the server
|
|
Packit |
ae235b |
requires a certificate, and if you try connecting again, you should
|
|
Packit |
ae235b |
call this method first. You can call
|
|
Packit |
ae235b |
g_tls_client_connection_get_accepted_cas() on the failed connection
|
|
Packit |
ae235b |
to get a list of Certificate Authorities that the server will
|
|
Packit |
ae235b |
accept certificates from.
|
|
Packit |
ae235b |
(It is also possible that a server will allow the connection with
|
|
Packit |
ae235b |
or without a certificate; in that case, if you don't provide a
|
|
Packit |
ae235b |
certificate, you can tell that the server requested one by the fact
|
|
Packit |
ae235b |
that g_tls_client_connection_get_accepted_cas() will return
|
|
Packit |
ae235b |
non-NULL .)
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
certificate
|
|
Packit |
ae235b |
the certificate to use for conn
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_certificate ()
|
|
Packit |
ae235b |
GTlsCertificate *
|
|
Packit |
ae235b |
g_tls_connection_get_certificate (GTlsConnection *conn );
|
|
Packit |
ae235b |
Gets conn
|
|
Packit |
ae235b |
's certificate, as set by
|
|
Packit |
ae235b |
g_tls_connection_set_certificate() .
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
's certificate, or NULL .
|
|
Packit |
ae235b |
[transfer none]
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_peer_certificate ()
|
|
Packit |
ae235b |
GTlsCertificate *
|
|
Packit |
ae235b |
g_tls_connection_get_peer_certificate (GTlsConnection *conn );
|
|
Packit |
ae235b |
Gets conn
|
|
Packit |
ae235b |
's peer's certificate after the handshake has completed.
|
|
Packit |
ae235b |
(It is not set during the emission of
|
|
Packit |
ae235b |
“accept-certificate”.)
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
's peer's certificate, or NULL .
|
|
Packit |
ae235b |
[transfer none]
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_peer_certificate_errors ()
|
|
Packit |
ae235b |
GTlsCertificateFlags
|
|
Packit |
ae235b |
g_tls_connection_get_peer_certificate_errors
|
|
Packit |
ae235b |
(GTlsConnection *conn );
|
|
Packit |
ae235b |
Gets the errors associated with validating conn
|
|
Packit |
ae235b |
's peer's
|
|
Packit |
ae235b |
certificate, after the handshake has completed. (It is not set
|
|
Packit |
ae235b |
during the emission of “accept-certificate”.)
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
's peer's certificate errors
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_require_close_notify ()
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
g_tls_connection_set_require_close_notify
|
|
Packit |
ae235b |
(GTlsConnection *conn ,
|
|
Packit |
ae235b |
gboolean require_close_notify );
|
|
Packit |
ae235b |
Sets whether or not conn
|
|
Packit |
ae235b |
expects a proper TLS close notification
|
|
Packit |
ae235b |
before the connection is closed. If this is TRUE (the default),
|
|
Packit |
ae235b |
then conn
|
|
Packit |
ae235b |
will expect to receive a TLS close notification from its
|
|
Packit |
ae235b |
peer before the connection is closed, and will return a
|
|
Packit |
ae235b |
G_TLS_ERROR_EOF error if the connection is closed without proper
|
|
Packit |
ae235b |
notification (since this may indicate a network error, or
|
|
Packit |
ae235b |
man-in-the-middle attack).
|
|
Packit |
ae235b |
In some protocols, the application will know whether or not the
|
|
Packit |
ae235b |
connection was closed cleanly based on application-level data
|
|
Packit |
ae235b |
(because the application-level data includes a length field, or is
|
|
Packit |
ae235b |
somehow self-delimiting); in this case, the close notify is
|
|
Packit |
ae235b |
redundant and sometimes omitted. (TLS 1.1 explicitly allows this;
|
|
Packit |
ae235b |
in TLS 1.0 it is technically an error, but often done anyway.) You
|
|
Packit |
ae235b |
can use g_tls_connection_set_require_close_notify() to tell conn
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
to allow an "unannounced" connection close, in which case the close
|
|
Packit |
ae235b |
will show up as a 0-length read, as in a non-TLS
|
|
Packit |
ae235b |
GSocketConnection, and it is up to the application to check that
|
|
Packit |
ae235b |
the data has been fully received.
