| /* GIO - GLib Input, Output and Streaming Library |
| * |
| * Copyright © 2010 Red Hat, Inc |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General |
| * Public License along with this library; if not, write to the |
| * Free Software Foundation, Inc., 59 Temple Place, Suite 330, |
| * Boston, MA 02111-1307, USA. |
| */ |
| |
| #include "config.h" |
| #include "glib.h" |
| |
| #include "gtlsbackend.h" |
| #include "gdummytlsbackend.h" |
| #include "gioenumtypes.h" |
| #include "giomodule-priv.h" |
| |
| /** |
| * SECTION:gtls |
| * @title: TLS Overview |
| * @short_description: TLS (aka SSL) support for GSocketConnection |
| * @include: gio/gio.h |
| * |
| * #GTlsConnection and related classes provide TLS (Transport Layer |
| * Security, previously known as SSL, Secure Sockets Layer) support for |
| * gio-based network streams. |
| * |
| * In the simplest case, for a client connection, you can just set the |
| * #GSocketClient:tls flag on a #GSocketClient, and then any |
| * connections created by that client will have TLS negotiated |
| * automatically, using appropriate default settings, and rejecting |
| * any invalid or self-signed certificates (unless you change that |
| * default by setting the #GSocketClient:tls-validation-flags |
| * property). The returned object will be a #GTcpWrapperConnection, |
| * which wraps the underlying #GTlsClientConnection. |
| * |
| * For greater control, you can create your own #GTlsClientConnection, |
| * wrapping a #GSocketConnection (or an arbitrary #GIOStream with |
| * pollable input and output streams) and then connect to its signals, |
| * such as #GTlsConnection::accept-certificate, before starting the |
| * handshake. |
| * |
| * Server-side TLS is similar, using #GTlsServerConnection. At the |
| * moment, there is no support for automatically wrapping server-side |
| * connections in the way #GSocketClient does for client-side |
| * connections. |
| */ |
| |
| /** |
| * SECTION:gtlsbackend |
| * @title: GTlsBackend |
| * @short_description: TLS backend implementation |
| * @include: gio/gio.h |
| */ |
| |
| /** |
| * GTlsBackend: |
| * |
| * Type implemented by TLS #GIOModules to provide access to additional |
| * TLS-related types. |
| * |
| * Since: 2.28 |
| */ |
| |
| G_DEFINE_INTERFACE (GTlsBackend, g_tls_backend, G_TYPE_OBJECT); |
| |
| static void |
| g_tls_backend_default_init (GTlsBackendInterface *iface) |
| { |
| } |
| |
| static gpointer |
| get_default_tls_backend (gpointer arg) |
| { |
| const char *use_this; |
| GList *extensions; |
| GIOExtensionPoint *ep; |
| GIOExtension *extension; |
| |
| _g_io_modules_ensure_loaded (); |
| |
| ep = g_io_extension_point_lookup (G_TLS_BACKEND_EXTENSION_POINT_NAME); |
| |
| use_this = g_getenv ("GIO_USE_TLS"); |
| if (use_this) |
| { |
| extension = g_io_extension_point_get_extension_by_name (ep, use_this); |
| if (extension) |
| return g_object_new (g_io_extension_get_type (extension), NULL); |
| } |
| |
| extensions = g_io_extension_point_get_extensions (ep); |
| if (extensions) |
| { |
| extension = extensions->data; |
| return g_object_new (g_io_extension_get_type (extension), NULL); |
| } |
| |
| return NULL; |
| } |
| |
| /** |
| * g_tls_backend_get_default: |
| * |
| * Gets the default #GTlsBackend for the system. |
| * |
| * Returns: a #GTlsBackend |
| * |
| * Since: 2.28 |
| */ |
| GTlsBackend * |
| g_tls_backend_get_default (void) |
| { |
| static GOnce once_init = G_ONCE_INIT; |
| |
| return g_once (&once_init, get_default_tls_backend, NULL); |
| } |
| |
| /** |
| * g_tls_backend_supports_tls: |
| * @backend: the #GTlsBackend |
| * |
| * Checks if TLS is supported; if this returns %FALSE for the default |
| * #GTlsBackend, it means no "real" TLS backend is available. |
| * |
| * Return value: whether or not TLS is supported |
| * |
| * Since: 2.28 |
| */ |
| gboolean |
| g_tls_backend_supports_tls (GTlsBackend *backend) |
| { |
| if (G_TLS_BACKEND_GET_INTERFACE (backend)->supports_tls) |
| return G_TLS_BACKEND_GET_INTERFACE (backend)->supports_tls (backend); |
| else if (G_IS_DUMMY_TLS_BACKEND (backend)) |
| return FALSE; |
| else |
| return TRUE; |
| } |
| |
| /** |
| * g_tls_backend_get_certificate_type: |
| * @backend: the #GTlsBackend |
| * |
| * Gets the #GType of @backend's #GTlsCertificate implementation. |
| * |
| * Return value: the #GType of @backend's #GTlsCertificate |
| * implementation. |
| * |
| * Since: 2.28 |
| */ |
| GType |
| g_tls_backend_get_certificate_type (GTlsBackend *backend) |
| { |
| return G_TLS_BACKEND_GET_INTERFACE (backend)->get_certificate_type (); |
| } |
| |
| /** |
| * g_tls_backend_get_client_connection_type: |
| * @backend: the #GTlsBackend |
| * |
| * Gets the #GType of @backend's #GTlsClientConnection implementation. |
| * |
| * Return value: the #GType of @backend's #GTlsClientConnection |
| * implementation. |
| * |
| * Since: 2.28 |
| */ |
| GType |
| g_tls_backend_get_client_connection_type (GTlsBackend *backend) |
| { |
| return G_TLS_BACKEND_GET_INTERFACE (backend)->get_client_connection_type (); |
| } |
| |
| /** |
| * g_tls_backend_get_server_connection_type: |
| * @backend: the #GTlsBackend |
| * |
| * Gets the #GType of @backend's #GTlsServerConnection implementation. |
| * |
| * Return value: the #GType of @backend's #GTlsServerConnection |
| * implementation. |
| * |
| * Since: 2.28 |
| */ |
| GType |
| g_tls_backend_get_server_connection_type (GTlsBackend *backend) |
| { |
| return G_TLS_BACKEND_GET_INTERFACE (backend)->get_server_connection_type (); |
| } |