glibmm: Gio::TlsClientConnection Class Reference
TlsClientConnection - TLS client-side connection. More...
#include <giomm/tlsclientconnection.h>

Public Member Functions |
|
TlsClientConnection ( TlsClientConnection && src) noexcept | |
TlsClientConnection & | operator= ( TlsClientConnection && src) noexcept |
~TlsClientConnection () noexceptoverride | |
GTlsClientConnection* | gobj () |
Provides access to the underlying C GObject.
More...
|
|
const GTlsClientConnection* | gobj () const |
Provides access to the underlying C GObject.
More...
|
|
void | set_server_identity (const Glib::RefPtr < SocketConnectable >& identity) |
Sets
conn's
expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let
conn
know what name to look for in the certificate when performing TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled.
More...
|
|
Glib::RefPtr < SocketConnectable > | get_server_identity () |
Gets
conn's
expected server identity.
More...
|
|
Glib::RefPtr < const SocketConnectable > | get_server_identity () const |
Gets
conn's
expected server identity.
More...
|
|
void | set_validation_flags ( TlsCertificateFlags flags) |
Sets
conn's
validation flags, to override the default set of checks performed when validating a server certificate.
More...
|
|
TlsCertificateFlags | get_validation_flags () const |
Gets
conn's
validation flags.
More...
|
|
void | set_use_ssl3 (bool use_ssl3=true) |
If
use_ssl3
is
true
, this forces
conn
to use SSL 3.0 rather than trying to properly negotiate the right version of TLS or SSL to use.
More...
|
|
bool | get_use_ssl3 () const |
Gets whether
conn
will use SSL 3.0 rather than the highest-supported version of TLS; see g_tls_client_connection_set_use_ssl3().
More...
|
|
std::vector < Glib::RefPtr < Glib::ByteArray > > | get_accepted_cas () |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from.
More...
|
|
std::vector < Glib::RefPtr < const Glib::ByteArray > > | get_accepted_cas () const |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from.
More...
|
|
void | copy_session_state (const Glib::RefPtr < TlsClientConnection >& source) |
Copies session state from one connection to another.
More...
|
|
Glib::PropertyProxy_ReadOnly < std::vector < Glib::RefPtr < Glib::ByteArray > > > | property_accepted_cas () const |
A list of the distinguished names of the Certificate Authorities that the server will accept client certificates signed by.
More...
|
|
Glib::PropertyProxy < Glib::RefPtr < SocketConnectable > > | property_server_identity () |
A
SocketConnectable
describing the identity of the server that is expected on the other end of the connection.
More...
|
|
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < SocketConnectable > > | property_server_identity () const |
A
SocketConnectable
describing the identity of the server that is expected on the other end of the connection.
More...
|
|
Glib::PropertyProxy < bool > | property_use_ssl3 () |
If
true
, tells the connection to use a fallback version of TLS or SSL, rather than trying to negotiate the best version of TLS to use.
More...
|
|
Glib::PropertyProxy_ReadOnly < bool > | property_use_ssl3 () const |
If
true
, tells the connection to use a fallback version of TLS or SSL, rather than trying to negotiate the best version of TLS to use.
More...
|
|
Glib::PropertyProxy < TlsCertificateFlags > | property_validation_flags () |
What steps to perform when validating a certificate received from a server.
More...
|
|
Glib::PropertyProxy_ReadOnly < TlsCertificateFlags > | property_validation_flags () const |
What steps to perform when validating a certificate received from a server.
More...
|
|
![]() |
|
Interface () | |
A Default constructor.
More...
|
|
Interface ( Interface && src) noexcept | |
Interface & | operator= ( Interface && src) noexcept |
Interface (const Glib::Interface_Class& interface_class) | |
Called by constructors of derived classes.
More...
|
|
Interface (GObject* castitem) | |
Called by constructors of derived classes.