|
|
Packit |
ae235b |
Note that this only affects the behavior when the peer closes the
|
|
Packit |
ae235b |
connection; when the application calls g_io_stream_close() itself
|
|
Packit |
ae235b |
on conn
|
|
Packit |
ae235b |
, this will send a close notification regardless of the
|
|
Packit |
ae235b |
setting of this property. If you explicitly want to do an unclean
|
|
Packit |
ae235b |
close, you can close conn
|
|
Packit |
ae235b |
's “base-io-stream” rather
|
|
Packit |
ae235b |
than closing conn
|
|
Packit |
ae235b |
itself, but note that this may only be done when no other
|
|
Packit |
ae235b |
operations are pending on conn
|
|
Packit |
ae235b |
or the base I/O stream.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
require_close_notify
|
|
Packit |
ae235b |
whether or not to require close notification
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_require_close_notify ()
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
g_tls_connection_get_require_close_notify
|
|
Packit |
ae235b |
(GTlsConnection *conn );
|
|
Packit |
ae235b |
Tests whether or not conn
|
|
Packit |
ae235b |
expects a proper TLS close notification
|
|
Packit |
ae235b |
when the connection is closed. See
|
|
Packit |
ae235b |
g_tls_connection_set_require_close_notify() for details.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
TRUE if conn
|
|
Packit |
ae235b |
requires a proper TLS close
|
|
Packit |
ae235b |
notification.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_rehandshake_mode ()
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
g_tls_connection_set_rehandshake_mode (GTlsConnection *conn ,
|
|
Packit |
ae235b |
GTlsRehandshakeMode mode );
|
|
Packit |
ae235b |
Sets how conn
|
|
Packit |
ae235b |
behaves with respect to rehandshaking requests.
|
|
Packit |
ae235b |
G_TLS_REHANDSHAKE_NEVER means that it will never agree to
|
|
Packit |
ae235b |
rehandshake after the initial handshake is complete. (For a client,
|
|
Packit |
ae235b |
this means it will refuse rehandshake requests from the server, and
|
|
Packit |
ae235b |
for a server, this means it will close the connection with an error
|
|
Packit |
ae235b |
if the client attempts to rehandshake.)
|
|
Packit |
ae235b |
G_TLS_REHANDSHAKE_SAFELY means that the connection will allow a
|
|
Packit |
ae235b |
rehandshake only if the other end of the connection supports the
|
|
Packit |
ae235b |
TLS renegotiation_info extension. This is the default behavior,
|
|
Packit |
ae235b |
but means that rehandshaking will not work against older
|
|
Packit |
ae235b |
implementations that do not support that extension.
|
|
Packit |
ae235b |
G_TLS_REHANDSHAKE_UNSAFELY means that the connection will allow
|
|
Packit |
ae235b |
rehandshaking even without the renegotiation_info extension. On
|
|
Packit |
ae235b |
the server side in particular, this is not recommended, since it
|
|
Packit |
ae235b |
leaves the server open to certain attacks. However, this mode is
|
|
Packit |
ae235b |
necessary if you need to allow renegotiation with older client
|
|
Packit |
ae235b |
software.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
mode
|
|
Packit |
ae235b |
the rehandshaking mode
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_rehandshake_mode ()
|
|
Packit |
ae235b |
GTlsRehandshakeMode
|
|
Packit |
ae235b |
g_tls_connection_get_rehandshake_mode (GTlsConnection *conn );
|
|
Packit |
ae235b |
Gets conn
|
|
Packit |
ae235b |
rehandshaking mode. See
|
|
Packit |
ae235b |
g_tls_connection_set_rehandshake_mode() for details.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
's rehandshaking mode
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_use_system_certdb ()
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
g_tls_connection_set_use_system_certdb
|
|
Packit |
ae235b |
(GTlsConnection *conn ,
|
|
Packit |
ae235b |
gboolean use_system_certdb );
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_use_system_certdb has been deprecated since version 2.30 and should not be used in newly-written code.
|
|
Packit |
ae235b |
Use g_tls_connection_set_database() instead
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Sets whether conn
|
|
Packit |
ae235b |
uses the system certificate database to verify
|
|
Packit |
ae235b |
peer certificates. This is TRUE by default. If set to FALSE , then
|
|
Packit |
ae235b |
peer certificate validation will always set the
|
|
Packit |
ae235b |
G_TLS_CERTIFICATE_UNKNOWN_CA error (meaning
|
|
Packit |
ae235b |
“accept-certificate” will always be emitted on
|
|
Packit |
ae235b |
client-side connections, unless that bit is not set in
|
|
Packit |
ae235b |
“validation-flags”).
