glibmm 2.66.5
|
TlsClientConnection - TLS client-side connection. More...
#include <giomm/tlsclientconnection.h>
Public Member Functions | |
TlsClientConnection (TlsClientConnection && src) noexcept | |
TlsClientConnection & | operator= (TlsClientConnection && src) noexcept |
~TlsClientConnection () noexcept override | |
GTlsClientConnection * | gobj () |
Provides access to the underlying C GObject. More... | |
const GTlsClientConnection * | gobj () const |
Provides access to the underlying C GObject. More... | |
void | set_server_identity (const Glib::RefPtr< SocketConnectable > & identity) |
Sets conn's expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let conn know what name to look for in the certificate when performing TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled. More... | |
Glib::RefPtr< SocketConnectable > | get_server_identity () |
Gets conn's expected server identity. More... | |
Glib::RefPtr< const SocketConnectable > | get_server_identity () const |
Gets conn's expected server identity. More... | |
void | set_validation_flags (TlsCertificateFlags flags) |
Sets this client connection's validation flags, to override the default set of checks performed when validating a server certificate. More... | |
TlsCertificateFlags | get_validation_flags () const |
Gets this client connection's validation flags. More... | |
void | set_use_ssl3 (bool use_ssl3=true) |
Since GLib 2.42.1, SSL 3.0 is no longer supported. More... | |
bool | get_use_ssl3 () const |
SSL 3.0 is no longer supported. More... | |
std::vector< Glib::RefPtr< Glib::ByteArray > > | get_accepted_cas () |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from. More... | |
std::vector< Glib::RefPtr< const Glib::ByteArray > > | get_accepted_cas () const |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from. More... | |
void | copy_session_state (const Glib::RefPtr< TlsClientConnection > & source) |
Possibly copies session state from one connection to another, for use in TLS session resumption. More... | |
Glib::PropertyProxy_ReadOnly< std::vector< Glib::RefPtr< Glib::ByteArray > > > | property_accepted_cas () const |
A list of the distinguished names of the Certificate Authorities that the server will accept client certificates signed by. More... | |
Glib::PropertyProxy< Glib::RefPtr< SocketConnectable > > | property_server_identity () |
A SocketConnectable describing the identity of the server that is expected on the other end of the connection. More... | |
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< SocketConnectable > > | property_server_identity () const |
A SocketConnectable describing the identity of the server that is expected on the other end of the connection. More... | |
Glib::PropertyProxy< bool > | property_use_ssl3 () |
SSL 3.0 is no longer supported. More... | |
Glib::PropertyProxy_ReadOnly< bool > | property_use_ssl3 () const |
SSL 3.0 is no longer supported. More... | |
Glib::PropertyProxy< TlsCertificateFlags > | property_validation_flags () |
What steps to perform when validating a certificate received from a server. More... | |
Glib::PropertyProxy_ReadOnly< TlsCertificateFlags > | property_validation_flags () const |
What steps to perform when validating a certificate received from a server. More... | |
Public Member Functions inherited from Glib::Interface | |
Interface () | |
A Default constructor. More... | |
Interface (Interface && src) noexcept | |
Interface & | operator= (Interface && src) noexcept |
Interface (const Glib::Interface_Class & interface_class) | |
Called by constructors of derived classes. More... | |
Interface (GObject * castitem) | |
Called by constructors of derived classes. More... | |
~Interface () noexcept override | |
Interface (const Interface &)=delete | |
Interface & | operator= (const Interface &)=delete |
GObject * | gobj () |
const GObject * | gobj () const |
Public Member Functions inherited from Glib::ObjectBase | |
ObjectBase (const ObjectBase &)=delete | |
ObjectBase & | operator= (const ObjectBase &)=delete |
void | set_property_value (const Glib::ustring & property_name, const Glib::ValueBase & value) |
You probably want to use a specific property_*() accessor method instead. More... | |
void | get_property_value (const Glib::ustring & property_name, Glib::ValueBase & value) const |
You probably want to use a specific property_*() accessor method instead. More... | |
template<class PropertyType > | |
void | set_property (const Glib::ustring & property_name, const PropertyType & value) |
You probably want to use a specific property_*() accessor method instead. More... | |
template<class PropertyType > | |
void | get_property (const Glib::ustring & property_name, PropertyType & value) const |
You probably want to use a specific property_*() accessor method instead. More... | |