More...
|
|
~Interface () noexceptoverride | |
Interface (const Interface &)=delete | |
Interface & | operator= (const Interface &)=delete |
GObject* | gobj () |
const GObject* | gobj () const |
![]() |
|
ObjectBase (const ObjectBase &)=delete | |
ObjectBase & | operator= (const ObjectBase &)=delete |
void | set_property_value (const Glib::ustring & property_name, const Glib::ValueBase & value) |
You probably want to use a specific property_*() accessor method instead.
More...
|
|
void | get_property_value (const Glib::ustring & property_name, Glib::ValueBase & value) const |
You probably want to use a specific property_*() accessor method instead.
More...
|
|
template<class PropertyType > | |
void | set_property (const Glib::ustring & property_name, const PropertyType& value) |
You probably want to use a specific property_*() accessor method instead.
More...
|
|
template<class PropertyType > | |
void | get_property (const Glib::ustring & property_name, PropertyType& value) const |
You probably want to use a specific property_*() accessor method instead.
More...
|
|
void | connect_property_changed (const Glib::ustring & property_name, const sigc::slot < void >& slot) |
You can use the signal_changed() signal of the property proxy instead.
More...
|
|
void | connect_property_changed (const Glib::ustring & property_name, sigc::slot < void >&& slot) |
You can use the signal_changed() signal of the property proxy instead.
More...
|
|
sigc::connection | connect_property_changed_with_return (const Glib::ustring & property_name, const sigc::slot < void >& slot) |
You can use the signal_changed() signal of the property proxy instead.
More...
|
|
sigc::connection | connect_property_changed_with_return (const Glib::ustring & property_name, sigc::slot < void >&& slot) |
You can use the signal_changed() signal of the property proxy instead.
More...
|
|
void | freeze_notify () |
Increases the freeze count on object.
More...
|
|
void | thaw_notify () |
Reverts the effect of a previous call to
freeze_notify()
.
More...
|
|
virtual void | reference () const |
Increment the reference count for this object.
More...
|
|
virtual void | unreference () const |
Decrement the reference count for this object.
More...
|
|
GObject* | gobj () |
Provides access to the underlying C GObject.
More...
|
|
const GObject* | gobj () const |
Provides access to the underlying C GObject.
More...
|
|
GObject* | gobj_copy () const |
Give a ref-ed copy to someone. Use for direct struct access.
More...
|
|
![]() |
|
trackable () noexcept | |
trackable (const trackable &src) noexcept | |
trackable ( trackable &&src) | |
~trackable () | |
void | add_destroy_notify_callback (void *data, func_destroy_notify func) const |
void | notify_callbacks () |
trackable & | operator= (const trackable &src) |
trackable & | operator= ( trackable &&src) |
void | remove_destroy_notify_callback (void *data) const |
![]() |
|
TlsConnection ( TlsConnection && src) noexcept | |
TlsConnection & | operator= ( TlsConnection && src) noexcept |
~TlsConnection () noexceptoverride | |
GTlsConnection* | gobj () |
Provides access to the underlying C GObject.
More...
|
|
const GTlsConnection* | gobj () const |
Provides access to the underlying C GObject.
More...
|
|
GTlsConnection* | gobj_copy () |
Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs.
More...
|
|
void | set_certificate (const Glib::RefPtr < TlsCertificate >& certificate) |
This sets the certificate that
conn
will present to its peer during the TLS handshake.
More...
|
|
Glib::RefPtr < TlsCertificate > | get_certificate () |
Gets
conn's
certificate, as set by g_tls_connection_set_certificate().
More...
|
|
Glib::RefPtr < const TlsCertificate > | get_certificate () const |
Gets
conn's
certificate, as set by g_tls_connection_set_certificate().
More...
|
|
Glib::RefPtr < TlsCertificate > | get_peer_certificate () |
Gets
conn's
peer's certificate after the handshake has completed.
More...
|
|
Glib::RefPtr < const TlsCertificate > | get_peer_certificate () const |
Gets
conn's
peer's certificate after the handshake has completed.