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
use_system_certdb
|
|
Packit |
ae235b |
whether to use the system certificate database
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_use_system_certdb ()
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
g_tls_connection_get_use_system_certdb
|
|
Packit |
ae235b |
(GTlsConnection *conn );
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_use_system_certdb has been deprecated since version 2.30 and should not be used in newly-written code.
|
|
Packit |
ae235b |
Use g_tls_connection_get_database() instead
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Gets whether conn
|
|
Packit |
ae235b |
uses the system certificate database to verify
|
|
Packit |
ae235b |
peer certificates. See g_tls_connection_set_use_system_certdb() .
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
whether conn
|
|
Packit |
ae235b |
uses the system certificate database
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_database ()
|
|
Packit |
ae235b |
GTlsDatabase *
|
|
Packit |
ae235b |
g_tls_connection_get_database (GTlsConnection *conn );
|
|
Packit |
ae235b |
Gets the certificate database that conn
|
|
Packit |
ae235b |
uses to verify
|
|
Packit |
ae235b |
peer certificates. See g_tls_connection_set_database() .
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
the certificate database that conn
|
|
Packit |
ae235b |
uses or NULL .
|
|
Packit |
ae235b |
[transfer none]
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.30
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_database ()
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
g_tls_connection_set_database (GTlsConnection *conn ,
|
|
Packit |
ae235b |
GTlsDatabase *database );
|
|
Packit |
ae235b |
Sets the certificate database that is used to verify peer certificates.
|
|
Packit |
ae235b |
This is set to the default database by default. See
|
|
Packit |
ae235b |
g_tls_backend_get_default_database() . If set to NULL , then
|
|
Packit |
ae235b |
peer certificate validation will always set the
|
|
Packit |
ae235b |
G_TLS_CERTIFICATE_UNKNOWN_CA error (meaning
|
|
Packit |
ae235b |
“accept-certificate” will always be emitted on
|
|
Packit |
ae235b |
client-side connections, unless that bit is not set in
|
|
Packit |
ae235b |
“validation-flags”).
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
database
|
|
Packit |
ae235b |
a GTlsDatabase
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.30
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_get_interaction ()
|
|
Packit |
ae235b |
GTlsInteraction *
|
|
Packit |
ae235b |
g_tls_connection_get_interaction (GTlsConnection *conn );
|
|
Packit |
ae235b |
Get the object that will be used to interact with the user. It will be used
|
|
Packit |
ae235b |
for things like prompting the user for passwords. If NULL is returned, then
|
|
Packit |
ae235b |
no user interaction will occur for this connection.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a connection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
The interaction object.
|
|
Packit |
ae235b |
[transfer none]
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.30
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_set_interaction ()
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
g_tls_connection_set_interaction (GTlsConnection *conn ,
|
|
Packit |
ae235b |
GTlsInteraction *interaction );
|
|
Packit |
ae235b |
Set the object that will be used to interact with the user. It will be used
|
|
Packit |
ae235b |
for things like prompting the user for passwords.
|
|
Packit |
ae235b |
The interaction
|
|
Packit |
ae235b |
argument will normally be a derived subclass of
|
|
Packit |
ae235b |
GTlsInteraction. NULL can also be provided if no user interaction
|
|
Packit |
ae235b |
should occur for this connection.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a connection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
interaction
|
|
Packit |
ae235b |
an interaction object, or NULL .
|
|
Packit |
ae235b |
[nullable]
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.30
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_handshake ()
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
g_tls_connection_handshake (GTlsConnection *conn ,
|
|
Packit |
ae235b |
GCancellable *cancellable ,
|
|
Packit |
ae235b |
GError **error );
|
|
Packit |
ae235b |
Attempts a TLS handshake on conn
|
|
Packit |
ae235b |
.
|
|
Packit |
ae235b |
On the client side, it is never necessary to call this method;
|
|
Packit |
ae235b |
although the connection needs to perform a handshake after
|
|
Packit |
ae235b |
connecting (or after sending a "STARTTLS"-type command) and may
|
|
Packit |
ae235b |
need to rehandshake later if the server requests it,
|
|
Packit |
ae235b |
GTlsConnection will handle this for you automatically when you try
|
|
Packit |
ae235b |
to send or receive data on the connection. However, you can call
|
|
Packit |
ae235b |
g_tls_connection_handshake() manually if you want to know for sure
|
|
Packit |
ae235b |
whether the initial handshake succeeded or failed (as opposed to
|
|
Packit |
ae235b |
just immediately trying to write to conn
|
|
Packit |
ae235b |
's output stream, in which
|
|
Packit |
ae235b |
case if it fails, it may not be possible to tell if it failed
|
|
Packit |
ae235b |
before or after completing the handshake).
