DtlsClientConnection

GDtlsClientConnection is the client-side subclass of iface@Gio.DtlsConnection, representing a client-side DTLS connection.

Since

2.48

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
open val acceptedCas: <Error class: unknown class>

A list of the distinguished names of the Certificate Authorities that the server will accept client certificates signed by. If the server requests a client certificate during the handshake, then this property will be set after the handshake completes.

Link copied to clipboard

The name of the DTLS ciphersuite in use. See g_dtls_connection_get_ciphersuite_name().

Link copied to clipboard

The certificate database to use when verifying this TLS connection. If no certificate database is set, then the default database will be used. See g_tls_backend_get_default_database().

Link copied to clipboard
open override val gioDatagramBasedPointer: <Error class: unknown class><<Error class: unknown class>>
Link copied to clipboard
abstract val gioDtlsClientConnectionPointer: <Error class: unknown class><<Error class: unknown class>>
Link copied to clipboard
open override val gioDtlsConnectionPointer: <Error class: unknown class><<Error class: unknown class>>
Link copied to clipboard

A #GTlsInteraction object to be used when the connection or certificate database need to interact with the user. This will be used to prompt the user for passwords where necessary.

Link copied to clipboard

The application-layer protocol negotiated during the TLS handshake. See g_dtls_connection_get_negotiated_protocol().

Link copied to clipboard

The connection's peer's certificate, after the TLS handshake has completed or failed. Note in particular that this is not yet set during the emission of #GDtlsConnection::accept-certificate.

Link copied to clipboard

The errors noticed while verifying #GDtlsConnection:peer-certificate. Normally this should be 0, but it may not be if #GDtlsClientConnection:validation-flags is not %G_TLS_CERTIFICATE_VALIDATE_ALL, or if #GDtlsConnection::accept-certificate overrode the default behavior.

Link copied to clipboard

The DTLS protocol version in use. See g_dtls_connection_get_protocol_version().

Link copied to clipboard

The rehandshaking mode. See g_dtls_connection_set_rehandshake_mode().

Link copied to clipboard

Whether or not proper TLS close notification is required. See g_dtls_connection_set_require_close_notify().

Link copied to clipboard

A #GSocketConnectable describing the identity of the server that is expected on the other end of the connection.

Link copied to clipboard

What steps to perform when validating a certificate received from a server. Server certificates that fail to validate in any of the ways indicated here will be rejected unless the application overrides the default via #GDtlsConnection::accept-certificate.

Functions

Link copied to clipboard
open fun close(cancellable: Cancellable? = null): <Error class: unknown class><Boolean>

Close the DTLS connection. This is equivalent to calling g_dtls_connection_shutdown() to shut down both sides of the connection.

Link copied to clipboard
open fun closeAsync(ioPriority: <Error class: unknown class>, cancellable: Cancellable? = null, callback: AsyncReadyCallback?)

Asynchronously close the DTLS connection. See g_dtls_connection_close() for more information.

Link copied to clipboard
open fun closeFinish(result: AsyncResult): <Error class: unknown class><Boolean>

Finish an asynchronous TLS close operation. See g_dtls_connection_close() for more information.

Link copied to clipboard
open fun conditionCheck(condition: <Error class: unknown class>): <Error class: unknown class>

Checks on the readiness of @datagram_based to perform operations. The operations specified in @condition are checked for and masked against the currently-satisfied conditions on @datagram_based. The result is returned.

Link copied to clipboard
open fun conditionWait(condition: <Error class: unknown class>, timeout: <Error class: unknown class>, cancellable: Cancellable? = null): <Error class: unknown class><Boolean>

Waits for up to @timeout microseconds for condition to become true on

Link copied to clipboard
open fun connectAcceptCertificate(connectFlags: <Error class: unknown class> = ConnectFlags(0u), handler: (peerCert: TlsCertificate, errors: TlsCertificateFlags) -> Boolean): <Error class: unknown class>

Emitted during the TLS handshake after the peer certificate has been received. You can examine @peer_cert's certification path by calling g_tls_certificate_get_issuer() on it.

Link copied to clipboard
open fun createSource(condition: <Error class: unknown class>, cancellable: Cancellable? = null): <Error class: unknown class>

Creates a #GSource that can be attached to a #GMainContext to monitor for the availability of the specified @condition on the #GDatagramBased. The #GSource keeps a reference to the @datagram_based.

Link copied to clipboard

Used by #GDtlsConnection implementations to emit the #GDtlsConnection::accept-certificate signal.

Link copied to clipboard
open fun getAcceptedCas(): <Error class: unknown class>

Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from. This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be null.

Link copied to clipboard

Gets @conn's certificate, as set by g_dtls_connection_set_certificate().

Link copied to clipboard

Returns the name of the current DTLS ciphersuite, or null if the connection has not handshaked or has been closed. Beware that the TLS backend may use any of multiple different naming conventions, because OpenSSL and GnuTLS have their own ciphersuite naming conventions that are different from each other and different from the standard, IANA- registered ciphersuite names. The ciphersuite name is intended to be displayed to the user for informative purposes only, and parsing it is not recommended.

