There are many cases where a default TLS database is not able to be
defined within the constraints of a system. For example glib-networking
(or glib-openssl) cannot retrieve the default certificate store on iOS
or Android and need to be initialized from a cert file of certificates
bundled with the application.
Previously GStreamer was relying on a custom patch to glib-networking to
populate the default database from the file pointed to by the
CA_CERTIFICATES environment variable however the mechanism that enabled
this was recently remove from glib-networking.
Adding a more generic g_tls_backend_set_default_database() API allows
application developers to override the default database using their own
certificates as well as allowing equivalent functionality on Android/iOS
(or others) as on the default database handling Linux.
Fixes https://gitlab.gnome.org/GNOME/glib-networking/issues/35
We already have start, stop and is_active methods, but turning it
into a real property is useful for a few reasons:
- it allows us to bind the property to an UI or a setting
- it allows us to get notified when the state changes
- it allows us to instantiate objects directly in the stopped state
https://bugzilla.gnome.org/show_bug.cgi?id=752089
Add a GSocketListener test program. Currently the only test is a
regression test for bug 712570 (based on a standalone bug reproducer
provided by Ross Lagerwall).
The G_ADD_PRIVATE() macro, and the auto-generated get_instance_private()
internal function, should be used conditionally depending on the maximum
allowed version of GLib, as defined by the GLIB_VERSION_MAX_ALLOWED
pre-processor symbol.
This allows generating code that can be compiled in projects that wish
to use an older API version of GLib through the use of the
GLIB_VERSION_MAX_ALLOWED symbol.
https://bugzilla.gnome.org/show_bug.cgi?id=710133
This code was added for use by the G_FILE_ATTRIBUTE_THUMBNAIL_IS_VALID
file attribute, but may end up being used elsewhere (e.g. in GVfs) as well.
As it’s dealing with untrusted external files, and the non-trivial PNG file
format, this commit adds several test cases to cover valid and invalid PNG
files.
The security model for the thumbnail verification code is that the user’s
cache directory is untrusted, and potentially any PNG file which is passed
to the verifier has been manipulated arbitrarily by an attacker.
This is a follow-up to commit fe7069749f.
https://bugzilla.gnome.org/show_bug.cgi?id=709898
There are a number of nice things this class brings:
0) Has a race-free termination API on all platforms (on UNIX, calls to
kill() and waitpid() are coordinated as not to cause problems).
1) Operates in terms of G{Input,Output}Stream, not file descriptors
2) Standard GIO-style async API for wait() with cancellation
3) Makes some simple cases easy, like synchronously spawning a
process with an argument list
4) Makes hard cases possible, like asynchronously running a process
with stdout/stderr merged, output directly to a file path
Much rewriting and code review from Ryan Lortie <desrt@desrt.ca>
https://bugzilla.gnome.org/show_bug.cgi?id=672102
Previously, no testcases tested the close flags of
g_output_stream_splice_async. This patch adds tests for that and
also tests various combinations of threaded and non-threaded
GInputStream async reads and GOutputStream async writes.
https://bugzilla.gnome.org/show_bug.cgi?id=691581
Add a fairly realistic testcase that ensures that GDesktopAppInfo with
DBusActivatable=true can successfully talk to GApplication for a variety
of purposes.
https://bugzilla.gnome.org/show_bug.cgi?id=699259
Add GSimpleProxyResolver, for letting people do static proxy
resolution, and to use as a base class for other resolvers (such as
GProxyResolverGnome).
https://bugzilla.gnome.org/show_bug.cgi?id=691105
Allow GDBusObjectManagerClient to work on peer to peer DBus
connections. Don't require that a unique bus name is available
for the object manager, if the owned bus name is NULL.
https://bugzilla.gnome.org/show_bug.cgi?id=686920
GTask is a replacement for GSimpleAsyncResult and GIOScheduler, that
also allows for making cancellable wrappers around non-cancellable
functions (as in GThreadedResolver).
https://bugzilla.gnome.org/show_bug.cgi?id=661767
Add GNetworkMonitor and its associated extension point, provide a base
implementation that always claims the network is available, and a
netlink-based implementation built on top of that that actually tracks
the network state.
https://bugzilla.gnome.org/show_bug.cgi?id=620932
The GApplication test case tried to fork() while using GMainLoop,
causing problems. Avoid doing that by splitting the child process into
a separate program and spawning it in the usual way.
https://bugzilla.gnome.org/show_bug.cgi?id=658999
* Update documentation to note that GCancellable can be used
concurrently by multiple operations.
* Add documentation to g_cancellable_reset that behavior is
undefined if called from within cancelled handler.
* Add test for multiple concurrent operations using the same
cancellable.
https://bugzilla.gnome.org/show_bug.cgi?id=656387
Destroying a GDBusProxy in a thread used to race with NameOwnerChanged
being delivered to the main context's thread (GNOME #651133).
Also, g_dbus_proxy_call_sync in a thread would race with NameOwnerChanged
being delivered to the main context's thread and rewriting the name_owner
(GNOME #656039).
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=656039
Bug-NB: NB#259760
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Signed-off-by: David Zeuthen <davidz@redhat.com>
The database is an abstract object implemented by the various TLS
backends, which is used by GTlsConnection to lookup certificates
and keys, as well as verify certificate chains.
Also add GTlsInteraction, which can be used to prompt the user
for a password or PIN (used with the database).
https://bugzilla.gnome.org/show_bug.cgi?id=636572
When interfacing with APIs that expect unix-style async I/O, it is
useful to be able to tell in advance whether a read/write is going to
block. This adds new interfaces GPollableInputStream and
GPollableOutputStream that can be implemented by a GInputStream or
GOutputStream to add _is_readable/_is_writable, _create_source, and
_read_nonblocking/_write_nonblocking methods.
Also, implement for GUnixInput/OutputStream and
GSocketInput/OutputStream
https://bugzilla.gnome.org/show_bug.cgi?id=634241
Otherwise, attempting to create a GSocketConnection from the socket
will likely return the wrong type, since the protocol won't match any
of the registered subtypes.
Also add the start of a GSocket test program (from davidz).
https://bugzilla.gnome.org/show_bug.cgi?id=627171