luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-12-26 15:36:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'mcatanzaro/copy-session-state' into 'master'

Browse Source 
Improve documentation for footgun function g_tls_client_connection_copy_session_state()

See merge request GNOME/glib!1039
This commit is contained in:
Michael Catanzaro 2019-11-18 21:14:37 +00:00
commit d3768c89ae
1 changed files with 28 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
gio/gtlsclientconnection.c
View File

@ -351,12 +351,34 @@ g_tls_client_connection_get_accepted_cas (GTlsClientConnection *conn)
* @conn: a #GTlsClientConnection
* @source: a #GTlsClientConnection
*
* Copies session state from one connection to another. This is
* not normally needed, but may be used when the same session
* needs to be used between different endpoints as is required
* by some protocols such as FTP over TLS. @source should have
* already completed a handshake, and @conn should not have
* completed a handshake.
* Possibly copies session state from one connection to another, for use
* in TLS session resumption. This is not normally needed, but may be
* used when the same session needs to be used between different
* endpoints, as is required by some protocols, such as FTP over TLS.
* @source should have already completed a handshake and, since TLS 1.3,
* it should have been used to read data at least once. @conn should not
* have completed a handshake.
*
* It is not possible to know whether a call to this function will
* actually do anything. Because session resumption is normally used
* only for performance benefit, the TLS backend might not implement
* this function. Even if implemented, it may not actually succeed in
* allowing @conn to resume @source's TLS session, because the server
* may not have sent a session resumption token to @source, or it may
* refuse to accept the token from @conn. There is no way to know
* whether a call to this function is actually successful.
*
* Using this function is not required to benefit from session
* resumption. If the TLS backend supports session resumption, the
* session will be resumed automatically if it is possible to do so
* without weakening the privacy guarantees normally provided by TLS,
* without need to call this function. For example, with TLS 1.3,
* a session ticket will be automatically copied from any
* #GTlsClientConnection that has previously received session tickets
* from the server, provided a ticket is available that has not
* previously been used for session resumption, since session ticket
* reuse would be a privacy weakness. Using this function causes the
* ticket to be copied without regard for privacy considerations.
*
* Since: 2.46
*/