TlsConnection

The name of the TLS ciphersuite in use. See g_tls_connection_get_ciphersuite_name().

The certificate database to use when verifying this TLS connection. If no certificate database is set, then the default database will be used. See g_tls_backend_get_default_database().

The class@Gio.InputStream to read from.

A #GTlsInteraction object to be used when the connection or certificate database need to interact with the user. This will be used to prompt the user for passwords where necessary.

The application-layer protocol negotiated during the TLS handshake. See g_tls_connection_get_negotiated_protocol().

The class@Gio.OutputStream to write to.

The connection's peer's certificate, after the TLS handshake has completed or failed. Note in particular that this is not yet set during the emission of #GTlsConnection::accept-certificate.

The errors noticed while verifying #GTlsConnection:peer-certificate. Normally this should be 0, but it may not be if #GTlsClientConnection:validation-flags is not %G_TLS_CERTIFICATE_VALIDATE_ALL, or if #GTlsConnection::accept-certificate overrode the default behavior.

The TLS protocol version in use. See g_tls_connection_get_protocol_version().

The rehandshaking mode. See g_tls_connection_set_rehandshake_mode().

Whether or not proper TLS close notification is required. See g_tls_connection_set_require_close_notify().

Whether or not the system certificate database will be used to verify peer certificates. See g_tls_connection_set_use_system_certdb().

Clears the pending flag on @stream.

Closes the stream, releasing resources related to it. This will also close the individual input and output streams, if they are not already closed.

Requests an asynchronous close of the stream, releasing resources related to it. When the operation is finished @callback will be called. You can then call g_io_stream_close_finish() to get the result of the operation.

Closes a stream.

Emitted during the TLS handshake after the peer certificate has been received. You can examine @peer_cert's certification path by calling g_tls_certificate_get_issuer() on it.

Used by #GTlsConnection implementations to emit the #GTlsConnection::accept-certificate signal.

Gets @conn's certificate, as set by g_tls_connection_set_certificate().

Returns the name of the current TLS ciphersuite, or null if the connection has not handshaked or has been closed. Beware that the TLS backend may use any of multiple different naming conventions, because OpenSSL and GnuTLS have their own ciphersuite naming conventions that are different from each other and different from the standard, IANA- registered ciphersuite names. The ciphersuite name is intended to be displayed to the user for informative purposes only, and parsing it is not recommended.

Gets the certificate database that @conn uses to verify peer certificates. See g_tls_connection_set_database().

Gets the input stream for this object. This is used for reading.

Get the object that will be used to interact with the user. It will be used for things like prompting the user for passwords. If null is returned, then no user interaction will occur for this connection.

Gets the name of the application-layer protocol negotiated during the handshake.

Gets the output stream for this object. This is used for writing.

Gets @conn's peer's certificate after the handshake has completed or failed. (It is not set during the emission of #GTlsConnection::accept-certificate.)

Gets the errors associated with validating @conn's peer's certificate, after the handshake has completed or failed. (It is not set during the emission of #GTlsConnection::accept-certificate.)

Returns the current TLS protocol version, which may be %G_TLS_PROTOCOL_VERSION_UNKNOWN if the connection has not handshaked, or has been closed, or if the TLS backend has implemented a protocol version that is not a recognized #GTlsProtocolVersion.

Gets @conn rehandshaking mode. See g_tls_connection_set_rehandshake_mode() for details.

Tests whether or not @conn expects a proper TLS close notification when the connection is closed. See g_tls_connection_set_require_close_notify() for details.

Gets whether @conn uses the system certificate database to verify peer certificates. See g_tls_connection_set_use_system_certdb().

Attempts a TLS handshake on @conn.

Asynchronously performs a TLS handshake on @conn. See g_tls_connection_handshake() for more information.

Finish an asynchronous TLS handshake operation. See g_tls_connection_handshake() for more information.

Checks if a stream has pending actions.

Checks if a stream is closed.

Sets the list of application-layer protocols to advertise that the caller is willing to speak on this connection. The Application-Layer Protocol Negotiation (ALPN) extension will be used to negotiate a compatible protocol with the peer; use g_tls_connection_get_negotiated_protocol() to find the negotiated protocol after the handshake. Specifying null for the the value of @protocols will disable ALPN negotiation.

This sets the certificate that @conn will present to its peer during the TLS handshake. For a #GTlsServerConnection, it is mandatory to set this, and that will normally be done at construct time.

Sets the certificate database that is used to verify peer certificates. This is set to the default database by default. See g_tls_backend_get_default_database(). If set to null, then peer certificate validation will always set the %G_TLS_CERTIFICATE_UNKNOWN_CA error (meaning #GTlsConnection::accept-certificate will always be emitted on client-side connections, unless that bit is not set in #GTlsClientConnection:validation-flags).

Set the object that will be used to interact with the user. It will be used for things like prompting the user for passwords.

Sets @stream to have actions pending. If the pending flag is already set or @stream is closed, it will return false and set

Since GLib 2.64, changing the rehandshake mode is no longer supported and will have no effect. With TLS 1.3, rehandshaking has been removed from the TLS protocol, replaced by separate post-handshake authentication and rekey operations.

Sets whether or not @conn expects a proper TLS close notification before the connection is closed. If this is true (the default), then @conn will expect to receive a TLS close notification from its peer before the connection is closed, and will return a %G_TLS_ERROR_EOF error if the connection is closed without proper notification (since this may indicate a network error, or man-in-the-middle attack).

Sets whether @conn uses the system certificate database to verify peer certificates. This is true by default. If set to false, then peer certificate validation will always set the %G_TLS_CERTIFICATE_UNKNOWN_CA error (meaning #GTlsConnection::accept-certificate will always be emitted on client-side connections, unless that bit is not set in #GTlsClientConnection:validation-flags).

Asynchronously splice the output stream of @stream1 to the input stream of