The necessary review and integration work has not happened, and
we don't want to enshrine it in this unproven state.
It will be back when the world is ready for it.
Make the certificate and peer-certificate properties virtual, and add
peer-certificate-errors as well. Change the documentation on
peer-certificate to say that it's not set until after the handshake
succeeds (which means notify::peer-certificate can be used to tell
when a handshake has completed).
Trying to do this as a signal won't work well with either
GTlsCertificateDB (in which case looking up a certificate in the db is
a blocking/asynchronous act) or session resumption support (in which
case the certificate or lack thereof is part of the session definition
and so needs to be known immediately). Make the caller use
g_tls_connection_set_certificate() ahead of time (or when retrying)
instead.
Add a method to verify a certificate against a CA; this can be used
for apps that need to test against non-default CAs.
Also make the GTlsCertificate::issuer property virtual
This adds an extension point for TLS connections to gio, with a
gnutls-based implementation in glib-networking.
Full TLS support is still a work in progress; the current API is
missing some features, and parts of it may still be changed before
2.28.
https://bugzilla.gnome.org/show_bug.cgi?id=588189
GProxyConnection is a class that was added for proxy support;
g_socket_client_connect() returns a GSocketConnection, but in some
cases (eg, encrypted SOCKS), GProxy might return a GIOStream that is
not a GSocketConnection. In that case, GSocketClient would wrap the
stream up in a GProxyConnection, which is a subclass of
GSocketConnection but uses the input/output streams of the wrapped
connection.
GTlsConnection is not a GSocketConnection, so it has the same problem,
so it will need the same treatment. Rename the class to
GTcpWrapperStream, and make it public, so people can extract the base
stream from it when necessary.
(This is not ideal and GSocketClient will need to be revisited as an
API at some point...)
https://bugzilla.gnome.org/show_bug.cgi?id=588189
When interfacing with APIs that expect unix-style async I/O, it is
useful to be able to tell in advance whether a read/write is going to
block. This adds new interfaces GPollableInputStream and
GPollableOutputStream that can be implemented by a GInputStream or
GOutputStream to add _is_readable/_is_writable, _create_source, and
_read_nonblocking/_write_nonblocking methods.
Also, implement for GUnixInput/OutputStream and
GSocketInput/OutputStream
https://bugzilla.gnome.org/show_bug.cgi?id=634241
g_cancellable_create_source() returns a GSource that triggers when its
corresponding GCancellable is cancelled. This can be used with
g_source_add_child_source() to add cancellability to a source.
Port gasynchelper's FDSource to use this rather than doing its own
cancellable handling, and also fix up its callback argument order to
be more normal.
https://bugzilla.gnome.org/show_bug.cgi?id=634239
Add support for passing the full contents of the environment to the
primary instance (by storing it in the platform_data) when
G_APPLICATION_SEND_ENVIRONMENT is in the flags.
These functions are meant to replace the read_until() flavour, with the
following improvements:
- consistency between the synchronous and asynchronous versions as to
if the separator character is read (it never is).
- support for using a nul byte as a separator character by way of
addition of a length parameter which allows stop_chars to be treated
as a byte array rather than a nul-terminated string.
The read_until() functions are not yet formally deprecated, but a note
has been added to the documentation warning not to use them as they will
be in the future.
This is bug #584284.
Rework filter functions as per
https://bugzilla.gnome.org/show_bug.cgi?id=624546#c8
This commit breaks ABI. However, this ABI break affects only
applications using filter functions. The only known user of is dconf.
Signed-off-by: David Zeuthen <davidz@redhat.com>
Don't actually use this yet as that will require a couple of
modifications to the filter function signature. This is part of the
bug-fix for
https://bugzilla.gnome.org/show_bug.cgi?id=624546#c8
Signed-off-by: David Zeuthen <davidz@redhat.com>
... that is, make it private. This makes sense because users are never
expected to create such objects themselves - only the GDBus core will
need this.
Signed-off-by: David Zeuthen <davidz@redhat.com>
Allow modifying a GDBusMessage in a filter function and also add tests
for this. This breaks API but leaves ABI (almost) intact - at least
dconf's GSettings backend (the only big user I know of) will keep
working.
https://bugzilla.gnome.org/show_bug.cgi?id=624546
Signed-off-by: David Zeuthen <davidz@redhat.com>
This allow application to take control over certain proxy protocol
handling. When a proxy protocol must be used and is found in the
application proxies, GSocketClient will simply TCP connect to the proxy
server and return the connection.
