Commit Graph

20 Commits

Author SHA1 Message Date
Michael Catanzaro
bf37392045 tls: add functions to get protocol version and ciphersuite name
This adds g_tls_connection_get_protocol_version(),
g_tls_connection_get_ciphersuite_name(), and DTLS variants. This will
allow populating TLS connection information in the WebKit web inspector.

This is WIP because we found it's not quite possibly to implement
correctly with GnuTLS. See glib-networking!151.
2021-06-03 10:56:15 -05:00
Ruslan Marchenko
44524b9daa Add g_(d)tls_connection_get_channel_binding_data calls and enums
* Add g_tls_connection_get_channel_binding_data API call
 * Add g_dtls_connection_get_channel_binding_data API call
 * Add get_binding_data method to GTlsConnection class
 * Add get_binding_data method to GDtlsConnection interface
 * Add GTlsChannelBindingType enum with tls-unique and
   tls-server-end-point types
 * Add GTlsChannelBindingError enum and G_TLS_CHANNEL_BINDING_ERROR
   quark
 * Add new API calls to documentation reference gio-sections-common
2020-06-25 12:40:34 +00:00
Philip Withnall
40ff475977 Annotate various types and macros as deprecated
These have all been documented as deprecated for a long time, but we’ve
never had a way to programmatically mark them as deprecated. Do that
now.

This is based on the list of deprecations from the reverted commit
80fcb1bc2.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #638
2019-05-30 10:39:11 +01:00
Emmanuele Bassi
e5ba5845a1 Revert "headers: Add various missing G_DISABLE_DEPRECATED guards"
This reverts commit 80fcb1bc26.

G_DISABLE_DEPRECATED should never be used by anybody, least of all by
GLib. We have deprecation annotations for the compiler, these days, and
they are much better suited than a macro that makes symbols appear and
disappear. The fact that gtk-doc doesn't understand the deprecation
annotations is a limitation of gtk-doc, and it's gtk-doc that ought to be
fixed.

Commit 80fcb1bc broke GStreamer, which disables old API that was
deprecated before the introduction of the deprecation annotations, but
still uses newly deprecated one, and relies on the deprecation
annotations to do their thing. It also broke libsoup, as it uses
GValueArray in its own API.
2019-03-16 11:30:13 +00:00
Philip Withnall
80fcb1bc26 headers: Add various missing G_DISABLE_DEPRECATED guards
As pointed out by gtk-doc, these are all symbols which have been marked
as deprecated, but which aren’t protected by a deprecation guard. We
can’t use G_DEPRECATED_IN_* for them, as they are all non-function
symbols. Instead, wrap them in #ifndef G_DISABLE_DEPRECATED.

In some cases, we also need to wrap one or two functions which use the
deprecated types in G_DISABLE_DEPRECATED too.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-03-15 11:09:32 +00:00
Scott Hutton
9032e8897d Implement support for ALPN in GTlsConnection, GDtlsConnection 2018-12-18 16:32:55 -08:00
Michael Catanzaro
85f7d493d7 Deprecate TLS rehandshake APIs
Allowing unsafe rehandshakes used to be required for web compatibility,
but this is no longer a concern in 2018. So there should no longer be
compatibility benefits to calling this function. All it does is make
your TLS connection insecure.

Also, rehandshaking no longer exists at all in TLS 1.3.

At some point (maybe soon!) glib-networking will begin ignoring the
rehandshake mode, so let's deprecate it now.
2018-11-20 22:07:58 -06:00
Sébastien Wilmet
3bf4a720c3 gio/: LGPLv2+ -> LGPLv2.1+
Sub-directories inside gio/ already processed in a previous commit:
- fam/
- gdbus-2.0/ (which contains only codegen/)
- gvdb/
- inotify/
- tests/
- win32/
- xdgmime/

Other sub-directories inside gio/:
- completion/: no license headers
- kqueue/: not LGPL, BSD-style license

https://bugzilla.gnome.org/show_bug.cgi?id=776504
2017-05-29 19:53:34 +02:00
Daniel Mustieles
078dbda148 Updated FSF's address 2014-01-31 14:31:55 +01:00
Ryan Lortie
0156092a42 various: add GLIB_AVAILABLE_IN_ALL everywhere else
Add the GLIB_AVAILABLE_IN_ALL annotation to all old functions (that
haven't already been annotated with the GLIB_AVAILABLE_IN_* macros or a
deprecation macro).