|
|
Packit |
ae235b |
Likewise, on the server side, although a handshake is necessary at
|
|
Packit |
ae235b |
the beginning of the communication, you do not need to call this
|
|
Packit |
ae235b |
function explicitly unless you want clearer error reporting.
|
|
Packit |
ae235b |
However, you may call g_tls_connection_handshake() later on to
|
|
Packit |
ae235b |
renegotiate parameters (encryption methods, etc) with the client.
|
|
Packit |
ae235b |
“accept_certificate” may be emitted during the
|
|
Packit |
ae235b |
handshake.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
cancellable
|
|
Packit |
ae235b |
a GCancellable, or NULL .
|
|
Packit |
ae235b |
[nullable]
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
error
|
|
Packit |
ae235b |
a GError, or NULL
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
success or failure
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_handshake_async ()
|
|
Packit |
ae235b |
void
|
|
Packit |
ae235b |
g_tls_connection_handshake_async (GTlsConnection *conn ,
|
|
Packit |
ae235b |
int io_priority ,
|
|
Packit |
ae235b |
GCancellable *cancellable ,
|
|
Packit |
ae235b |
GAsyncReadyCallback callback ,
|
|
Packit |
ae235b |
gpointer user_data );
|
|
Packit |
ae235b |
Asynchronously performs a TLS handshake on conn
|
|
Packit |
ae235b |
. See
|
|
Packit |
ae235b |
g_tls_connection_handshake() for more information.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
io_priority
|
|
Packit |
ae235b |
the I/O priority of the request
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
cancellable
|
|
Packit |
ae235b |
a GCancellable, or NULL .
|
|
Packit |
ae235b |
[nullable]
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
callback
|
|
Packit |
ae235b |
callback to call when the handshake is complete
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
user_data
|
|
Packit |
ae235b |
the data to pass to the callback function
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_handshake_finish ()
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
g_tls_connection_handshake_finish (GTlsConnection *conn ,
|
|
Packit |
ae235b |
GAsyncResult *result ,
|
|
Packit |
ae235b |
GError **error );
|
|
Packit |
ae235b |
Finish an asynchronous TLS handshake operation. See
|
|
Packit |
ae235b |
g_tls_connection_handshake() for more information.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
result
|
|
Packit |
ae235b |
a GAsyncResult.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
error
|
|
Packit |
ae235b |
a GError pointer, or NULL
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
TRUE on success, FALSE on failure, in which
|
|
Packit |
ae235b |
case error
|
|
Packit |
ae235b |
will be set.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
g_tls_connection_emit_accept_certificate ()
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
g_tls_connection_emit_accept_certificate
|
|
Packit |
ae235b |
(GTlsConnection *conn ,
|
|
Packit |
ae235b |
GTlsCertificate *peer_cert ,
|
|
Packit |
ae235b |
GTlsCertificateFlags errors );
|
|
Packit |
ae235b |
Used by GTlsConnection implementations to emit the
|
|
Packit |
ae235b |
“accept-certificate” signal.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
peer_cert
|
|
Packit |
ae235b |
the peer's GTlsCertificate
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
errors
|
|
Packit |
ae235b |
the problems with peer_cert
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
TRUE if one of the signal handlers has returned
|
|
Packit |
ae235b |
TRUE to accept peer_cert
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Types and Values
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsConnection
|
|
Packit |
ae235b |
typedef struct _GTlsConnection GTlsConnection;
|
|
Packit |
ae235b |
Abstract base class for the backend-specific GTlsClientConnection
|
|
Packit |
ae235b |
and GTlsServerConnection types.
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
enum GTlsRehandshakeMode
|
|
Packit |
ae235b |
When to allow rehandshaking. See
|
|
Packit |
ae235b |
g_tls_connection_set_rehandshake_mode() .
