glibmm
2.42.0
|
TlsClientConnection - TLS client-side connection. More...
#include <giomm/tlsclientconnection.h>
Public Member Functions | |
virtual | ~TlsClientConnection () |
GTlsClientConnection* | gobj () |
Provides access to the underlying C GObject. More... | |
const GTlsClientConnection* | gobj () const |
Provides access to the underlying C GObject. More... | |
void | set_server_identity (const Glib::RefPtr< SocketConnectable >& identity) |
Sets conn's expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let conn know what name to look for in the certificate when performing TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled. More... | |
Glib::RefPtr< SocketConnectable > | get_server_identity () |
Gets conn's expected server identity. More... | |
Glib::RefPtr< const SocketConnectable > | get_server_identity () const |
Gets conn's expected server identity. More... | |
void | set_validation_flags (TlsCertificateFlags flags) |
Sets conn's validation flags, to override the default set of checks performed when validating a server certificate. More... | |
TlsCertificateFlags | get_validation_flags () const |
Gets conn's validation flags. More... | |
void | set_use_ssl3 (bool use_ssl3=true) |
If use_ssl3 is true , this forces conn to use SSL 3.0 rather than trying to properly negotiate the right version of TLS or SSL to use. More... | |
bool | get_use_ssl3 () const |
Gets whether conn will use SSL 3.0 rather than the highest-supported version of TLS; see g_tls_client_connection_set_use_ssl3(). More... | |
std::vector< Glib::RefPtr < Glib::ByteArray > > | get_accepted_cas () |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from. More... | |
std::vector< Glib::RefPtr < const Glib::ByteArray > > | get_accepted_cas () const |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from. More... | |
Glib::PropertyProxy_ReadOnly < std::vector< Glib::RefPtr < Glib::ByteArray > > > | property_accepted_cas () const |
Distinguished names of the CAs the server accepts certificates from. More... | |
Glib::PropertyProxy < Glib::RefPtr < SocketConnectable > > | property_server_identity () |
GSocketConnectable identifying the server. More... | |
Glib::PropertyProxy_ReadOnly < Glib::RefPtr < SocketConnectable > > | property_server_identity () const |
GSocketConnectable identifying the server. More... | |
Glib::PropertyProxy< bool > | property_use_ssl3 () |
Use SSL 3.0 rather than trying to use TLS 1.x. More... | |
Glib::PropertyProxy_ReadOnly < bool > | property_use_ssl3 () const |
Use SSL 3.0 rather than trying to use TLS 1.x. More... | |
Glib::PropertyProxy < TlsCertificateFlags > | property_validation_flags () |
What certificate validation to perform. More... | |
Glib::PropertyProxy_ReadOnly < TlsCertificateFlags > | property_validation_flags () const |
What certificate validation to perform. More... | |
![]() | |
Interface () | |
A Default constructor. More... | |
Interface (const Glib::Interface_Class& interface_class) | |
Called by constructors of derived classes. More... | |
Interface (GObject* castitem) | |
Called by constructors of derived classes. More... | |
virtual | ~Interface () |
GObject* | gobj () |
const GObject* | gobj () const |
![]() | |
void | set_property_value (const Glib::ustring& property_name, const Glib::ValueBase& value) |
You probably want to use a specific property_*() accessor method instead. More... | |
void | get_property_value (const Glib::ustring& property_name, Glib::ValueBase& value) const |
You probably want to use a specific property_*() accessor method instead. More... | |
template<class PropertyType > | |
void | set_property (const Glib::ustring& property_name, const PropertyType& value) |
You probably want to use a specific property_*() accessor method instead. More... | |
template<class PropertyType > | |
void | get_property (const Glib::ustring& property_name, PropertyType& value) const |
You probably want to use a specific property_*() accessor method instead. More... | |
void | connect_property_changed (const Glib::ustring& property_name, const sigc::slot< void >& slot) |
You can use the signal_changed() signal of the property proxy instead, but this is necessary when using the reduced API. More... | |
sigc::connection | connect_property_changed_with_return (const Glib::ustring& property_name, const sigc::slot< void >& slot) |
