c50e543e9d
WebKit wants these private key properties to be readable in order to implement a deserialization function. Currently they are read-only because at the time GTlsCertificate was originally designed, the plan was to support PKCS#11-backed private keys: private keys that are stored on a smartcard, where the private key is completely unreadable. The design goal was to support both memory-backed and smartcard-backed private keys with the same GTlsCertificate API, abstracting away the implementation differences such that code using GTlsCertificate doesn't need to know the difference. The original PKCS#11 implementation was never fully baked and at some point in the past I deleted it all. It has since been replaced with a new implementation, including a GTlsCertificate:private-key-pkcs11-uri property, which is readable. So our current API already exposes the differences between normal private keys and PKCS#11-backed private keys. The point of making the private-key and private-key-pem properties write-only was to avoid exposing this difference. Do we have to make this API function readable? No, because WebKit could be just as well served if we were to expose serialize and deserialize functions instead. But WebKit needs to support serializing and deserializing the non-private portion of GTlsCertificate with older versions of GLib anyway, so we can do whatever is nicest for GLib. And I think making this property readable is nicest, since the original design reason for it to not be readable is now obsolete. The disadvantage to this approach is that it's now possible for an application to read the private-key or private-key-pem property, receive NULL, and think "this certificate must not have a private key," which would be incorrect if the private-key-pkcs11-uri property is set. That seems like a minor risk, but it should be documented. |
||
---|---|---|
.gitlab-ci | ||
docs | ||
fuzzing | ||
gio | ||
glib | ||
gmodule | ||
gobject | ||
gthread | ||
m4macros | ||
po | ||
subprojects | ||
tests | ||
.clang-format | ||
.dir-locals.el | ||
.gitattributes | ||
.gitignore | ||
.gitlab-ci.yml | ||
AUTHORS | ||
check-abis.sh | ||
clang-format-diff.py | ||
CONTRIBUTING.md | ||
COPYING | ||
glib-gettextize.in | ||
glib.doap | ||
glib.supp | ||
HACKING | ||
INSTALL.in | ||
meson_options.txt | ||
meson.build | ||
msvc_recommended_pragmas.h | ||
NEWS | ||
NEWS.pre-1-3 | ||
README | ||
README.md | ||
README.rationale | ||
README.win32 | ||
README.win32.md | ||
SECURITY.md | ||
template-tap.test.in | ||
template.test.in |
GLib
GLib is the low-level core library that forms the basis for projects such as GTK and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system.
The official download locations are: https://download.gnome.org/sources/glib
The official web site is: https://www.gtk.org/
Installation
See the file 'INSTALL.in'
How to report bugs
Bugs should be reported to the GNOME issue tracking system. (https://gitlab.gnome.org/GNOME/glib/issues/new). You will need to create an account for yourself.
In the bug report please include:
- Information about your system. For instance:
- What operating system and version
- For Linux, what version of the C library
- And anything else you think is relevant.
- How to reproduce the bug.
- If you can reproduce it with one of the test programs that are built in the tests/ subdirectory, that will be most convenient. Otherwise, please include a short test program that exhibits the behavior. As a last resort, you can also provide a pointer to a larger piece of software that can be downloaded.
- If the bug was a crash, the exact text that was printed out when the crash occurred.
- Further information such as stack traces may be useful, but is not necessary.
Patches
Patches should also be submitted as merge requests to gitlab.gnome.org. If the patch fixes an existing issue, please refer to the issue in your commit message with the following notation (for issue 123): Closes: #123
Otherwise, create a new merge request that introduces the change, filing a separate issue is not required.
Default branch renamed to main
The default development branch of GLib has been renamed to main
. To update
your local checkout, use:
git checkout master
git branch -m master main
git fetch
git branch --unset-upstream
git branch -u origin/main
git symbolic-ref refs/remotes/origin/HEAD refs/remotes/origin/main