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Members
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
G_TLS_REHANDSHAKE_NEVER
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Never allow rehandshaking
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
G_TLS_REHANDSHAKE_SAFELY
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Allow safe rehandshaking only
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
G_TLS_REHANDSHAKE_UNSAFELY
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Allow unsafe rehandshaking
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Property Details
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “base-io-stream” property
|
|
Packit |
ae235b |
“base-io-stream” GIOStream *
|
|
Packit |
ae235b |
The GIOStream that the connection wraps. The connection holds a reference
|
|
Packit |
ae235b |
to this stream, and may run operations on the stream from other threads
|
|
Packit |
ae235b |
throughout its lifetime. Consequently, after the GIOStream has been
|
|
Packit |
ae235b |
constructed, application code may only run its own operations on this
|
|
Packit |
ae235b |
stream when no GIOStream operations are running.
|
|
Packit |
ae235b |
Flags: Read / Write / Construct Only
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “certificate” property
|
|
Packit |
ae235b |
“certificate” GTlsCertificate *
|
|
Packit |
ae235b |
The connection's certificate; see
|
|
Packit |
ae235b |
g_tls_connection_set_certificate() .
|
|
Packit |
ae235b |
Flags: Read / Write
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “database” property
|
|
Packit |
ae235b |
“database” GTlsDatabase *
|
|
Packit |
ae235b |
The certificate database to use when verifying this TLS connection.
|
|
Packit |
ae235b |
If no certificate database is set, then the default database will be
|
|
Packit |
ae235b |
used. See g_tls_backend_get_default_database() .
|
|
Packit |
ae235b |
Flags: Read / Write
|
|
Packit |
ae235b |
Since: 2.30
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “interaction” property
|
|
Packit |
ae235b |
“interaction” GTlsInteraction *
|
|
Packit |
ae235b |
A GTlsInteraction object to be used when the connection or certificate
|
|
Packit |
ae235b |
database need to interact with the user. This will be used to prompt the
|
|
Packit |
ae235b |
user for passwords where necessary.
|
|
Packit |
ae235b |
Flags: Read / Write
|
|
Packit |
ae235b |
Since: 2.30
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “peer-certificate” property
|
|
Packit |
ae235b |
“peer-certificate” GTlsCertificate *
|
|
Packit |
ae235b |
The connection's peer's certificate, after the TLS handshake has
|
|
Packit |
ae235b |
completed and the certificate has been accepted. Note in
|
|
Packit |
ae235b |
particular that this is not yet set during the emission of
|
|
Packit |
ae235b |
“accept-certificate”.
|
|
Packit |
ae235b |
(You can watch for a “notify” signal on this property to
|
|
Packit |
ae235b |
detect when a handshake has occurred.)
|
|
Packit |
ae235b |
Flags: Read
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “peer-certificate-errors” property
|
|
Packit |
ae235b |
“peer-certificate-errors” GTlsCertificateFlags
|
|
Packit |
ae235b |
The errors noticed-and-ignored while verifying
|
|
Packit |
ae235b |
“peer-certificate”. Normally this should be 0, but
|
|
Packit |
ae235b |
it may not be if “validation-flags” is not
|
|
Packit |
ae235b |
G_TLS_CERTIFICATE_VALIDATE_ALL , or if
|
|
Packit |
ae235b |
“accept-certificate” overrode the default
|
|
Packit |
ae235b |
behavior.
|
|
Packit |
ae235b |
Flags: Read
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “rehandshake-mode” property
|
|
Packit |
ae235b |
“rehandshake-mode” GTlsRehandshakeMode
|
|
Packit |
ae235b |
The rehandshaking mode. See
|
|
Packit |
ae235b |
g_tls_connection_set_rehandshake_mode() .
|
|
Packit |
ae235b |
Flags: Read / Write / Construct
|
|
Packit |
ae235b |
Default value: G_TLS_REHANDSHAKE_SAFELY
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “require-close-notify” property
|
|
Packit |
ae235b |
“require-close-notify” gboolean
|
|
Packit |
ae235b |
Whether or not proper TLS close notification is required.
|
|
Packit |
ae235b |
See g_tls_connection_set_require_close_notify() .
|
|
Packit |
ae235b |
Flags: Read / Write / Construct
|
|
Packit |
ae235b |
Default value: TRUE
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “use-system-certdb” property
|
|
Packit |
ae235b |
“use-system-certdb” gboolean
|
|
Packit |
ae235b |
Whether or not the system certificate database will be used to
|
|
Packit |
ae235b |
verify peer certificates. See
|
|
Packit |
ae235b |
g_tls_connection_set_use_system_certdb() .
