Add initial TLS (SSL) support to gio

This adds an extension point for TLS connections to gio, with a
gnutls-based implementation in glib-networking.

Full TLS support is still a work in progress; the current API is
missing some features, and parts of it may still be changed before
2.28.

https://bugzilla.gnome.org/show_bug.cgi?id=588189

docs/reference/gio/gio-docs.xml

@@ -125,6 +125,15 @@
       <xi:include href="xml/gsocketservice.xml"/>
       <xi:include href="xml/gthreadedsocketservice.xml"/>
     </chapter>
+    <chapter id="tls">
+      <title>TLS (SSL) support</title>
+      <xi:include href="xml/gtls.xml"/>
+      <xi:include href="xml/gtlscertificate.xml"/>
+      <xi:include href="xml/gtlsconnection.xml"/>
+      <xi:include href="xml/gtlsclientconnection.xml"/>
+      <xi:include href="xml/gtlsserverconnection.xml"/>
+      <xi:include href="xml/gtlsbackend.xml"/>
+    </chapter>
     <chapter id="resolver">
       <title>DNS resolution</title>
       <xi:include href="xml/gresolver.xml"/>

docs/reference/gio/gio-sections.txt

@@ -1798,13 +1798,17 @@ g_socket_client_set_local_address
 g_socket_client_set_protocol
 g_socket_client_set_socket_type
 g_socket_client_set_timeout
+g_socket_client_set_enable_proxy
+g_socket_client_set_tls
+g_socket_client_set_tls_validation_flags
 g_socket_client_get_family
 g_socket_client_get_local_address
 g_socket_client_get_protocol
 g_socket_client_get_socket_type
 g_socket_client_get_timeout
 g_socket_client_get_enable_proxy
-g_socket_client_set_enable_proxy
+g_socket_client_get_tls
+g_socket_client_get_tls_validation_flags
 <SUBSECTION Standard>
 GSocketClientClass
 G_IS_SOCKET_CLIENT
@@ -2994,3 +2998,126 @@ G_TYPE_POLLABLE_OUTPUT_STREAM
 <SUBSECTION Private>
 g_pollable_output_stream_get_type
 </SECTION>
+
+<SECTION>
+<FILE>gtls</FILE>
+G_TLS_ERROR
+GTlsError
+<SUBSECTION>
+GTlsAuthenticationMode
+GTlsCertificateFlags
+</SECTION>
+
+<SECTION>
+<FILE>gtlsbackend</FILE>
+<TITLE>GTlsBackend</FILE>
+G_TLS_BACKEND_EXTENSION_POINT_NAME
+GTlsBackend
+GTlsBackendInterface
+g_tls_backend_get_default
+g_tls_backend_supports_tls
+g_tls_backend_get_certificate_type
+g_tls_backend_get_client_connection_type
+g_tls_backend_get_server_connection_type
+<SUBSECTION Standard>
+G_IS_TLS_BACKEND
+G_TLS_BACKEND
+G_TLS_BACKEND_GET_INTERFACE
+G_TYPE_TLS_BACKEND
+g_tls_error_quark
+<SUBSECTION Private>
+g_tls_backend_get_type
+</SECTION>
+
+<SECTION>
+<FILE>gtlscertificate</FILE>
+<TITLE>GTlsCertificate</TITLE>
+GTlsCertificate
+g_tls_certificate_new
+g_tls_certificate_new_from_pem
+g_tls_certificate_new_from_file
+g_tls_certificate_new_from_files
+g_tls_certificate_list_new_from_file
+g_tls_certificate_get_issuer
+<SUBSECTION Standard>
+GTlsCertificateClass
+GTlsCertificatePrivate
+G_IS_TLS_CERTIFICATE
+G_IS_TLS_CERTIFICATE_CLASS
+G_TLS_CERTIFICATE
+G_TLS_CERTIFICATE_CLASS
+G_TLS_CERTIFICATE_GET_CLASS
+G_TYPE_TLS_CERTIFICATE
+<SUBSECTION Private>
+g_tls_certificate_get_type
+</SECTION>
+
+<SECTION>
+<FILE>gtlsconnection</FILE>
+<TITLE>GTlsConnection</TITLE>
+GTlsConnection
+g_tls_connection_set_certificate
+g_tls_connection_get_certificate
+g_tls_connection_get_peer_certificate
+g_tls_connection_set_require_close_notify
+g_tls_connection_get_require_close_notify
+GTlsRehandshakeMode
+g_tls_connection_set_rehandshake_mode
+g_tls_connection_get_rehandshake_mode
+<SUBSECTION>
+g_tls_connection_handshake
+g_tls_connection_handshake_async
+g_tls_connection_handshake_finish
+<SUBSECTION>
+g_tls_connection_set_peer_certificate
+g_tls_connection_emit_accept_certificate
+g_tls_connection_emit_need_certificate
+<SUBSECTION Standard>
+GTlsConnectionClass
+GTlsConnectionPrivate
+G_IS_TLS_CONNECTION
+G_IS_TLS_CONNECTION_CLASS
+G_TLS_CONNECTION
+G_TLS_CONNECTION_CLASS
+G_TLS_CONNECTION_GET_CLASS
+G_TYPE_TLS_CONNECTION
+<SUBSECTION Private>
+g_tls_connection_get_type
+</SECTION>
+
+<SECTION>
+<FILE>gtlsclientconnection</FILE>
+<TITLE>GTlsClientConnection</TITLE>
+GTlsClientConnection
+GTlsClientConnectionInterface
+g_tls_client_connection_new
+g_tls_client_connection_set_server_identity
+g_tls_client_connection_get_server_identity
+g_tls_client_connection_set_validation_flags
+g_tls_client_connection_get_validation_flags
+g_tls_client_connection_set_use_ssl3
+g_tls_client_connection_get_use_ssl3
+g_tls_client_connection_get_accepted_cas
+<SUBSECTION Standard>
+G_IS_TLS_CLIENT_CONNECTION
+G_TLS_CLIENT_CONNECTION
+G_TLS_CLIENT_CONNECTION_GET_INTERFACE
+G_TYPE_TLS_CLIENT_CONNECTION
+<SUBSECTION Private>
+g_tls_client_connection_get_type
+</SECTION>
+
+<SECTION>
+<FILE>gtlsserverconnection</FILE>
+<TITLE>GTlsServerConnection</TITLE>
+GTlsServerConnection
+GTlsServerConnectionInterface
+g_tls_server_connection_new
+<SUBSECTION Standard>
+G_IS_TLS_SERVER_CONNECTION
+G_TLS_SERVER_CONNECTION
+G_TLS_SERVER_CONNECTION_GET_INTERFACE
+G_TYPE_TLS_SERVER_CONNECTION
+<SUBSECTION Private>
+g_tls_server_connection_get_type
+</SECTION>

docs/reference/gio/gio.types

@@ -108,6 +108,11 @@ g_tcp_connection_get_type
 g_tcp_wrapper_connection_get_type
 g_themed_icon_get_type
 g_threaded_socket_service_get_type
+g_tls_backend_get_type
+g_tls_certificate_get_type
+g_tls_client_connection_get_type
+g_tls_connection_get_type
+g_tls_server_connection_get_type
 g_unix_connection_get_type
 g_unix_fd_list_get_type
 g_unix_fd_message_get_type