Reviewed-by: Dan Winship <danw@gnome.org>
Using this rather than g_socket_client_connect() or
g_socket_client_connect_to_host() allows #GSocketClient to
determine when to use application-specific proxy protocols.
Reviewed-by: Dan Winship <danw@gnome.org>
This functionnallity can be disabled using property enable-proxy. It
enumerates addresses using GSocketConnectable::proxy_enumerate() instead of
enumerate(). When the returned address is of type GProxyAddress (a type
based on GInetSocketAddress), it gets the proxy protocol handler using
g_proxy_get_default_for_protocol() and call connect() on it.
Reviewed-by: Dan Winship <danw@gnome.org>
This patch implements method proxy_enumerate from GSocketConnectable for
all connectables (GNetworkAddress, GNetworkService, GInetSocketAddress
and GUnixSocketAddress).
Reviewed-by: Dan Winship <danw@gnome.org>
An implementation of GSocketAddressEnumerator that handles proxy
enumeration. This class is mainly usefull for Connectables implementation
such as NetworkService, NetworkAddress and SocketAddress to handle proxies.
Reviewed-by: Dan Winship <danw@gnome.org>
Implement an extension point for proxy protocol implementation. This
is mainly useful for socket-based proxy where it is possible to use the
proxied socket the same way it would for other stream based socket.
Reviewed-by: Dan Winship <danw@gnome.org>
This method allow creating a network address from a URI. If no port is
found in the URI, the default_port parameter will be used. Note that new
property scheme is there for future TLS implementation.
Reviewed-by: Dan Winship <danw@gnome.org>
A GSocketInetAddress representing the proxy server address with additional
properties proxy type, destination address and port, username and password.
Reviewed-by: Dan Winship <danw@gnome.org>
This extension point allow extending GLib with library like LibProxy that
interprets system proxy settings and finds the appropriate configuration
based on the type of connection being made.
Reviewed-by: Dan Winship <danw@gnome.org>
Add GZlibCompressor:file-info property. If it contains a non-NULL
GFileInfo, and the compressor is in GZIP mode, the filename and
modification time from the file info are written to the GZIP header
in the output data.
Add GZlibDeompressor:file-info property. If the decompressor is in GZIP
mode, and the GZIP data contains a GZIP header, the filename and
modification time are read from it, stored in a GFileInfo, and the
file-info property is notified.
Bug #617691.
Previously if a GSocketConnection had a blocking GSocket, it would
sometimes block during asynchonous I/O, and if it had a non-blocking
socket, it would sometimes return G_IO_ERROR_WOULD_BLOCK from
synchronous I/O. This fixes the connection to not depend on the socket
state.
https://bugzilla.gnome.org/show_bug.cgi?id=616458
Also use this in the test cases to check that serialization to and
from both big and little endian works.
Signed-off-by: David Zeuthen <davidz@redhat.com>
- Make GCredentials instance and class structures private so it can't
be subclassed and we don't have to worry about ABI compat
issues. This also allows us to get rid of the GCredentialsPrivate
struct.
- Add a GCredentialsType enumeration that is used whenever exchanging
pointers with the user. This allows us to support OSes with
multiple native credential types. In particular, it allows
supporting OSes where the native credential evolves or even changes
over time.
- Add g_socket_get_credentials() method.
- Add tests for g_socket_get_credentials(). Right now this is in the
GDBus peer-to-peer test case but we can change that later.
- Move GTcpConnection into a separate gtk-doc page as was already
half-done with GUnixConnection. Also finish the GUnixConnection
move and ensure send_credentials() and receive_credentials()
methods are in the docs. Also nuke comment about GTcpConnection
being empty compared to its superclass.
Signed-off-by: David Zeuthen <davidz@redhat.com>
This is currently unused but might be useful in the future. For
example, it might be nice with a way to bypass the current queue of
outgoing messages - having a flag enumeration allows us to add a
G_DBUS_SEND_MESSAGE_FLAGS_BYPASS_QUEUE etc. etc.
This commit breaks ABI and API. Users of the (rarely used) API to send
messages will have to port to this new API.
Signed-off-by: David Zeuthen <davidz@redhat.com>
This is currently unused but will probably be useful in the
future. For example, we could have a _ARG0_IS_PATH to specify that
arg0 should be used for arg0path.
This commit breaks API and ABI. Users of
g_dbus_connection_signal_subscribe() will need to port to this new
version.
Signed-off-by: David Zeuthen <davidz@redhat.com>
... so it is async, cancelable and returns an error. Also provide a
synchronous version.
This is an API/ABI break but it is expected that only very few
applications use this API.