void | connect_property_changed (const Glib::ustring & property_name, const sigc::slot< void > & slot) |
You can use the signal_changed() signal of the property proxy instead. More... | |
void | connect_property_changed (const Glib::ustring & property_name, sigc::slot< void > && slot) |
You can use the signal_changed() signal of the property proxy instead. More... | |
sigc::connection | connect_property_changed_with_return (const Glib::ustring & property_name, const sigc::slot< void > & slot) |
You can use the signal_changed() signal of the property proxy instead. More... | |
sigc::connection | connect_property_changed_with_return (const Glib::ustring & property_name, sigc::slot< void > && slot) |
You can use the signal_changed() signal of the property proxy instead. More... | |
void | freeze_notify () |
Increases the freeze count on object. More... | |
void | thaw_notify () |
Reverts the effect of a previous call to freeze_notify(). More... | |
virtual void | reference () const |
Increment the reference count for this object. More... | |
virtual void | unreference () const |
Decrement the reference count for this object. More... | |
GObject * | gobj () |
Provides access to the underlying C GObject. More... | |
const GObject * | gobj () const |
Provides access to the underlying C GObject. More... | |
GObject * | gobj_copy () const |
Give a ref-ed copy to someone. Use for direct struct access. More... | |
Public Member Functions inherited from Gio::TlsConnection | |
TlsConnection (TlsConnection && src) noexcept | |
TlsConnection & | operator= (TlsConnection && src) noexcept |
~TlsConnection () noexcept override | |
GTlsConnection * | gobj () |
Provides access to the underlying C GObject. More... | |
const GTlsConnection * | gobj () const |
Provides access to the underlying C GObject. More... | |
GTlsConnection * | gobj_copy () |
Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs. More... | |
void | set_certificate (const Glib::RefPtr< TlsCertificate > & certificate) |
This sets the certificate that conn will present to its peer during the TLS handshake. More... | |
Glib::RefPtr< TlsCertificate > | get_certificate () |
Gets conn's certificate, as set by g_tls_connection_set_certificate(). More... | |
Glib::RefPtr< const TlsCertificate > | get_certificate () const |
Gets conn's certificate, as set by g_tls_connection_set_certificate(). More... | |
Glib::RefPtr< TlsCertificate > | get_peer_certificate () |
Gets conn's peer's certificate after the handshake has completed or failed. More... | |
Glib::RefPtr< const TlsCertificate > | get_peer_certificate () const |
Gets conn's peer's certificate after the handshake has completed or failed. More... | |
TlsCertificateFlags | get_peer_certificate_errors () const |
Gets the errors associated with validating conn's peer's certificate, after the handshake has completed or failed. More... | |
void | set_require_close_notify (bool require_close_notify=true) |
Sets whether or not conn expects a proper TLS close notification before the connection is closed. More... | |
bool | get_require_close_notify () const |
Tests whether or not conn expects a proper TLS close notification when the connection is closed. More... | |
void | set_rehandshake_mode (TlsRehandshakeMode mode) |
Since GLib 2.64, changing the rehandshake mode is no longer supported and will have no effect. More... | |
TlsRehandshakeMode | get_rehandshake_mode () const |
Gets conn rehandshaking mode. More... | |
void | set_use_system_certdb (bool use_system_certdb=true) |
Sets whether conn uses the system certificate database to verify peer certificates. More... | |
bool | get_use_system_certdb () const |
Gets whether conn uses the system certificate database to verify peer certificates. More... | |
Glib::RefPtr< TlsDatabase > | get_database () |
Gets the certificate database that conn uses to verify peer certificates. More... | |
Glib::RefPtr< const TlsDatabase > | get_database () const |
Gets the certificate database that conn uses to verify peer certificates. More... | |
void | set_database (const Glib::RefPtr< TlsDatabase > & database) |
Sets the certificate database that is used to verify peer certificates. More... | |
Glib::RefPtr< TlsInteraction > | get_interaction () |
Get the object that will be used to interact with the user. More... | |
Glib::RefPtr< const TlsInteraction > | get_interaction () const |
Get the object that will be used to interact with the user. More... | |
void | set_interaction (const Glib::RefPtr< TlsInteraction > & interaction) |
Set the object that will be used to interact with the user. More... | |
bool | handshake (const Glib::RefPtr< Cancellable > & cancellable) |
Attempts a TLS handshake on conn. More... | |
bool | handshake () |
A handshake() convenience overload. More... | |