More...
|
|
TlsCertificateFlags | get_peer_certificate_errors () const |
Gets the errors associated with validating
conn's
peer's certificate, after the handshake has completed.
More...
|
|
void | set_require_close_notify (bool require_close_notify=true) |
Sets whether or not
conn
expects a proper TLS close notification before the connection is closed.
More...
|
|
bool | get_require_close_notify () const |
Tests whether or not
conn
expects a proper TLS close notification when the connection is closed.
More...
|
|
void | set_rehandshake_mode ( TlsRehandshakeMode mode) |
Sets how
conn
behaves with respect to rehandshaking requests.
More...
|
|
TlsRehandshakeMode | get_rehandshake_mode () const |
Gets
conn
rehandshaking mode.
More...
|
|
void | set_use_system_certdb (bool use_system_certdb=true) |
Sets whether
conn
uses the system certificate database to verify peer certificates.
More...
|
|
bool | get_use_system_certdb () const |
Gets whether
conn
uses the system certificate database to verify peer certificates.
More...
|
|
Glib::RefPtr < TlsDatabase > | get_database () |
Gets the certificate database that
conn
uses to verify peer certificates.
More...
|
|
Glib::RefPtr < const TlsDatabase > | get_database () const |
Gets the certificate database that
conn
uses to verify peer certificates.
More...
|
|
void | set_database (const Glib::RefPtr < TlsDatabase >& database) |
Sets the certificate database that is used to verify peer certificates.
More...
|
|
Glib::RefPtr < TlsInteraction > | get_interaction () |
Get the object that will be used to interact with the user.
More...
|
|
Glib::RefPtr < const TlsInteraction > | get_interaction () const |
Get the object that will be used to interact with the user.
More...
|
|
void | set_interaction (const Glib::RefPtr < TlsInteraction >& interaction) |
Set the object that will be used to interact with the user.
More...
|
|
bool | handshake (const Glib::RefPtr < Cancellable >& cancellable) |
Attempts a TLS handshake on
conn
.
More...
|
|
bool | handshake () |
A
handshake()
convenience overload.
More...
|
|
void | handshake_async (const SlotAsyncReady & slot, const Glib::RefPtr < Cancellable >& cancellable, int io_priority= Glib::PRIORITY_DEFAULT ) |
Asynchronously performs a TLS handshake on
conn
.
More...
|
|
void | handshake_async (const SlotAsyncReady & slot, int io_priority= Glib::PRIORITY_DEFAULT ) |
A
handshake_async()
convenience overload.
More...
|
|
bool | handshake_finish (const Glib::RefPtr < AsyncResult >& result) |
Finish an asynchronous TLS handshake operation.
More...
|
|
bool | emit_accept_certificate (const Glib::RefPtr < const TlsCertificate >& peer_cert, TlsCertificateFlags errors) |
Used by
TlsConnection
implementations to emit the
TlsConnection::signal_accept_certificate()
signal.
More...
|
|
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < IOStream > > | property_base_io_stream () const |
The
IOStream
that the connection wraps.
More...
|
|
Glib::PropertyProxy < Glib::RefPtr < TlsCertificate > > | property_certificate () |
The connection's certificate; see g_tls_connection_set_certificate().
More...
|
|
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < TlsCertificate > > | property_certificate () const |
The connection's certificate; see g_tls_connection_set_certificate().
More...
|
|
Glib::PropertyProxy < Glib::RefPtr < TlsDatabase > > | property_database () |
The certificate database to use when verifying this TLS connection.
More...
|
|
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < TlsDatabase > > | property_database () const |
The certificate database to use when verifying this TLS connection.
More...
|
|
Glib::PropertyProxy < Glib::RefPtr < TlsInteraction > > | property_interaction () |
A
TlsInteraction
object to be used when the connection or certificate database need to interact with the user.
More...
|
|
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < TlsInteraction > > | property_interaction () const |
A
TlsInteraction
object to be used when the connection or certificate database need to interact with the user.
