mirror of
https://gitlab.gnome.org/GNOME/glib.git
synced 2025-07-28 04:43:28 +02:00
.gitlab-ci
.reuse
LICENSES
docs
reference
gio
content-types.md
dbus-error.md
dbus-introspection.md
dbus-name-owning.md
dbus-name-watching.md
dbus-utils.md
error.md
file-attributes.md
gapplication.rst
gdbus-codegen.rst
gdbus.rst
gio-querymodules.rst
gio-unix.toml.in
gio-win32.toml.in
gio.rst
gio.toml.in
glib-compile-resources.rst
glib-compile-schemas.rst
gresource.rst
gsettings.rst
gvfs-overview.odg
gvfs-overview.png
io-scheduler.md
menu-example.png
menu-exporter.md
menu-model-dark.svg
menu-model-light.svg
meson.build
migrating-gconf.md
migrating-gdbus.md
migrating-gnome-vfs.md
migrating-posix.md
networking.md
overview.md
pollable-utils.md
tls-overview.md
unix-mounts.md
girepository
glib
gmodule
gobject
AUTHORS
COPYING
NEWS
meson.build
urlmap.js
CODEOWNERS
backports.md
issue-and-merge-request-management.md
macros.md
meson-version.md
rationales.md
releasing.md
roadmap.md
supported-platforms.md
testing.md
toolchain-requirements.md
win32-build.md
fuzzing
gio
girepository
glib
gmodule
gobject
gthread
m4macros
po
subprojects
tests
tools
.clang-format
.dir-locals.el
.editorconfig
.gitignore
.gitlab-ci.yml
.gitmodules
.lcovrc
CODE_OF_CONDUCT.md
CONTRIBUTING.md
COPYING
INSTALL.md
NEWS
README.md
SECURITY.md
glib.doap
meson.build
meson.options
ac7cbb146e
Move it to a separate Markdown page. Signed-off-by: Philip Withnall <philip@tecnocode.co.uk> Helps: #3037
38 lines
1.7 KiB
Markdown
38 lines
1.7 KiB
Markdown
Title: TLS Overview
|
|
SPDX-License-Identifier: LGPL-2.1-or-later
|
|
SPDX-FileCopyrightText: 2010 Dan Winship
|
|
SPDX-FileCopyrightText: 2015 Collabora, Ltd.
|
|
|
|
# TLS Overview
|
|
|
|
[class@Gio.TlsConnection] and related classes provide TLS (Transport Layer
|
|
Security, previously known as SSL, Secure Sockets Layer) support for GIO-based
|
|
network streams.
|
|
|
|
[iface@Gio.DtlsConnection] and related classes provide DTLS (Datagram TLS)
|
|
support for GIO-based network sockets, using the [iface@Gio.DatagramBased]
|
|
interface. The TLS and DTLS APIs are almost identical, except TLS is
|
|
stream-based and DTLS is datagram-based. They share certificate and backend
|
|
infrastructure.
|
|
|
|
In the simplest case, for a client TLS connection, you can just set the
|
|
[property@Gio.SocketClient:tls] flag on a [class@Gio.SocketClient], and then any
|
|
connections created by that client will have TLS negotiated automatically, using
|
|
appropriate default settings, and rejecting any invalid or self-signed
|
|
certificates (unless you change that default by setting the
|
|
[property@Gio.SocketClient:tls-validation-flags] property). The returned object
|
|
will be a [class@Gio.TcpWrapperConnection], which wraps the underlying
|
|
[iface@Gio.TlsClientConnection].
|
|
|
|
For greater control, you can create your own [iface@Gio.TlsClientConnection],
|
|
wrapping a [class@Gio.SocketConnection] (or an arbitrary [class@Gio.IOStream]
|
|
with pollable input and output streams) and then connect to its signals,
|
|
such as [signal@Gio.TlsConnection::accept-certificate], before starting the
|
|
handshake.
|
|
|
|
Server-side TLS is similar, using [iface@Gio.TlsServerConnection]. At the
|
|
moment, there is no support for automatically wrapping server-side
|
|
connections in the way [class@Gio.SocketClient] does for client-side
|
|
connections.
|
|
|