void | handshake_async (const SlotAsyncReady & slot, const Glib::RefPtr< Cancellable > & cancellable, int io_priority=Glib::PRIORITY_DEFAULT) |
Asynchronously performs a TLS handshake on conn. More... | |
void | handshake_async (const SlotAsyncReady & slot, int io_priority=Glib::PRIORITY_DEFAULT) |
A handshake_async() convenience overload. More... | |
bool | handshake_finish (const Glib::RefPtr< AsyncResult > & result) |
Finish an asynchronous TLS handshake operation. More... | |
bool | emit_accept_certificate (const Glib::RefPtr< const TlsCertificate > & peer_cert, TlsCertificateFlags errors) |
Used by TlsConnection implementations to emit the TlsConnection::signal_accept_certificate() signal. More... | |
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< IOStream > > | property_base_io_stream () const |
The IOStream that the connection wraps. More... | |
Glib::PropertyProxy< Glib::RefPtr< TlsCertificate > > | property_certificate () |
The connection's certificate; see g_tls_connection_set_certificate(). More... | |
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< TlsCertificate > > | property_certificate () const |
The connection's certificate; see g_tls_connection_set_certificate(). More... | |
Glib::PropertyProxy< Glib::RefPtr< TlsDatabase > > | property_database () |
The certificate database to use when verifying this TLS connection. More... | |
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< TlsDatabase > > | property_database () const |
The certificate database to use when verifying this TLS connection. More... | |
Glib::PropertyProxy< Glib::RefPtr< TlsInteraction > > | property_interaction () |
A TlsInteraction object to be used when the connection or certificate database need to interact with the user. More... | |
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< TlsInteraction > > | property_interaction () const |
A TlsInteraction object to be used when the connection or certificate database need to interact with the user. More... | |
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< TlsCertificate > > | property_peer_certificate () const |
The connection's peer's certificate, after the TLS handshake has completed or failed. More... | |
Glib::PropertyProxy_ReadOnly< TlsCertificateFlags > | property_peer_certificate_errors () const |
The errors noticed while verifying TlsConnection::property_peer_certificate(). More... | |
Glib::PropertyProxy< TlsRehandshakeMode > | property_rehandshake_mode () |
The rehandshaking mode. More... | |
Glib::PropertyProxy_ReadOnly< TlsRehandshakeMode > | property_rehandshake_mode () const |
The rehandshaking mode. More... | |
Glib::PropertyProxy< bool > | property_require_close_notify () |
Whether or not proper TLS close notification is required. More... | |
Glib::PropertyProxy_ReadOnly< bool > | property_require_close_notify () const |
Whether or not proper TLS close notification is required. More... | |
Glib::PropertyProxy< bool > | property_use_system_certdb () |
Whether or not the system certificate database will be used to verify peer certificates. More... | |
Glib::PropertyProxy_ReadOnly< bool > | property_use_system_certdb () const |
Whether or not the system certificate database will be used to verify peer certificates. More... | |
Glib::SignalProxy< bool, const Glib::RefPtr< const TlsCertificate > &, TlsCertificateFlags > | signal_accept_certificate () |
virtual bool | handshake_vfunc (const Glib::RefPtr< Cancellable > & cancellable) |
virtual void | handshake_async_vfunc (const SlotAsyncReady & slot, const Glib::RefPtr< Cancellable > & cancellable, int io_priority) |
virtual bool | handshake_finish_vfunc (const Glib::RefPtr< AsyncResult > & result) |
Public Member Functions inherited from Gio::IOStream | |
IOStream (IOStream && src) noexcept | |
IOStream & | operator= (IOStream && src) noexcept |
~IOStream () noexcept override | |
GIOStream * | gobj () |
Provides access to the underlying C GObject. More... | |
const GIOStream * | gobj () const |
Provides access to the underlying C GObject. More... | |
GIOStream * | gobj_copy () |
Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs. More... | |
void | splice_async (const Glib::RefPtr< IOStream > & stream2, const SlotAsyncReady & slot, const Glib::RefPtr< Cancellable > & cancellable, IOStreamSpliceFlags flags=Gio::IO_STREAM_SPLICE_NONE, int io_priority=Glib::PRIORITY_DEFAULT) |
Asyncronously splice the output stream to the input stream of stream2, and splice the output stream of stream2 to the input stream of this stream. More... | |
void | splice_async (const Glib::RefPtr< IOStream > & stream2, const SlotAsyncReady & slot, IOStreamSpliceFlags flags=Gio::IO_STREAM_SPLICE_NONE, int io_priority=Glib::PRIORITY_DEFAULT) |
A non-cancellable version of splice_async(). More... | |
Glib::RefPtr< InputStream > | get_input_stream () |
Gets the input stream for this object. More... | |