More...
|
|
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < TlsCertificate > > | property_peer_certificate () const |
The connection's peer's certificate, after the TLS handshake has completed and the certificate has been accepted.
More...
|
|
Glib::PropertyProxy_ReadOnly < TlsCertificateFlags > | property_peer_certificate_errors () const |
The errors noticed-and-ignored while verifying
TlsConnection::property_peer_certificate()
.
More...
|
|
Glib::PropertyProxy < TlsRehandshakeMode > | property_rehandshake_mode () |
The rehandshaking mode.
More...
|
|
Glib::PropertyProxy_ReadOnly < TlsRehandshakeMode > | property_rehandshake_mode () const |
The rehandshaking mode.
More...
|
|
Glib::PropertyProxy < bool > | property_require_close_notify () |
Whether or not proper TLS close notification is required.
More...
|
|
Glib::PropertyProxy_ReadOnly < bool > | property_require_close_notify () const |
Whether or not proper TLS close notification is required.
More...
|
|
Glib::PropertyProxy < bool > | property_use_system_certdb () |
Whether or not the system certificate database will be used to verify peer certificates.
More...
|
|
Glib::PropertyProxy_ReadOnly < bool > | property_use_system_certdb () const |
Whether or not the system certificate database will be used to verify peer certificates.
More...
|
|
Glib::SignalProxy < bool, const Glib::RefPtr < const TlsCertificate >&, TlsCertificateFlags > | signal_accept_certificate () |
virtual bool | handshake_vfunc (const Glib::RefPtr < Cancellable >& cancellable) |
virtual void | handshake_async_vfunc (const SlotAsyncReady & slot, const Glib::RefPtr < Cancellable >& cancellable, int io_priority) |
virtual bool | handshake_finish_vfunc (const Glib::RefPtr < AsyncResult >& result) |
![]() |
|
IOStream ( IOStream && src) noexcept | |
IOStream & | operator= ( IOStream && src) noexcept |
~IOStream () noexceptoverride | |
GIOStream* | gobj () |
Provides access to the underlying C GObject.
More...
|
|
const GIOStream* | gobj () const |
Provides access to the underlying C GObject.
More...
|
|
GIOStream* | gobj_copy () |
Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs.
More...
|
|
void | splice_async (const Glib::RefPtr < IOStream >& stream2, const SlotAsyncReady & slot, const Glib::RefPtr < Cancellable >& cancellable, IOStreamSpliceFlags flags= Gio::IO_STREAM_SPLICE_NONE , int io_priority= Glib::PRIORITY_DEFAULT ) |
Asyncronously splice the output stream to the input stream of
stream2
, and splice the output stream of
stream2
to the input stream of this stream.
More...
|
|
void | splice_async (const Glib::RefPtr < IOStream >& stream2, const SlotAsyncReady & slot, IOStreamSpliceFlags flags= Gio::IO_STREAM_SPLICE_NONE , int io_priority= Glib::PRIORITY_DEFAULT ) |
A non-cancellable version of
splice_async()
.
More...
|
|
Glib::RefPtr < InputStream > | get_input_stream () |
Gets the input stream for this object.
More...
|
|
Glib::RefPtr < OutputStream > | get_output_stream () |
Gets the output stream for this object.
More...
|
|
bool | close (const Glib::RefPtr < Cancellable >& cancellable) |
Closes the stream, releasing resources related to it.
More...
|
|
bool | close () |
A
close()
convenience overload.
More...
|
|
void | close_async (const SlotAsyncReady & slot, const Glib::RefPtr < Cancellable >& cancellable, int io_priority= Glib::PRIORITY_DEFAULT ) |
void | close_async (const SlotAsyncReady & slot, int io_priority= Glib::PRIORITY_DEFAULT ) |
bool | close_finish (const Glib::RefPtr < AsyncResult >& result) |
Closes a stream.
More...
|
|
bool | is_closed () const |
Checks if a stream is closed.
More...
|
|
bool | has_pending () const |
Checks if a stream has pending actions.