You can use the signal_changed() signal of the property proxy instead, but this is necessary when using the reduced API. More... | |
void | freeze_notify () |
Increases the freeze count on object. More... | |
void | thaw_notify () |
Reverts the effect of a previous call to freeze_notify(). More... | |
virtual void | reference () const |
Increment the reference count for this object. More... | |
virtual void | unreference () const |
Decrement the reference count for this object. More... | |
GObject* | gobj () |
Provides access to the underlying C GObject. More... | |
const GObject* | gobj () const |
Provides access to the underlying C GObject. More... | |
GObject* | gobj_copy () const |
Give a ref-ed copy to someone. Use for direct struct access. More... | |
![]() | |
virtual | ~TlsConnection () |
GTlsConnection* | gobj () |
Provides access to the underlying C GObject. More... | |
const GTlsConnection* | gobj () const |
Provides access to the underlying C GObject. More... | |
GTlsConnection* | gobj_copy () |
Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs. More... | |
void | set_certificate (const Glib::RefPtr< TlsCertificate >& certificate) |
This sets the certificate that conn will present to its peer during the TLS handshake. More... | |
Glib::RefPtr< TlsCertificate > | get_certificate () |
Gets conn's certificate, as set by g_tls_connection_set_certificate(). More... | |
Glib::RefPtr< const TlsCertificate > | get_certificate () const |
Gets conn's certificate, as set by g_tls_connection_set_certificate(). More... | |
Glib::RefPtr< TlsCertificate > | get_peer_certificate () |
Gets conn's peer's certificate after the handshake has completed. More... | |
Glib::RefPtr< const TlsCertificate > | get_peer_certificate () const |
Gets conn's peer's certificate after the handshake has completed. More... | |
TlsCertificateFlags | get_peer_certificate_errors () const |
Gets the errors associated with validating conn's peer's certificate, after the handshake has completed. More... | |
void | set_require_close_notify (bool require_close_notify=true) |
Sets whether or not conn expects a proper TLS close notification before the connection is closed. More... | |
bool | get_require_close_notify () const |
Tests whether or not conn expects a proper TLS close notification when the connection is closed. More... | |
void | set_rehandshake_mode (TlsRehandshakeMode mode) |
Sets how conn behaves with respect to rehandshaking requests. More... | |
TlsRehandshakeMode | get_rehandshake_mode () const |
Gets conn rehandshaking mode. More... | |
void | set_use_system_certdb (bool use_system_certdb=true) |
Sets whether conn uses the system certificate database to verify peer certificates. More... | |
bool | get_use_system_certdb () const |
Gets whether conn uses the system certificate database to verify peer certificates. More... | |
Glib::RefPtr< TlsDatabase > | get_database () |
Gets the certificate database that conn uses to verify peer certificates. More... | |
Glib::RefPtr< const TlsDatabase > | get_database () const |
Gets the certificate database that conn uses to verify peer certificates. More... | |
void | set_database (const Glib::RefPtr< TlsDatabase >& database) |
Sets the certificate database that is used to verify peer certificates. More... | |
Glib::RefPtr< TlsInteraction > | get_interaction () |
Get the object that will be used to interact with the user. More... | |
Glib::RefPtr< const TlsInteraction > | get_interaction () const |
Get the object that will be used to interact with the user. More... | |
void | set_interaction (const Glib::RefPtr< TlsInteraction >& interaction) |
Set the object that will be used to interact with the user. More... | |
bool | handshake (const Glib::RefPtr< Cancellable >& cancellable) |
Attempts a TLS handshake on conn. More... | |
bool | handshake () |
A handshake() convenience overload. More... | |
void | handshake_async (const SlotAsyncReady& slot, const Glib::RefPtr< Cancellable >& cancellable, int io_priority=Glib::PRIORITY_DEFAULT) |
Asynchronously performs a TLS handshake on conn. More... | |
void | handshake_async (const SlotAsyncReady& slot, int io_priority=Glib::PRIORITY_DEFAULT) |
A handshake_async() convenience overload. More... | |
bool | handshake_finish (const Glib::RefPtr< AsyncResult >& result) |
Finish an asynchronous TLS handshake operation. More... | |