Signed-off-by: David Zeuthen <davidz@redhat.com>
E.g. move these C structures out of public header files and into their
respective C files. Also nuke padding since this is no longer needed.
This leaves only GDBusProxy as an extendable type.
Signed-off-by: David Zeuthen <davidz@redhat.com>
Add a <flags> tag to the schema file format and a flags='' attribute to
go along with. Add some extra test cases for those.
Add new g_settings_{get,set}_flags() calls and support binding to
GParamSpecFlags properties. Add test cases.
Without this guarantee, peer-to-peer connections are not very
useful. However, with this guarantee it's possible to export objects
in a handler for the GDBusServer::new-connection signal.
There are two caveats with this patch
- it won't work on message bus connections
- we don't queue up messages to be written
that can be addresses later if needed.
https://bugzilla.gnome.org/show_bug.cgi?id=623142
Signed-off-by: David Zeuthen <davidz@redhat.com>
Allow constructing a GDBusProxy for well-known names as discussed here
http://mail.gnome.org/archives/gtk-devel-list/2009-October/msg00075.html
including test cases.
Make it possible to create a GDBusProxy for a GBusType instead of a
GDBusConnection. This requires G_BUS_TYPE_NONE so add that too.
Nuke g_bus_watch_proxy() since one can now more or less use GDBusProxy
for this.
Port gdbus-example-watch-proxy to this new API and include this
example in the GDBusProxy doc page.
Also nuke the GType parameter from the GDBusProxy constructors as
requested here: https://bugzilla.gnome.org/show_bug.cgi?id=621229
Also update the porting guide and other API docs for this change.
Also fix a bug in the signal dispatching code so each subscriber only
get notified once, not N times, for the same signal. Also add a test
case for this.
https://bugzilla.gnome.org/show_bug.cgi?id=621213
Signed-off-by: David Zeuthen <davidz@redhat.com>
accept more than one callback.
g_bus_own_name_with_closures
g_bus_own_name_on_connection_with_closures
g_bus_watch_name_with_closures
g_bus_watch_name_on_connection_with_closures
g_bus_watch_proxy_with_closures
g_bus_watch_proxy_on_connection_with_closures
https://bugzilla.gnome.org/show_bug.cgi?id=621092
This adds a GApplication object to GIO, which is the core of
an application support class, supporting
- uniqueness
- exporting actions (simple scripting)
- standard actions (quit, activate)
The implementation for Linux uses D-Bus, takes a name on the
session bus, and exports a org.gtk.Application interface.
Implementations for Win32 and OS X are still missing.
add GSimplePermission, a trivial const implementation of GPermission
can-request and can-release are always false for this implementation and
the value of 'allowed' is decided at construction.
This uncovered a bug in name watching if the name wasn't activatable.
Also provoked the need for on_connection variants of g_bus_watch_name
(added g_bus_watch_proxy's variant as well).
This makes it possible to use the cached properties mechanism even if
constructing the proxy with the DO_NOT_LOAD_PROPERTIES flag.
This is useful for cases where you obtain the and track object
properties out-of-band. For example, in udisks, the plan is to have
something like this
Manager.GetObjects (out ao paths, out aa{sa{sv}} all_properties);
Manager.ObjectAdded (o path, a{sa{sv}} all_properties);
Manager.ObjectChanged (o path, a{sa{sv}} all_properties);
Manager.ObjectRemoved (o path, a{sa{sv}} all_properties);
E.g. the first GetObjects() call will return *all* data about *all*
exported objects. Further, this way a client will only need to listen
these three signals (three AddMatch) on the Manager object and it will
never need to do GetAll() etc (e.g. can use DO_NOT_LOAD_PROPERTIES).
(Of course this only works if the client is interested in all
objects... while this is true for udisks it is generally not true for
other D-Bus services).
Also use expected_interface to check for programming errors.
Lots of people been suggesting this. We still use MethodInvocation /
method_invocation for handling incoming method calls so use call()
instead of invoke_method() helps to separate the client and server
facilities. Which is a good thing(tm).
There are apparently two incompatible ways of naming abstract sockets:
pad the sockaddr with 0s and use the entire thing as the name, or else
don't, and just pass a shorter length value to the relevant functions.
We previously only supported the former method. Add support for the
latter.
Also correctly handle "anonymous" unix sockaddrs (eg, the client side
of a connection, or a socketpair() socket), and add unix domain socket
support to the socket-client and socket-server test programs to make
sure this all works.
https://bugzilla.gnome.org/show_bug.cgi?id=615960