Glib::RefPtr< OutputStream > | get_output_stream () |
Gets the output stream for this object. More... | |
bool | close (const Glib::RefPtr< Cancellable > & cancellable) |
Closes the stream, releasing resources related to it. More... | |
bool | close () |
A close() convenience overload. More... | |
void | close_async (const SlotAsyncReady & slot, const Glib::RefPtr< Cancellable > & cancellable, int io_priority=Glib::PRIORITY_DEFAULT) |
void | close_async (const SlotAsyncReady & slot, int io_priority=Glib::PRIORITY_DEFAULT) |
bool | close_finish (const Glib::RefPtr< AsyncResult > & result) |
Closes a stream. More... | |
bool | is_closed () const |
Checks if a stream is closed. More... | |
bool | has_pending () const |
Checks if a stream has pending actions. More... | |
bool | set_pending () |
Sets stream to have actions pending. More... | |
void | clear_pending () |
Clears the pending flag on stream. More... | |
Public Member Functions inherited from Glib::Object | |
Object (const Object &)=delete | |
Object & | operator= (const Object &)=delete |
Object (Object && src) noexcept | |
Object & | operator= (Object && src) noexcept |
void * | get_data (const QueryQuark & key) |
void | set_data (const Quark & key, void *data) |
void | set_data (const Quark & key, void *data, DestroyNotify notify) |
void | remove_data (const QueryQuark & quark) |
void * | steal_data (const QueryQuark & quark) |
Static Public Member Functions | |
static void | add_interface (GType gtype_implementer) |
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system. More... | |
static Glib::RefPtr< TlsClientConnection > | create (const Glib::RefPtr< IOStream > & base_io_stream, const Glib::RefPtr< const SocketConnectable > & server_identity) |
Creates a new TlsClientConnection wrapping base_io_stream (which must have pollable input and output streams) which is assumed to communicate with the server identified by server_identity. More... | |
static Glib::RefPtr< TlsClientConnection > | create (const Glib::RefPtr< IOStream > & base_io_stream) |
A create() convenience overload. More... | |
Static Public Member Functions inherited from Gio::TlsConnection | |
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system. More... | |
Static Public Member Functions inherited from Gio::IOStream | |
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system. More... | |
static bool | splice_finish (const Glib::RefPtr< AsyncResult > & result) |
Finishes an asynchronous io stream splice operation. More... | |
Protected Member Functions | |
TlsClientConnection () | |
You should derive from this class to use it. More... | |
Protected Member Functions inherited from Glib::ObjectBase | |
ObjectBase () | |
This default constructor is called implicitly from the constructor of user-derived classes, even if, for instance, Gtk::Button calls a different ObjectBase constructor. More... | |
ObjectBase (const char * custom_type_name) | |
A derived constructor always overrides this choice. More... | |
ObjectBase (const std::type_info & custom_type_info) | |
This constructor is a special feature to allow creation of derived types on the fly, without having to use g_object_new() manually. More... | |
ObjectBase (ObjectBase && src) noexcept | |
ObjectBase & | operator= (ObjectBase && src) noexcept |
virtual | ~ObjectBase () noexcept=0 |
void | initialize (GObject * castitem) |
void | initialize_move (GObject * castitem, Glib::ObjectBase * previous_wrapper) |
Protected Member Functions inherited from Gio::TlsConnection | |
TlsConnection () | |
virtual bool | on_accept_certificate (const Glib::RefPtr< const TlsCertificate > & peer_cert, TlsCertificateFlags errors) |
This is a default handler for the signal signal_accept_certificate(). More... | |
Protected Member Functions inherited from Glib::Object | |
Object () | |
Object (const Glib::ConstructParams & construct_params) | |
Object (GObject * castitem) | |
~Object () noexcept override | |
Related Functions | |
(Note that these are not member functions.) | |
Glib::RefPtr< Gio::TlsClientConnection > | wrap (GTlsClientConnection * object, bool take_copy=false) |
A Glib::wrap() method for this object. More... | |
Related Functions inherited from Gio::TlsConnection | |
Glib::RefPtr< Gio::TlsConnection > | wrap (GTlsConnection * object, bool take_copy=false) |
A Glib::wrap() method for this object. More... | |
Related Functions inherited from Gio::IOStream | |
Glib::RefPtr< Gio::IOStream > | wrap (GIOStream * object, bool take_copy=false) |
A Glib::wrap() method for this object. More... | |
Related Functions inherited from Glib::Object | |
Glib::RefPtr< Glib::Object > | wrap (GObject * object, bool take_copy=false) |
Additional Inherited Members | |
Public Types inherited from Glib::Object | |
using | DestroyNotify = void(*)(gpointer data) |
TlsClientConnection - TLS client-side connection.