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
GTlsConnection:use-system-certdb has been deprecated since version 2.30 and should not be used in newly-written code.
|
|
Packit |
ae235b |
Use GTlsConnection:database instead
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Flags: Read / Write / Construct
|
|
Packit |
ae235b |
Default value: TRUE
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Signal Details
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
The “accept-certificate” signal
|
|
Packit |
ae235b |
gboolean
|
|
Packit |
ae235b |
user_function (GTlsConnection *conn,
|
|
Packit |
ae235b |
GTlsCertificate *peer_cert,
|
|
Packit |
ae235b |
GTlsCertificateFlags errors,
|
|
Packit |
ae235b |
gpointer user_data)
|
|
Packit |
ae235b |
Emitted during the TLS handshake after the peer certificate has
|
|
Packit |
ae235b |
been received. You can examine peer_cert
|
|
Packit |
ae235b |
's certification path by
|
|
Packit |
ae235b |
calling g_tls_certificate_get_issuer() on it.
|
|
Packit |
ae235b |
For a client-side connection, peer_cert
|
|
Packit |
ae235b |
is the server's
|
|
Packit |
ae235b |
certificate, and the signal will only be emitted if the
|
|
Packit |
ae235b |
certificate was not acceptable according to conn
|
|
Packit |
ae235b |
's
|
|
Packit |
ae235b |
“validation_flags”. If you would like the
|
|
Packit |
ae235b |
certificate to be accepted despite errors
|
|
Packit |
ae235b |
, return TRUE from the
|
|
Packit |
ae235b |
signal handler. Otherwise, if no handler accepts the certificate,
|
|
Packit |
ae235b |
the handshake will fail with G_TLS_ERROR_BAD_CERTIFICATE .
|
|
Packit |
ae235b |
For a server-side connection, peer_cert
|
|
Packit |
ae235b |
is the certificate
|
|
Packit |
ae235b |
presented by the client, if this was requested via the server's
|
|
Packit |
ae235b |
“authentication_mode”. On the server side,
|
|
Packit |
ae235b |
the signal is always emitted when the client presents a
|
|
Packit |
ae235b |
certificate, and the certificate will only be accepted if a
|
|
Packit |
ae235b |
handler returns TRUE .
|
|
Packit |
ae235b |
Note that if this signal is emitted as part of asynchronous I/O
|
|
Packit |
ae235b |
in the main thread, then you should not attempt to interact with
|
|
Packit |
ae235b |
the user before returning from the signal handler. If you want to
|
|
Packit |
ae235b |
let the user decide whether or not to accept the certificate, you
|
|
Packit |
ae235b |
would have to return FALSE from the signal handler on the first
|
|
Packit |
ae235b |
attempt, and then after the connection attempt returns a
|
|
Packit |
ae235b |
G_TLS_ERROR_HANDSHAKE , you can interact with the user, and if
|
|
Packit |
ae235b |
the user decides to accept the certificate, remember that fact,
|
|
Packit |
ae235b |
create a new connection, and return TRUE from the signal handler
|
|
Packit |
ae235b |
the next time.
|
|
Packit |
ae235b |
If you are doing I/O in another thread, you do not
|
|
Packit |
ae235b |
need to worry about this, and can simply block in the signal
|
|
Packit |
ae235b |
handler until the UI thread returns an answer.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Parameters
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
conn
|
|
Packit |
ae235b |
a GTlsConnection
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
peer_cert
|
|
Packit |
ae235b |
the peer's GTlsCertificate
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
errors
|
|
Packit |
ae235b |
the problems with peer_cert
|
|
Packit |
ae235b |
.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
user_data
|
|
Packit |
ae235b |
user data set when the signal handler was connected.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Returns
|
|
Packit |
ae235b |
TRUE to accept peer_cert
|
|
Packit |
ae235b |
(which will also
|
|
Packit |
ae235b |
immediately end the signal emission). FALSE to allow the signal
|
|
Packit |
ae235b |
emission to continue, which will cause the handshake to fail if
|
|
Packit |
ae235b |
no one else overrides it.
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Flags: Run Last
|
|
Packit |
ae235b |
Since: 2.28
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
|
|
Packit |
ae235b |
Generated by GTK-Doc V1.27
|
|
Packit |
ae235b |
</body>
|
|
Packit |
ae235b |
</html>
|