More...
|
|
bool | set_pending () |
Sets
stream
to have actions pending.
More...
|
|
void | clear_pending () |
Clears the pending flag on
stream
.
More...
|
|
![]() |
|
Object (const Object &)=delete | |
Object & | operator= (const Object &)=delete |
Object ( Object && src) noexcept | |
Object & | operator= ( Object && src) noexcept |
void* | get_data (const QueryQuark & key) |
void | set_data (const Quark & key, void* data) |
void | set_data (const Quark & key, void* data, DestroyNotify notify) |
void | remove_data (const QueryQuark & quark) |
void* | steal_data (const QueryQuark & quark) |
Static Public Member Functions |
|
static void | add_interface (GType gtype_implementer) |
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system.
More...
|
|
static Glib::RefPtr < TlsClientConnection > | create (const Glib::RefPtr < IOStream >& base_io_stream, const Glib::RefPtr < const SocketConnectable >& server_identity) |
Creates a new
TlsClientConnection
wrapping
base_io_stream
(which must have pollable input and output streams) which is assumed to communicate with the server identified by
server_identity
.
More...
|
|
static Glib::RefPtr < TlsClientConnection > | create (const Glib::RefPtr < IOStream >& base_io_stream) |
A
create()
convenience overload.
More...
|
|
![]() |
|
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system.
More...
|
|
![]() |
|
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system.
More...
|
|
static bool | splice_finish (const Glib::RefPtr < AsyncResult >& result) |
Finishes an asynchronous io stream splice operation.
More...
|
|
Protected Member Functions |
|
TlsClientConnection () | |
You should derive from this class to use it.
More...
|
|
![]() |
|
ObjectBase () | |
This default constructor is called implicitly from the constructor of user-derived classes, even if, for instance, Gtk::Button calls a different
ObjectBase
constructor.
More...
|
|
ObjectBase (const char* custom_type_name) | |
A derived constructor always overrides this choice.
More...
|
|
ObjectBase (const std::type_info & custom_type_info) | |
This constructor is a special feature to allow creation of derived types on the fly, without having to use g_object_new() manually.
More...
|
|
ObjectBase ( ObjectBase && src) noexcept | |
ObjectBase & | operator= ( ObjectBase && src) noexcept |
virtual | ~ObjectBase () noexcept=0 |
void | initialize (GObject* castitem) |
void | initialize_move (GObject* castitem, Glib::ObjectBase * previous_wrapper) |
![]() |
|
TlsConnection () | |
virtual bool | on_accept_certificate (const Glib::RefPtr < const TlsCertificate >& peer_cert, TlsCertificateFlags errors) |
This is a default handler for the signal
signal_accept_certificate()
.
More...
|
|
![]() |
|
Object () | |
Object (const Glib::ConstructParams& construct_params) | |
Object (GObject* castitem) | |
~Object () noexceptoverride | |
Related Functions |
|
(Note that these are not member functions.) |
|
Glib::RefPtr < Gio::TlsClientConnection > | wrap (GTlsClientConnection* object, bool take_copy=false) |
A
Glib::wrap()
method for this object.
More...
|
|
![]() |
|
Glib::RefPtr < Gio::TlsConnection > | wrap (GTlsConnection* object, bool take_copy=false) |
A
Glib::wrap()
method for this object.
More...
|
|
![]() |
|
Glib::RefPtr < Gio::IOStream > | wrap (GIOStream* object, bool take_copy=false) |
A
Glib::wrap()
method for this object.
More...
|
|
![]() |
|
Glib::RefPtr < Glib::Object > | wrap (GObject* object, bool take_copy=false) |
Additional Inherited Members |
|
![]() |
|
typedef internal::func_destroy_notify | func_destroy_notify |
![]() |
|
using | DestroyNotify = void(*)(gpointer data) |
Detailed Description
TlsClientConnection - TLS client-side connection.
TlsClientConnection is the client-side subclass of TlsConnection , representing a client-side TLS connection.
