mirror of
https://gitlab.gnome.org/GNOME/glib.git
synced 2024-12-25 15:06:14 +01:00
Deprecate GDtlsClientConnection validation flags
See !2214 for motivation. It doesn't work properly anymore, and the TLS versions of these functions were already deprecated. Sadly, I missed the DTLS versions. Fixes #2646
This commit is contained in:
parent
848d7718b6
commit
e27ef839d9
@ -63,7 +63,21 @@ g_dtls_client_connection_default_init (GDtlsClientConnectionInterface *iface)
|
||||
* ways indicated here will be rejected unless the application
|
||||
* overrides the default via #GDtlsConnection::accept-certificate.
|
||||
*
|
||||
* GLib guarantees that if certificate verification fails, at least one
|
||||
* flag will be set, but it does not guarantee that all possible flags
|
||||
* will be set. Accordingly, you may not safely decide to ignore any
|
||||
* particular type of error. For example, it would be incorrect to mask
|
||||
* %G_TLS_CERTIFICATE_EXPIRED if you want to allow expired certificates,
|
||||
* because this could potentially be the only error flag set even if
|
||||
* other problems exist with the certificate. Therefore, there is no
|
||||
* safe way to use this property. This is not a horrible problem,
|
||||
* though, because you should not be attempting to ignore validation
|
||||
* errors anyway. If you really must ignore TLS certificate errors,
|
||||
* connect to #GDtlsConnection::accept-certificate.
|
||||
*
|
||||
* Since: 2.48
|
||||
*
|
||||
* Deprecated: 2.74: Do not attempt to ignore validation errors.
|
||||
*/
|
||||
g_object_interface_install_property (iface,
|
||||
g_param_spec_flags ("validation-flags",
|
||||
@ -162,9 +176,15 @@ g_dtls_client_connection_new (GDatagramBased *base_socket,
|
||||
*
|
||||
* Gets @conn's validation flags
|
||||
*
|
||||
* This function does not work as originally designed and is impossible
|
||||
* to use correctly. See #GDtlsClientConnection:validation-flags for more
|
||||
* information.
|
||||
*
|
||||
* Returns: the validation flags
|
||||
*
|
||||
* Since: 2.48
|
||||
*
|
||||
* Deprecated: 2.74: Do not attempt to ignore validation errors.
|
||||
*/
|
||||
GTlsCertificateFlags
|
||||
g_dtls_client_connection_get_validation_flags (GDtlsClientConnection *conn)
|
||||
@ -186,7 +206,13 @@ g_dtls_client_connection_get_validation_flags (GDtlsClientConnection *conn)
|
||||
* checks performed when validating a server certificate. By default,
|
||||
* %G_TLS_CERTIFICATE_VALIDATE_ALL is used.
|
||||
*
|
||||
* This function does not work as originally designed and is impossible
|
||||
* to use correctly. See #GDtlsClientConnection:validation-flags for more
|
||||
* information.
|
||||
*
|
||||
* Since: 2.48
|
||||
*
|
||||
* Deprecated: 2.74: Do not attempt to ignore validation errors.
|
||||
*/
|
||||
void
|
||||
g_dtls_client_connection_set_validation_flags (GDtlsClientConnection *conn,
|
||||
|
Loading…
Reference in New Issue
Block a user