bool | emit_accept_certificate (const Glib::RefPtr< const TlsCertificate >& peer_cert, TlsCertificateFlags errors) |
Used by TlsConnection implementations to emit the TlsConnection::signal_accept_certificate() signal. More... | |
Glib::PropertyProxy_ReadOnly < Glib::RefPtr< IOStream > > | property_base_io_stream () const |
The GIOStream that the connection wraps. More... | |
Glib::PropertyProxy < Glib::RefPtr< TlsCertificate > > | property_certificate () |
The connection's certificate. More... | |
Glib::PropertyProxy_ReadOnly < Glib::RefPtr< TlsCertificate > > | property_certificate () const |
The connection's certificate. More... | |
Glib::PropertyProxy < Glib::RefPtr< TlsDatabase > > | property_database () |
Certificate database to use for looking up or verifying certificates. More... | |
Glib::PropertyProxy_ReadOnly < Glib::RefPtr< TlsDatabase > > | property_database () const |
Certificate database to use for looking up or verifying certificates. More... | |
Glib::PropertyProxy < Glib::RefPtr< TlsInteraction > > | property_interaction () |
Optional object for user interaction. More... | |
Glib::PropertyProxy_ReadOnly < Glib::RefPtr< TlsInteraction > > | property_interaction () const |
Optional object for user interaction. More... | |
Glib::PropertyProxy_ReadOnly < Glib::RefPtr< TlsCertificate > > | property_peer_certificate () const |
The connection's peer's certificate. More... | |
Glib::PropertyProxy_ReadOnly < TlsCertificateFlags > | property_peer_certificate_errors () const |
Errors found with the peer's certificate. More... | |
Glib::PropertyProxy < TlsRehandshakeMode > | property_rehandshake_mode () |
When to allow rehandshaking. More... | |
Glib::PropertyProxy_ReadOnly < TlsRehandshakeMode > | property_rehandshake_mode () const |
When to allow rehandshaking. More... | |
Glib::PropertyProxy< bool > | property_require_close_notify () |
Whether to require proper TLS close notification. More... | |
Glib::PropertyProxy_ReadOnly < bool > | property_require_close_notify () const |
Whether to require proper TLS close notification. More... | |
Glib::PropertyProxy< bool > | property_use_system_certdb () |
Whether to verify peer certificates against the system certificate database. More... | |
Glib::PropertyProxy_ReadOnly < bool > | property_use_system_certdb () const |
Whether to verify peer certificates against the system certificate database. More... | |
Glib::SignalProxy2< bool, const Glib::RefPtr< const TlsCertificate > &, TlsCertificateFlags > | signal_accept_certificate () |
virtual bool | handshake_vfunc (const Glib::RefPtr< Cancellable >& cancellable) |
virtual void | handshake_async_vfunc (const SlotAsyncReady& slot, const Glib::RefPtr< Cancellable >& cancellable, int io_priority) |
virtual bool | handshake_finish_vfunc (const Glib::RefPtr< AsyncResult >& result) |
![]() | |
virtual | ~IOStream () |
GIOStream* | gobj () |
Provides access to the underlying C GObject. More... | |
const GIOStream* | gobj () const |
Provides access to the underlying C GObject. More... | |
GIOStream* | gobj_copy () |
Provides access to the underlying C instance. The caller is responsible for unrefing it. Use when directly setting fields in structs. More... | |
void | splice_async (const Glib::RefPtr< IOStream >& stream2, const SlotAsyncReady& slot, const Glib::RefPtr< Cancellable >& cancellable, IOStreamSpliceFlags flags=Gio::IO_STREAM_SPLICE_NONE, int io_priority=Glib::PRIORITY_DEFAULT) |
Asyncronously splice the output stream to the input stream of stream2, and splice the output stream of stream2 to the input stream of this stream. More... | |
void | splice_async (const Glib::RefPtr< IOStream >& stream2, const SlotAsyncReady& slot, IOStreamSpliceFlags flags=Gio::IO_STREAM_SPLICE_NONE, int io_priority=Glib::PRIORITY_DEFAULT) |
A non-cancellable version of splice_async(). More... | |
Glib::RefPtr< InputStream > | get_input_stream () |
Gets the input stream for this object. More... | |
Glib::RefPtr< OutputStream > | get_output_stream () |
Gets the output stream for this object. More... | |
bool | close (const Glib::RefPtr< Cancellable >& cancellable) |
Closes the stream, releasing resources related to it. More... | |
bool | close () |
A close() convenience overload. More... | |
void | close_async (const SlotAsyncReady& slot, const Glib::RefPtr< Cancellable >& cancellable, int io_priority=Glib::PRIORITY_DEFAULT) |