TlsClientConnection is the client-side subclass of TlsConnection, representing a client-side TLS connection.
|
protected |
You should derive from this class to use it.
|
noexcept |
|
overridenoexcept |
|
static |
void Gio::TlsClientConnection::copy_session_state | ( | const Glib::RefPtr< TlsClientConnection > & | source | ) |
Possibly copies session state from one connection to another, for use in TLS session resumption.
This is not normally needed, but may be used when the same session needs to be used between different endpoints, as is required by some protocols, such as FTP over TLS. source should have already completed a handshake and, since TLS 1.3, it should have been used to read data at least once. conn should not have completed a handshake.
It is not possible to know whether a call to this function will actually do anything. Because session resumption is normally used only for performance benefit, the TLS backend might not implement this function. Even if implemented, it may not actually succeed in allowing conn to resume source's TLS session, because the server may not have sent a session resumption token to source, or it may refuse to accept the token from conn. There is no way to know whether a call to this function is actually successful.
Using this function is not required to benefit from session resumption. If the TLS backend supports session resumption, the session will be resumed automatically if it is possible to do so without weakening the privacy guarantees normally provided by TLS, without need to call this function. For example, with TLS 1.3, a session ticket will be automatically copied from any TlsClientConnection that has previously received session tickets from the server, provided a ticket is available that has not previously been used for session resumption, since session ticket reuse would be a privacy weakness. Using this function causes the ticket to be copied without regard for privacy considerations.
source | A TlsClientConnection. |
|
static |
A create() convenience overload.
|
static |
Creates a new TlsClientConnection wrapping base_io_stream (which must have pollable input and output streams) which is assumed to communicate with the server identified by server_identity.
See the documentation for TlsConnection::property_base_io_stream() for restrictions on when application code can run operations on the base_io_stream after this function has returned.
base_io_stream | The IOStream to wrap. |
server_identity | The expected identity of the server. |
nullptr
on error.Glib::Error |
std::vector< Glib::RefPtr< Glib::ByteArray > > Gio::TlsClientConnection::get_accepted_cas | ( | ) |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from.
This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be nullptr
.
Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.
std::vector< Glib::RefPtr< const Glib::ByteArray > > Gio::TlsClientConnection::get_accepted_cas | ( | ) | const |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from.
This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be nullptr
.
Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.
Glib::RefPtr< SocketConnectable > Gio::TlsClientConnection::get_server_identity | ( | ) |
Gets conn's expected server identity.
nullptr
if the expected identity is not known. Glib::RefPtr< const SocketConnectable > Gio::TlsClientConnection::get_server_identity | ( | ) | const |
Gets conn's expected server identity.
nullptr
if the expected identity is not known.
|
static |
Get the GType for this class, for use with the underlying GObject type system.
bool Gio::TlsClientConnection::get_use_ssl3 | ( | ) | const |
SSL 3.0 is no longer supported.
See g_tls_client_connection_set_use_ssl3() for details.
Deprecated: 2.56: SSL 3.0 is insecure.
false
. TlsCertificateFlags Gio::TlsClientConnection::get_validation_flags | ( | ) | const |
Gets this client connection's validation flags.
This function does not work as originally designed and is impossible to use correctly.
|
inline |
Provides access to the underlying C GObject.
|
inline |
Provides access to the underlying C GObject.
|
noexcept |
Glib::PropertyProxy_ReadOnly< std::vector< Glib::RefPtr< Glib::ByteArray > > > Gio::TlsClientConnection::property_accepted_cas | ( | ) | const |
A list of the distinguished names of the Certificate Authorities that the server will accept client certificates signed by.
If the server requests a client certificate during the handshake, then this property will be set after the handshake completes.
Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.
Glib::PropertyProxy< Glib::RefPtr< SocketConnectable > > Gio::TlsClientConnection::property_server_identity | ( | ) |
A SocketConnectable describing the identity of the server that is expected on the other end of the connection.
If the TLS_CERTIFICATE_BAD_IDENTITY flag is set in TlsClientConnection::property_validation_flags(), this object will be used to determine the expected identify of the remote end of the connection; if TlsClientConnection::property_server_identity() is not set, or does not match the identity presented by the server, then the TLS_CERTIFICATE_BAD_IDENTITY validation will fail.