Link copied to clipboard

Gets the certificate database that @conn uses to verify peer certificates. See g_dtls_connection_set_database().

Link copied to clipboard

Get the object that will be used to interact with the user. It will be used for things like prompting the user for passwords. If null is returned, then no user interaction will occur for this connection.

Link copied to clipboard

Gets the name of the application-layer protocol negotiated during the handshake.

Link copied to clipboard

Gets @conn's peer's certificate after the handshake has completed or failed. (It is not set during the emission of #GDtlsConnection::accept-certificate.)

Link copied to clipboard

Gets the errors associated with validating @conn's peer's certificate, after the handshake has completed or failed. (It is not set during the emission of #GDtlsConnection::accept-certificate.)

Link copied to clipboard

Returns the current DTLS protocol version, which may be %G_TLS_PROTOCOL_VERSION_UNKNOWN if the connection has not handshaked, or has been closed, or if the TLS backend has implemented a protocol version that is not a recognized #GTlsProtocolVersion.

Link copied to clipboard

Gets @conn rehandshaking mode. See g_dtls_connection_set_rehandshake_mode() for details.

Link copied to clipboard

Tests whether or not @conn expects a proper TLS close notification when the connection is closed. See g_dtls_connection_set_require_close_notify() for details.

Link copied to clipboard

Gets @conn's expected server identity

Link copied to clipboard

Gets @conn's validation flags

Link copied to clipboard
open fun handshake(cancellable: Cancellable? = null): <Error class: unknown class><Boolean>

Attempts a TLS handshake on @conn.

Link copied to clipboard
open fun handshakeAsync(ioPriority: <Error class: unknown class>, cancellable: Cancellable? = null, callback: AsyncReadyCallback?)

Asynchronously performs a TLS handshake on @conn. See g_dtls_connection_handshake() for more information.

Link copied to clipboard
open fun handshakeFinish(result: AsyncResult): <Error class: unknown class><Boolean>

Finish an asynchronous TLS handshake operation. See g_dtls_connection_handshake() for more information.

Link copied to clipboard
open fun setAdvertisedProtocols(protocols: List<String>? = null)

Sets the list of application-layer protocols to advertise that the caller is willing to speak on this connection. The Application-Layer Protocol Negotiation (ALPN) extension will be used to negotiate a compatible protocol with the peer; use g_dtls_connection_get_negotiated_protocol() to find the negotiated protocol after the handshake. Specifying null for the the value of @protocols will disable ALPN negotiation.

Link copied to clipboard
open fun setCertificate(certificate: TlsCertificate)

This sets the certificate that @conn will present to its peer during the TLS handshake. For a #GDtlsServerConnection, it is mandatory to set this, and that will normally be done at construct time.

Link copied to clipboard
open fun setDatabase(database: TlsDatabase? = null)

Sets the certificate database that is used to verify peer certificates. This is set to the default database by default. See g_tls_backend_get_default_database(). If set to null, then peer certificate validation will always set the %G_TLS_CERTIFICATE_UNKNOWN_CA error (meaning #GDtlsConnection::accept-certificate will always be emitted on client-side connections, unless that bit is not set in #GDtlsClientConnection:validation-flags).

Link copied to clipboard
open fun setInteraction(interaction: TlsInteraction? = null)

Set the object that will be used to interact with the user. It will be used for things like prompting the user for passwords.

Link copied to clipboard

Since GLib 2.64, changing the rehandshake mode is no longer supported and will have no effect. With TLS 1.3, rehandshaking has been removed from the TLS protocol, replaced by separate post-handshake authentication and rekey operations.

Link copied to clipboard
open fun setRequireCloseNotify(requireCloseNotify: Boolean)

Sets whether or not @conn expects a proper TLS close notification before the connection is closed. If this is true (the default), then @conn will expect to receive a TLS close notification from its peer before the connection is closed, and will return a %G_TLS_ERROR_EOF error if the connection is closed without proper notification (since this may indicate a network error, or man-in-the-middle attack).

Link copied to clipboard

Sets @conn's expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let @conn know what name to look for in the certificate when performing %G_TLS_CERTIFICATE_BAD_IDENTITY validation, if enabled.

Link copied to clipboard

Sets @conn's validation flags, to override the default set of checks performed when validating a server certificate. By default, %G_TLS_CERTIFICATE_VALIDATE_ALL is used.

Link copied to clipboard
open fun shutdown(shutdownRead: Boolean, shutdownWrite: Boolean, cancellable: Cancellable? = null): <Error class: unknown class><Boolean>

Shut down part or all of a DTLS connection.

Link copied to clipboard
open fun shutdownAsync(shutdownRead: Boolean, shutdownWrite: Boolean, ioPriority: <Error class: unknown class>, cancellable: Cancellable? = null, callback: AsyncReadyCallback?)

Asynchronously shut down part or all of the DTLS connection. See g_dtls_connection_shutdown() for more information.

Link copied to clipboard
open fun shutdownFinish(result: AsyncResult): <Error class: unknown class><Boolean>

Finish an asynchronous TLS shutdown operation. See g_dtls_connection_shutdown() for more information.