void | close_async (const SlotAsyncReady& slot, int io_priority=Glib::PRIORITY_DEFAULT) |
bool | close_finish (const Glib::RefPtr< AsyncResult >& result) |
Closes a stream. More... | |
bool | is_closed () const |
Checks if a stream is closed. More... | |
bool | has_pending () const |
Checks if a stream has pending actions. More... | |
bool | set_pending () |
Sets stream to have actions pending. More... | |
void | clear_pending () |
Clears the pending flag on stream. More... | |
![]() | |
void* | get_data (const QueryQuark& key) |
void | set_data (const Quark& key, void* data) |
void | set_data (const Quark& key, void* data, DestroyNotify notify) |
void | remove_data (const QueryQuark& quark) |
void* | steal_data (const QueryQuark& quark) |
Static Public Member Functions | |
static void | add_interface (GType gtype_implementer) |
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system. More... | |
static Glib::RefPtr < TlsClientConnection > | create (const Glib::RefPtr< IOStream >& base_io_stream, const Glib::RefPtr< const SocketConnectable >& server_identity) |
Creates a new TlsClientConnection wrapping base_io_stream (which must have pollable input and output streams) which is assumed to communicate with the server identified by server_identity. More... | |
static Glib::RefPtr < TlsClientConnection > | create (const Glib::RefPtr< IOStream >& base_io_stream) |
A create() convenience overload. More... | |
![]() | |
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system. More... | |
![]() | |
static GType | get_type () |
Get the GType for this class, for use with the underlying GObject type system. More... | |
static bool | splice_finish (const Glib::RefPtr< AsyncResult >& result) |
Finishes an asynchronous io stream splice operation. More... | |
Protected Member Functions | |
TlsClientConnection () | |
You should derive from this class to use it. More... | |
![]() | |
ObjectBase () | |
This default constructor is called implicitly from the constructor of user-derived classes, even if, for instance, Gtk::Button calls a different ObjectBase constructor. More... | |
ObjectBase (const char* custom_type_name) | |
A derived constructor always overrides this choice. More... | |
ObjectBase (const std::type_info& custom_type_info) | |
This constructor is a special feature to allow creation of derived types on the fly, without having to use g_object_new() manually. More... | |
virtual | ~ObjectBase ()=0 |
void | initialize (GObject* castitem) |
![]() | |
TlsConnection () | |
virtual bool | on_accept_certificate (const Glib::RefPtr< const TlsCertificate >& peer_cert, TlsCertificateFlags errors) |
This is a default handler for the signal signal_accept_certificate(). More... | |
![]() | |
Object () | |
Object (const Glib::ConstructParams& construct_params) | |
Object (GObject* castitem) | |
virtual | ~Object () |
Related Functions | |
(Note that these are not member functions.) | |
Glib::RefPtr < Gio::TlsClientConnection > | wrap (GTlsClientConnection* object, bool take_copy=false) |
A Glib::wrap() method for this object. More... | |
![]() | |
Glib::RefPtr< Gio::TlsConnection > | wrap (GTlsConnection* object, bool take_copy=false) |
A Glib::wrap() method for this object. More... | |
![]() | |
Glib::RefPtr< Gio::IOStream > | wrap (GIOStream* object, bool take_copy=false) |
A Glib::wrap() method for this object. More... | |
![]() | |
Glib::RefPtr< Glib::Object > | wrap (GObject* object, bool take_copy=false) |
Additional Inherited Members | |
![]() | |
typedef void(* | DestroyNotify )(gpointer data) |
TlsClientConnection - TLS client-side connection.
TlsClientConnection is the client-side subclass of TlsConnection, representing a client-side TLS connection.
|
protected |
You should derive from this class to use it.
|
virtual |
|
static |
|
static |
Creates a new TlsClientConnection wrapping base_io_stream (which must have pollable input and output streams) which is assumed to communicate with the server identified by server_identity.
base_io_stream | The IOStream to wrap. |
server_identity | The expected identity of the server. |
0
on error.
|
static |
A create() convenience overload.
std::vector< Glib::RefPtr<Glib::ByteArray> > Gio::TlsClientConnection::get_accepted_cas | ( | ) |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from.