In addition to its use in verifying the server certificate, this is also used to give a hint to the server about what certificate we expect, which is useful for servers that serve virtual hosts.
Glib::PropertyProxy_ReadOnly< Glib::RefPtr< SocketConnectable > > Gio::TlsClientConnection::property_server_identity | ( | ) | const |
A SocketConnectable describing the identity of the server that is expected on the other end of the connection.
If the TLS_CERTIFICATE_BAD_IDENTITY flag is set in TlsClientConnection::property_validation_flags(), this object will be used to determine the expected identify of the remote end of the connection; if TlsClientConnection::property_server_identity() is not set, or does not match the identity presented by the server, then the TLS_CERTIFICATE_BAD_IDENTITY validation will fail.
In addition to its use in verifying the server certificate, this is also used to give a hint to the server about what certificate we expect, which is useful for servers that serve virtual hosts.
Glib::PropertyProxy< bool > Gio::TlsClientConnection::property_use_ssl3 | ( | ) |
SSL 3.0 is no longer supported.
See g_tls_client_connection_set_use_ssl3() for details.
Deprecated: 2.56: SSL 3.0 is insecure.
Default value: false
Glib::PropertyProxy_ReadOnly< bool > Gio::TlsClientConnection::property_use_ssl3 | ( | ) | const |
SSL 3.0 is no longer supported.
See g_tls_client_connection_set_use_ssl3() for details.
Deprecated: 2.56: SSL 3.0 is insecure.
Default value: false
Glib::PropertyProxy< TlsCertificateFlags > Gio::TlsClientConnection::property_validation_flags | ( | ) |
What steps to perform when validating a certificate received from a server.
Server certificates that fail to validate in any of the ways indicated here will be rejected unless the application overrides the default via TlsConnection::signal_accept_certificate().
Default value: TLS_CERTIFICATE_UNKNOWN_CA | TLS_CERTIFICATE_BAD_IDENTITY | TLS_CERTIFICATE_NOT_ACTIVATED | TLS_CERTIFICATE_EXPIRED | TLS_CERTIFICATE_REVOKED | TLS_CERTIFICATE_INSECURE | TLS_CERTIFICATE_GENERIC_ERROR
Glib::PropertyProxy_ReadOnly< TlsCertificateFlags > Gio::TlsClientConnection::property_validation_flags | ( | ) | const |
What steps to perform when validating a certificate received from a server.
Server certificates that fail to validate in any of the ways indicated here will be rejected unless the application overrides the default via TlsConnection::signal_accept_certificate().
Default value: TLS_CERTIFICATE_UNKNOWN_CA | TLS_CERTIFICATE_BAD_IDENTITY | TLS_CERTIFICATE_NOT_ACTIVATED | TLS_CERTIFICATE_EXPIRED | TLS_CERTIFICATE_REVOKED | TLS_CERTIFICATE_INSECURE | TLS_CERTIFICATE_GENERIC_ERROR
void Gio::TlsClientConnection::set_server_identity | ( | const Glib::RefPtr< SocketConnectable > & | identity | ) |
Sets conn's expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let conn know what name to look for in the certificate when performing TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled.
identity | A SocketConnectable describing the expected server identity. |
void Gio::TlsClientConnection::set_use_ssl3 | ( | bool | use_ssl3 = true | ) |
Since GLib 2.42.1, SSL 3.0 is no longer supported.
From GLib 2.42.1 through GLib 2.62, this function could be used to force use of TLS 1.0, the lowest-supported TLS protocol version at the time. In the past, this was needed to connect to broken TLS servers that exhibited protocol version intolerance. Such servers are no longer common, and using TLS 1.0 is no longer considered acceptable.
Since GLib 2.64, this function does nothing.
Deprecated: 2.56: SSL 3.0 is insecure.
use_ssl3 | A bool , ignored. |
void Gio::TlsClientConnection::set_validation_flags | ( | TlsCertificateFlags | flags | ) |
Sets this client connection's validation flags, to override the default set of checks performed when validating a server certificate.
By default, Gio::TLS_CERTIFICATE_VALIDATE_ALL is used.
This function does not work as originally designed and is impossible to use correctly.
flags | The TlsCertificateFlags to use. |
|
related |
A Glib::wrap() method for this object.
object | The C instance. |
take_copy | False if the result should take ownership of the C instance. True if it should take a new copy or ref. |