GTlsClientConnection

GTlsClientConnection — TLS client-side connection

Synopsis


#include <gio/gio.h>

                    GTlsClientConnection;
                    GTlsClientConnectionInterface;
GIOStream *         g_tls_client_connection_new         (GIOStream *base_io_stream,
                                                         GSocketConnectable *server_identity,
                                                         GError **error);
void                g_tls_client_connection_set_server_identity
                                                        (GTlsClientConnection *conn,
                                                         GSocketConnectable *identity);
GSocketConnectable * g_tls_client_connection_get_server_identity
                                                        (GTlsClientConnection *conn);
void                g_tls_client_connection_set_validation_flags
                                                        (GTlsClientConnection *conn,
                                                         GTlsCertificateFlags flags);
GTlsCertificateFlags  g_tls_client_connection_get_validation_flags
                                                        (GTlsClientConnection *conn);
void                g_tls_client_connection_set_use_ssl3
                                                        (GTlsClientConnection *conn,
                                                         gboolean use_ssl3);
gboolean            g_tls_client_connection_get_use_ssl3
                                                        (GTlsClientConnection *conn);
GList *             g_tls_client_connection_get_accepted_cas
                                                        (GTlsClientConnection *conn);

Description

GTlsClientConnection is the client-side subclass of GTlsConnection, representing a client-side TLS connection.

Details

GTlsClientConnection

typedef struct _GTlsClientConnection GTlsClientConnection;

TLS client-side connection; the client-side implementation of a GTlsConnection

Since 2.28


GTlsClientConnectionInterface

typedef struct {
  GTypeInterface g_iface;
} GTlsClientConnectionInterface;


g_tls_client_connection_new ()

GIOStream *         g_tls_client_connection_new         (GIOStream *base_io_stream,
                                                         GSocketConnectable *server_identity,
                                                         GError **error);

Creates a new GTlsClientConnection wrapping base_io_stream (which must have pollable input and output streams) which is assumed to communicate with the server identified by server_identity.

base_io_stream :

the GIOStream to wrap

server_identity :

the expected identity of the server. allow-none.

error :

GError for error reporting, or NULL to ignore.

Returns :

the new GTlsClientConnection, or NULL on error

Since 2.28


g_tls_client_connection_set_server_identity ()

void                g_tls_client_connection_set_server_identity
                                                        (GTlsClientConnection *conn,
                                                         GSocketConnectable *identity);

Sets conn's expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let conn know what name to look for in the certificate when performing G_TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled.

conn :

the GTlsClientConnection

identity :

a GSocketConnectable describing the expected server identity

Since 2.28


g_tls_client_connection_get_server_identity ()

GSocketConnectable * g_tls_client_connection_get_server_identity
                                                        (GTlsClientConnection *conn);

Gets conn's expected server identity

conn :

the GTlsClientConnection

Returns :

a GSocketConnectable describing the expected server identity, or NULL if the expected identity is not known.

Since 2.28


g_tls_client_connection_set_validation_flags ()

void                g_tls_client_connection_set_validation_flags
                                                        (GTlsClientConnection *conn,
                                                         GTlsCertificateFlags flags);

Sets conn's validation flags, to override the default set of checks performed when validating a server certificate. By default, G_TLS_CERTIFICATE_VALIDATE_ALL is used.

conn :

the GTlsClientConnection

flags :

the GTlsCertificateFlags to use

Since 2.28


g_tls_client_connection_get_validation_flags ()

GTlsCertificateFlags  g_tls_client_connection_get_validation_flags
                                                        (GTlsClientConnection *conn);

Gets conn's validation flags

conn :

the GTlsClientConnection

Returns :

the validation flags

Since 2.28


g_tls_client_connection_set_use_ssl3 ()

void                g_tls_client_connection_set_use_ssl3
                                                        (GTlsClientConnection *conn,
                                                         gboolean use_ssl3);

If use_ssl3 is TRUE, this forces conn to use SSL 3.0 rather than trying to properly negotiate the right version of TLS or SSL to use. This can be used when talking to servers that do not implement the fallbacks correctly and which will therefore fail to handshake with a "modern" TLS handshake attempt.

conn :

the GTlsClientConnection

use_ssl3 :

whether to use SSL 3.0

Since 2.28


g_tls_client_connection_get_use_ssl3 ()

gboolean            g_tls_client_connection_get_use_ssl3
                                                        (GTlsClientConnection *conn);

Gets whether conn will use SSL 3.0 rather than the highest-supported version of TLS; see g_tls_client_connection_set_use_ssl3().

conn :

the GTlsClientConnection

Returns :

whether conn will use SSL 3.0

Since 2.28


g_tls_client_connection_get_accepted_cas ()

GList *             g_tls_client_connection_get_accepted_cas
                                                        (GTlsClientConnection *conn);

Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from. This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be NULL.

Each item in the list is a GByteArray which contains the complete subject DN of the certificate authority.

conn :

the GTlsClientConnection

Returns :

element-type GByteArray) (transfer full. element-type GByteArray. transfer full.

Since 2.28