If we discover in the future that we cannot use only one macro on
Windows, it will be an easy sed patch to fix that.

https://bugzilla.gnome.org/show_bug.cgi?id=688681
2013-01-13 13:11:57 -05:00
Matthias Clasen
e1b99b2ddc Move single-include guards inside include guards
gcc has optimizations for include guards that only work
if they are outermost in the the header.
https://bugzilla.gnome.org/show_bug.cgi?id=689810
2012-12-27 23:43:14 -05:00
Dieter Verfaillie
2655262889 Fix malformed GTK-Doc comment blocks: remove repeated comment blocks.
gio/gproxyresolver.h: GProxyResolver already documented in gio/giotypes.h
gio/gtlsbackend.h: GTlsBackend already documented in gio/gtlsbackend.c
gio/gtlsclientconnection.h: GTlsClientConnection already documented in gio/gtlsclientconnection.c
gio/gtlsconnection.h: GTlsConnection already documented in gio/gtlsconnection.c
gio/gunixconnection.h: GTcpConnection already documented in gio/giotypes.h
glib/gversion.h: GLIB_CHECK_VERSION already documented in glib/gversion.c

Found these thanks to the improved gobject-introspection
GTK-Doc comment block/annotation parser.
See https://bugzilla.gnome.org/show_bug.cgi?id=672254

https://bugzilla.gnome.org/show_bug.cgi?id=673385
2012-04-05 10:23:46 -03:00
Matthias Clasen
5896808e8c GIO: Don't use G_DISABLE_DEPRECATED for functions 2011-11-03 00:16:41 -04:00
Chun-wei Fan
08d6e1147d Use GLIB_DEPRECATED instead of G_GNUC_DEPRECATED in our headers
This will let others opt out of seeing GLib deprecation warnings
by defining GLIB_DISABLE_DEPRECATION_WARNINGS.

https://bugzilla.gnome.org/show_bug.cgi?id=661438
2011-10-11 13:42:59 -04:00
Matthias Clasen
ff2dafb209 Add G_GNUC_DEPRECATED to deprecated functions in gio 2011-10-08 23:49:04 -04:00
Stef Walter
0f99cfa882 GTlsDatabase and related objects
The database is an abstract object implemented by the various TLS
backends, which is used by GTlsConnection to lookup certificates
and keys, as well as verify certificate chains.

Also add GTlsInteraction, which can be used to prompt the user
for a password or PIN (used with the database).

https://bugzilla.gnome.org/show_bug.cgi?id=636572
2011-08-04 08:54:55 +02:00
Dan Winship
f5c3e0d3d5 Change the handling of the peer certificate in GTlsConnection
Make the certificate and peer-certificate properties virtual, and add
peer-certificate-errors as well. Change the documentation on
peer-certificate to say that it's not set until after the handshake
succeeds (which means notify::peer-certificate can be used to tell
when a handshake has completed).
2010-12-07 14:58:42 +01:00
Dan Winship
95cba18349 Remove GTlsConnection::need-certificate
Trying to do this as a signal won't work well with either
GTlsCertificateDB (in which case looking up a certificate in the db is
a blocking/asynchronous act) or session resumption support (in which
case the certificate or lack thereof is part of the session definition
and so needs to be known immediately). Make the caller use
g_tls_connection_set_certificate() ahead of time (or when retrying)
instead.
2010-12-07 10:41:05 +01:00
Dan Winship
d6e94070dd Add GTlsConnection:use-system-certdb
This can be set FALSE if you don't want to validate certificates
against the system database.
2010-12-07 10:41:05 +01:00
Dan Winship
59d62726de Add initial TLS (SSL) support to gio
This adds an extension point for TLS connections to gio, with a
gnutls-based implementation in glib-networking.

Full TLS support is still a work in progress; the current API is
missing some features, and parts of it may still be changed before
2.28.

https://bugzilla.gnome.org/show_bug.cgi?id=588189
2010-11-26 15:57:11 -05:00