// Generated by gmmproc 2.66.3 -- DO NOT MODIFY! #ifndef _GIOMM_TLSCLIENTCONNECTION_H #define _GIOMM_TLSCLIENTCONNECTION_H #include #include /* Copyright (C) 2013 The giomm Development Team * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library. If not, see . */ #include #include #include #ifndef DOXYGEN_SHOULD_SKIP_THIS typedef struct _GTlsClientConnectionInterface GTlsClientConnectionInterface; #endif /* DOXYGEN_SHOULD_SKIP_THIS */ #ifndef DOXYGEN_SHOULD_SKIP_THIS using GTlsClientConnection = struct _GTlsClientConnection; using GTlsClientConnectionClass = struct _GTlsClientConnectionClass; #endif /* DOXYGEN_SHOULD_SKIP_THIS */ #ifndef DOXYGEN_SHOULD_SKIP_THIS namespace Gio { class GIOMM_API TlsClientConnection_Class; } // namespace Gio #endif // DOXYGEN_SHOULD_SKIP_THIS namespace Gio { class GIOMM_API SocketConnectable; /** TlsClientConnection - TLS client-side connection. * TlsClientConnection is the client-side subclass of TlsConnection, * representing a client-side TLS connection. * @newin{2,36} */ class GIOMM_API TlsClientConnection : public Glib::Interface, public TlsConnection { #ifndef DOXYGEN_SHOULD_SKIP_THIS public: using CppObjectType = TlsClientConnection; using CppClassType = TlsClientConnection_Class; using BaseObjectType = GTlsClientConnection; using BaseClassType = GTlsClientConnectionInterface; // noncopyable TlsClientConnection(const TlsClientConnection&) = delete; TlsClientConnection& operator=(const TlsClientConnection&) = delete; private: friend class TlsClientConnection_Class; static CppClassType tlsclientconnection_class_; #endif /* DOXYGEN_SHOULD_SKIP_THIS */ protected: /** * You should derive from this class to use it. */ TlsClientConnection(); #ifndef DOXYGEN_SHOULD_SKIP_THIS /** Called by constructors of derived classes. Provide the result of * the Class init() function to ensure that it is properly * initialized. * * @param interface_class The Class object for the derived type. */ explicit TlsClientConnection(const Glib::Interface_Class& interface_class); public: // This is public so that C++ wrapper instances can be // created for C instances of unwrapped types. // For instance, if an unexpected C type implements the C interface. explicit TlsClientConnection(GTlsClientConnection* castitem); protected: #endif /* DOXYGEN_SHOULD_SKIP_THIS */ public: TlsClientConnection(TlsClientConnection&& src) noexcept; TlsClientConnection& operator=(TlsClientConnection&& src) noexcept; ~TlsClientConnection() noexcept override; static void add_interface(GType gtype_implementer); /** Get the GType for this class, for use with the underlying GObject type system. */ static GType get_type() G_GNUC_CONST; #ifndef DOXYGEN_SHOULD_SKIP_THIS static GType get_base_type() G_GNUC_CONST; #endif ///Provides access to the underlying C GObject. GTlsClientConnection* gobj() { return reinterpret_cast(gobject_); } ///Provides access to the underlying C GObject. const GTlsClientConnection* gobj() const { return reinterpret_cast(gobject_); } private: public: //TODO: It's not possible to use _WRAP_CTOR/_WRAP_CREATE to wrap the new //function because this is an interface. /** Creates a new TlsClientConnection wrapping @a base_io_stream (which * must have pollable input and output streams) which is assumed to * communicate with the server identified by @a server_identity. * * See the documentation for TlsConnection::property_base_io_stream() for restrictions * on when application code can run operations on the @a base_io_stream after * this function has returned. * * @newin{2,28} * * @param base_io_stream The IOStream to wrap. * @param server_identity The expected identity of the server. * @return The new * TlsClientConnection, or nullptr on error. * * @throws Glib::Error */ static Glib::RefPtr create(const Glib::RefPtr& base_io_stream, const Glib::RefPtr& server_identity); /// A create() convenience overload. static Glib::RefPtr create(const Glib::RefPtr& base_io_stream); /** Sets @a conn's expected server identity, which is used both to tell * servers on virtual hosts which certificate to present, and also * to let @a conn know what name to look for in the certificate when * performing TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled. * * @newin{2,28} * * @param identity A SocketConnectable describing the expected server identity. */ void set_server_identity(const Glib::RefPtr& identity); /** Gets @a conn's expected server identity * * @newin{2,28} * * @return A SocketConnectable describing the * expected server identity, or nullptr if the expected identity is not * known. */ Glib::RefPtr get_server_identity(); /** Gets @a conn's expected server identity * * @newin{2,28} * * @return A SocketConnectable describing the * expected server identity, or nullptr if the expected identity is not * known. */ Glib::RefPtr get_server_identity() const; // g_tls_client_connection_set/get_validation_flags() are deprecated in glib 2.72. /** Sets this client connection's validation flags, to override the default set of * checks performed when validating a server certificate. By default, * Gio::TLS_CERTIFICATE_VALIDATE_ALL is used. * * This function does not work as originally designed