Constructor & Destructor Documentation
|
protected |
You should derive from this class to use it.
|
noexcept |
|
override noexcept |
Member Function Documentation
|
static |
void Gio::TlsClientConnection::copy_session_state | ( | const Glib::RefPtr < TlsClientConnection >& | source | ) |
Copies session state from one connection to another.
This is not normally needed, but may be used when the same session needs to be used between different endpoints as is required by some protocols such as FTP over TLS. source should have already completed a handshake, and conn should not have completed a handshake.
- Parameters
-
source A TlsClientConnection .
|
static |
Creates a new TlsClientConnection wrapping base_io_stream (which must have pollable input and output streams) which is assumed to communicate with the server identified by server_identity .
See the documentation for TlsConnection::property_base_io_stream() for restrictions on when application code can run operations on the base_io_stream after this function has returned.
- Parameters
-
base_io_stream The IOStream to wrap. server_identity The expected identity of the server.
- Returns
-
The new
TlsClientConnection
, or
nullptr
on error.
|
static |
A create() convenience overload.
std::vector < Glib::RefPtr < Glib::ByteArray > > Gio::TlsClientConnection::get_accepted_cas | ( | ) |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from.
This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be
nullptr
.
Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.
- Returns
- The list of CA DNs. You should unref each element with Glib::byte_array_unref() and then the free the list with Glib::list_free().
std::vector < Glib::RefPtr <const Glib::ByteArray > > Gio::TlsClientConnection::get_accepted_cas | ( | ) | const |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from.
This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be
nullptr
.
Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.
- Returns
- The list of CA DNs. You should unref each element with Glib::byte_array_unref() and then the free the list with Glib::list_free().
Glib::RefPtr < SocketConnectable > Gio::TlsClientConnection::get_server_identity | ( | ) |
Gets conn's expected server identity.
- Returns
-
A
SocketConnectable
describing the expected server identity, or
nullptr
if the expected identity is not known.
Glib::RefPtr <const SocketConnectable > Gio::TlsClientConnection::get_server_identity | ( | ) | const |
Gets conn's expected server identity.
- Returns
-
A
SocketConnectable
describing the expected server identity, or
nullptr
if the expected identity is not known.
|
static |
Get the GType for this class, for use with the underlying GObject type system.
bool Gio::TlsClientConnection::get_use_ssl3 | ( | ) | const |
Gets whether conn will use SSL 3.0 rather than the highest-supported version of TLS; see g_tls_client_connection_set_use_ssl3().
- Returns
- Whether conn will use SSL 3.0.
TlsCertificateFlags Gio::TlsClientConnection::get_validation_flags | ( | ) | const |
|
inline |
Provides access to the underlying C GObject.
|
inline |
Provides access to the underlying C GObject.
|
noexcept |
Glib::PropertyProxy_ReadOnly < std::vector < Glib::RefPtr < Glib::ByteArray > > > Gio::TlsClientConnection::property_accepted_cas | ( | ) | const |
A list of the distinguished names of the Certificate Authorities that the server will accept client certificates signed by.
If the server requests a client certificate during the handshake, then this property will be set after the handshake completes.
Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.
- Returns
- A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy < Glib::RefPtr < SocketConnectable > > Gio::TlsClientConnection::property_server_identity | ( | ) |
A SocketConnectable describing the identity of the server that is expected on the other end of the connection.
If the TLS_CERTIFICATE_BAD_IDENTITY flag is set in TlsClientConnection::property_validation_flags() , this object will be used to determine the expected identify of the remote end of the connection; if TlsClientConnection::property_server_identity() is not set, or does not match the identity presented by the server, then the TLS_CERTIFICATE_BAD_IDENTITY validation will fail.
In addition to its use in verifying the server certificate, this is also used to give a hint to the server about what certificate we expect, which is useful for servers that serve virtual hosts.
- Returns
- A PropertyProxy that allows you to get or set the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < SocketConnectable > > Gio::TlsClientConnection::property_server_identity | ( | ) | const |
A SocketConnectable describing the identity of the server that is expected on the other end of the connection.