This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be 0
.
Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.
std::vector< Glib::RefPtr<const Glib::ByteArray> > Gio::TlsClientConnection::get_accepted_cas | ( | ) | const |
Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from.
This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be 0
.
Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.
Glib::RefPtr<SocketConnectable> Gio::TlsClientConnection::get_server_identity | ( | ) |
Gets conn's expected server identity.
0
if the expected identity is not known. Glib::RefPtr<const SocketConnectable> Gio::TlsClientConnection::get_server_identity | ( | ) | const |
Gets conn's expected server identity.
0
if the expected identity is not known.
|
static |
Get the GType for this class, for use with the underlying GObject type system.
bool Gio::TlsClientConnection::get_use_ssl3 | ( | ) | const |
Gets whether conn will use SSL 3.0 rather than the highest-supported version of TLS; see g_tls_client_connection_set_use_ssl3().
TlsCertificateFlags Gio::TlsClientConnection::get_validation_flags | ( | ) | const |
|
inline |
Provides access to the underlying C GObject.
|
inline |
Provides access to the underlying C GObject.
Glib::PropertyProxy_ReadOnly< std::vector< Glib::RefPtr<Glib::ByteArray> > > Gio::TlsClientConnection::property_accepted_cas | ( | ) | const |
Distinguished names of the CAs the server accepts certificates from.
You rarely need to use properties because there are get_ and set_ methods for almost all of them.
Glib::PropertyProxy< Glib::RefPtr<SocketConnectable> > Gio::TlsClientConnection::property_server_identity | ( | ) |
GSocketConnectable identifying the server.
You rarely need to use properties because there are get_ and set_ methods for almost all of them.
Glib::PropertyProxy_ReadOnly< Glib::RefPtr<SocketConnectable> > Gio::TlsClientConnection::property_server_identity | ( | ) | const |
GSocketConnectable identifying the server.
You rarely need to use properties because there are get_ and set_ methods for almost all of them.
Glib::PropertyProxy< bool > Gio::TlsClientConnection::property_use_ssl3 | ( | ) |
Use SSL 3.0 rather than trying to use TLS 1.x.
You rarely need to use properties because there are get_ and set_ methods for almost all of them.
Glib::PropertyProxy_ReadOnly< bool > Gio::TlsClientConnection::property_use_ssl3 | ( | ) | const |
Use SSL 3.0 rather than trying to use TLS 1.x.
You rarely need to use properties because there are get_ and set_ methods for almost all of them.
Glib::PropertyProxy< TlsCertificateFlags > Gio::TlsClientConnection::property_validation_flags | ( | ) |
What certificate validation to perform.
You rarely need to use properties because there are get_ and set_ methods for almost all of them.
Glib::PropertyProxy_ReadOnly< TlsCertificateFlags > Gio::TlsClientConnection::property_validation_flags | ( | ) | const |
What certificate validation to perform.
You rarely need to use properties because there are get_ and set_ methods for almost all of them.
void Gio::TlsClientConnection::set_server_identity | ( | const Glib::RefPtr< SocketConnectable >& | identity | ) |
Sets conn's expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let conn know what name to look for in the certificate when performing TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled.
identity | A SocketConnectable describing the expected server identity. |
void Gio::TlsClientConnection::set_use_ssl3 | ( | bool | use_ssl3 = true | ) |
If use_ssl3 is true
, this forces conn to use SSL 3.0 rather than trying to properly negotiate the right version of TLS or SSL to use.
This can be used when talking to servers that do not implement the fallbacks correctly and which will therefore fail to handshake with a "modern" TLS handshake attempt.
use_ssl3 | Whether to use SSL 3.0. |
void Gio::TlsClientConnection::set_validation_flags | ( | TlsCertificateFlags | flags | ) |
Sets conn's validation flags, to override the default set of checks performed when validating a server certificate.
By default, TLS_CERTIFICATE_VALIDATE_ALL is used.
flags | The TlsCertificateFlags to use. |
|
related |
A Glib::wrap() method for this object.
object | The C instance. |
take_copy | False if the result should take ownership of the C instance. True if it should take a new copy or ref. |