and is impossible * to use correctly. * * @newin{2,28} * * @param flags The TlsCertificateFlags to use. */ void set_validation_flags(TlsCertificateFlags flags); /** Gets this client connection's validation flags * * This function does not work as originally designed and is impossible * to use correctly. * * @newin{2,28} * * @return The validation flags. */ TlsCertificateFlags get_validation_flags() const; #ifndef GIOMM_DISABLE_DEPRECATED /** Since GLib 2.42.1, SSL 3.0 is no longer supported. * * From GLib 2.42.1 through GLib 2.62, this function could be used to * force use of TLS 1.0, the lowest-supported TLS protocol version at * the time. In the past, this was needed to connect to broken TLS * servers that exhibited protocol version intolerance. Such servers * are no longer common, and using TLS 1.0 is no longer considered * acceptable. * * Since GLib 2.64, this function does nothing. * * @newin{2,28} * * Deprecated: 2.56: SSL 3.0 is insecure. * * @deprecated SSL 3.0 is insecure, and this function does not generally enable or disable it, despite its name. * * @param use_ssl3 A bool, ignored. */ void set_use_ssl3(bool use_ssl3 = true); #endif // GIOMM_DISABLE_DEPRECATED #ifndef GIOMM_DISABLE_DEPRECATED /** SSL 3.0 is no longer supported. See * g_tls_client_connection_set_use_ssl3() for details. * * @newin{2,28} * * Deprecated: 2.56: SSL 3.0 is insecure. * * @deprecated SSL 3.0 is insecure, and this function does not actually indicate whether it is enabled. * * @return false. */ bool get_use_ssl3() const; #endif // GIOMM_DISABLE_DEPRECATED /** Gets the list of distinguished names of the Certificate Authorities * that the server will accept certificates from. This will be set * during the TLS handshake if the server requests a certificate. * Otherwise, it will be nullptr. * * Each item in the list is a ByteArray which contains the complete * subject DN of the certificate authority. * * @newin{2,28} * * @return The list of * CA DNs. */ std::vector< Glib::RefPtr > get_accepted_cas(); /** Gets the list of distinguished names of the Certificate Authorities * that the server will accept certificates from. This will be set * during the TLS handshake if the server requests a certificate. * Otherwise, it will be nullptr. * * Each item in the list is a ByteArray which contains the complete * subject DN of the certificate authority. * * @newin{2,28} * * @return The list of * CA DNs. */ std::vector< Glib::RefPtr > get_accepted_cas() const; /** Possibly copies session state from one connection to another, for use * in TLS session resumption. This is not normally needed, but may be * used when the same session needs to be used between different * endpoints, as is required by some protocols, such as FTP over TLS. * @a source should have already completed a handshake and, since TLS 1.3, * it should have been used to read data at least once. @a conn should not * have completed a handshake. * * It is not possible to know whether a call to this function will * actually do anything. Because session resumption is normally used * only for performance benefit, the TLS backend might not implement * this function. Even if implemented, it may not actually succeed in * allowing @a conn to resume @a source's TLS session, because the server * may not have sent a session resumption token to @a source, or it may * refuse to accept the token from @a conn. There is no way to know * whether a call to this function is actually successful. * * Using this function is not required to benefit from session * resumption. If the TLS backend supports session resumption, the * session will be resumed automatically if it is possible to do so * without weakening the privacy guarantees normally provided by TLS, * without need to call this function. For example, with TLS 1.3, * a session ticket will be automatically copied from any * TlsClientConnection that has previously received session tickets * from the server, provided a ticket is available that has not * previously been used for session resumption, since session ticket * reuse would be a privacy weakness. Using this function causes the * ticket to be copied without regard for privacy considerations. * * @newin{2,46} * * @param source A TlsClientConnection. */ void copy_session_state(const Glib::RefPtr& source); // property_accepted_cas() won't work unless a Glib::Value>> // specialization is added. Workaround: Use get_accepted_cas(). #ifndef GIOMM_DISABLE_DEPRECATED /** A list of the distinguished names of the Certificate Authorities * that the server will accept client certificates signed by. If the * server requests a client certificate during the handshake, then * this property will be set after the handshake completes. * * Each item in the list is a ByteArray which contains the complete * subject DN of the certificate authority. * * @newin{2,28} * * @deprecated property_accepted_cas() does not work. Use get_accepted_cas() instead. * * @return A PropertyProxy_ReadOnly that allows you to get the value of the property, * or receive notification when the value of the property changes. */ Glib::PropertyProxy_ReadOnly< std::vector< Glib::RefPtr > > property_accepted_cas() const; #endif // GIOMM_DISABLE_DEPRECATED /** A SocketConnectable describing the identity of the server that * is expected on the other end of the connection. * * If the TLS_CERTIFICATE_BAD_IDENTITY flag is set in * TlsClientConnection::property_validation_flags(), this object will be used * to determine the expected identify of the remote end of the * connection; if TlsClientConnection::property_server_identity() is not set, * or does not match the identity presented by the server, then the * TLS_CERTIFICATE_BAD_IDENTITY validation will fail. * * In addition to its use in verifying the server certificate, * this is also used to give a hint to the server about what * certificate we expect, which is useful for servers that serve * virtual hosts. * * @newin{2,28} * * @return A PropertyProxy that allows you to get or set the value of the property, * or receive notification when the value of the property changes. */ Glib::PropertyProxy< Glib::RefPtr > property_server_identity() ; /** A SocketConnectable describing the identity of the server that * is expected on the other end of the connection. * * If the TLS_CERTIFICATE_BAD_IDENTITY flag is set in * TlsClientConnection::property_validation_flags(), this object will be used * to determine the expected identify of the remote end of the * connection; if TlsClientConnection::property_server_identity() is not set, * or does not match the identity presented by the server, then the * TLS_CERTIFICATE_BAD_IDENTITY validation will fail. * * In addition to its use in verifying the server certificate, * this is also used to give a hint to the server about what * certificate we expect, which is useful for servers that serve * virtual hosts. * * @newin{2,28} * * @return A PropertyProxy_ReadOnly that allows you to get the value of the property, * or receive notification when the value of the property changes. */ Glib::PropertyProxy_ReadOnly< Glib::RefPtr > property_server_identity() const; #ifndef GIOMM_DISABLE_DEPRECATED /** SSL 3.0 is no longer supported. See * g_tls_client_connection_set_use_ssl3() for details. * * @newin{2,28} * * Deprecated: 2.56: SSL 3.0 is insecure. * * @deprecated SSL 3.0 is insecure, and this property does not generally enable or disable it, despite its name. * * Default value: false * * @return A PropertyProxy that allows you to get or set the value of the property, * or receive notification when the value of the property changes. */ Glib::PropertyProxy< bool > property_use_ssl3() ; /** SSL 3.0 is no longer supported. See * g_tls_client_connection_set_use_ssl3() for details. * * @newin{2,28} * * Deprecated: 2.56: SSL 3.0 is insecure. * * @deprecated SSL 3.0 is insecure, and this property does not generally enable or disable it, despite its name. * * Default value: false * * @return A PropertyProxy_ReadOnly that allows you to get the value of the property, * or receive notification when the value of the property changes. */ Glib::PropertyProxy_ReadOnly< bool > property_use_ssl3() const; #endif // GIOMM_DISABLE_DEPRECATED /** What steps to perform when validating a certificate received from * a server. Server certificates that fail to validate in any of the * ways indicated here will be rejected unless the application * overrides the default via TlsConnection::signal_accept_certificate(). * * @newin{2,28} * * Default value: TLS_CERTIFICATE_UNKNOWN_CA | TLS_CERTIFICATE_BAD_IDENTITY | TLS_CERTIFICATE_NOT_ACTIVATED | TLS_CERTIFICATE_EXPIRED | TLS_CERTIFICATE_REVOKED | TLS_CERTIFICATE_INSECURE | TLS_CERTIFICATE_GENERIC_ERROR * * @return A PropertyProxy that allows you to get or set the value of the property, * or receive notification when the value of the property changes. */ Glib::PropertyProxy< TlsCertificateFlags > property_validation_flags() ; /** What steps to perform when validating a certificate received from * a server. Server certificates that fail to validate in any of the * ways indicated here will be rejected unless the application * overrides the default via TlsConnection::signal_accept_certificate(). * * @newin{2,28} * * Default value: TLS_CERTIFICATE_UNKNOWN_CA | TLS_CERTIFICATE_BAD_IDENTITY | TLS_CERTIFICATE_NOT_ACTIVATED | TLS_CERTIFICATE_EXPIRED | TLS_CERTIFICATE_REVOKED | TLS_CERTIFICATE_INSECURE | TLS_CERTIFICATE_GENERIC_ERROR * * @return A PropertyProxy_ReadOnly that allows you to get the value of the property, * or receive notification when the value of the property changes. */ Glib::PropertyProxy_ReadOnly< TlsCertificateFlags > property_validation_flags() const; public: public: //C++ methods used to invoke GTK+ virtual functions: protected: //GTK+ Virtual Functions (override these to change behaviour): //Default Signal Handlers:: }; } // namespace Gio namespace Glib { /** A Glib::wrap() method for this object. * * @param object The C instance. * @param take_copy False if the result should take ownership of the C instance. True if it should take a new copy or ref. * @result A C++ instance that wraps this C instance. * * @relates Gio::TlsClientConnection */ GIOMM_API Glib::RefPtr wrap(GTlsClientConnection* object, bool take_copy = false); } // namespace Glib #endif /* _GIOMM_TLSCLIENTCONNECTION_H */