If the TLS_CERTIFICATE_BAD_IDENTITY flag is set in TlsClientConnection::property_validation_flags() , this object will be used to determine the expected identify of the remote end of the connection; if TlsClientConnection::property_server_identity() is not set, or does not match the identity presented by the server, then the TLS_CERTIFICATE_BAD_IDENTITY validation will fail.
In addition to its use in verifying the server certificate, this is also used to give a hint to the server about what certificate we expect, which is useful for servers that serve virtual hosts.
- Returns
- A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy < bool > Gio::TlsClientConnection::property_use_ssl3 | ( | ) |
If
true
, tells the connection to use a fallback version of TLS or SSL, rather than trying to negotiate the best version of TLS to use.
This can be used when talking to servers that don't implement version negotiation correctly and therefore refuse to handshake at all with a "modern" TLS handshake.
Despite the property name, the fallback version is not necessarily SSL 3.0; if SSL 3.0 has been disabled, the TlsClientConnection will use the next highest available version (normally TLS 1.0) as the fallback version.
- Returns
- A PropertyProxy that allows you to get or set the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy_ReadOnly < bool > Gio::TlsClientConnection::property_use_ssl3 | ( | ) | const |
If
true
, tells the connection to use a fallback version of TLS or SSL, rather than trying to negotiate the best version of TLS to use.
This can be used when talking to servers that don't implement version negotiation correctly and therefore refuse to handshake at all with a "modern" TLS handshake.
Despite the property name, the fallback version is not necessarily SSL 3.0; if SSL 3.0 has been disabled, the TlsClientConnection will use the next highest available version (normally TLS 1.0) as the fallback version.
- Returns
- A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy < TlsCertificateFlags > Gio::TlsClientConnection::property_validation_flags | ( | ) |
What steps to perform when validating a certificate received from a server.
Server certificates that fail to validate in all of the ways indicated here will be rejected unless the application overrides the default via TlsConnection::signal_accept_certificate() .
- Returns
- A PropertyProxy that allows you to get or set the value of the property, or receive notification when the value of the property changes.
Glib::PropertyProxy_ReadOnly < TlsCertificateFlags > Gio::TlsClientConnection::property_validation_flags | ( | ) | const |
What steps to perform when validating a certificate received from a server.
Server certificates that fail to validate in all of the ways indicated here will be rejected unless the application overrides the default via TlsConnection::signal_accept_certificate() .
- Returns
- A PropertyProxy_ReadOnly that allows you to get the value of the property, or receive notification when the value of the property changes.
void Gio::TlsClientConnection::set_server_identity | ( | const Glib::RefPtr < SocketConnectable >& | identity | ) |
Sets conn's expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let conn know what name to look for in the certificate when performing TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled.
- Parameters
-
identity A SocketConnectable describing the expected server identity.
void Gio::TlsClientConnection::set_use_ssl3 | ( | bool |
use_ssl3
=
true
|
) |
If
use_ssl3
is
true
, this forces
conn
to use SSL 3.0 rather than trying to properly negotiate the right version of TLS or SSL to use.
This can be used when talking to servers that do not implement the fallbacks correctly and which will therefore fail to handshake with a "modern" TLS handshake attempt.
- Parameters
-
use_ssl3 Whether to use SSL 3.0.
void Gio::TlsClientConnection::set_validation_flags | ( | TlsCertificateFlags | flags | ) |
Sets conn's validation flags, to override the default set of checks performed when validating a server certificate.
By default, TLS_CERTIFICATE_VALIDATE_ALL is used.
- Parameters
-
flags The TlsCertificateFlags to use.
Friends And Related Function Documentation
|
related |
A Glib::wrap() method for this object.
- Parameters
-
object The C instance. take_copy False if the result should take ownership of the C instance. True if it should take a new copy or ref.
- Returns
- A C++ instance that wraps this C instance.