/** * g_tls_interaction_ask_password_finish: * @interaction: a #GTlsInteraction object * @result: the result passed to the callback * @error: an optional location to place an error on failure * * Complete an ask password user interaction request. This should be once * the g_tls_interaction_ask_password_async() completion callback is called. * * If %G_TLS_INTERACTION_HANDLED is returned, then the #GTlsPassword passed * to g_tls_interaction_ask_password() will have its password filled in. * * If the interaction is cancelled by the cancellation object, or by the * user then %G_TLS_INTERACTION_FAILED will be returned with an error that * contains a %G_IO_ERROR_CANCELLED error code. * * Returns: The status of the ask password interaction. * * Since: 2.30 */ GTlsInteractionResult g_tls_interaction_ask_password_finish (GTlsInteraction *interaction, GAsyncResult *result, GError **error) { GTlsInteractionClass *klass; g_return_val_if_fail (G_IS_TLS_INTERACTION (interaction), G_TLS_INTERACTION_UNHANDLED); g_return_val_if_fail (G_IS_ASYNC_RESULT (result), G_TLS_INTERACTION_UNHANDLED); /* If it's one of our simple unhandled async results, handle here */ if (g_simple_async_result_is_valid (result, G_OBJECT (interaction), g_tls_interaction_ask_password_async)) { return G_TLS_INTERACTION_UNHANDLED; } /* Invoke finish of derived class */ else { klass = G_TLS_INTERACTION_GET_CLASS (interaction); g_return_val_if_fail (klass->ask_password_finish, G_TLS_INTERACTION_UNHANDLED); return (klass->ask_password_finish) (interaction, result, error); } }
/** * g_tls_database_verify_chain_async: * @self: a #GTlsDatabase * @chain: a #GTlsCertificate chain * @purpose: the purpose that this certificate chain will be used for. * @identity: (allow-none): the expected peer identity * @interaction: (allow-none): used to interact with the user if necessary * @flags: additional verify flags * @cancellable: (allow-none): a #GCancellable, or %NULL * @callback: callback to call when the operation completes * @user_data: the data to pass to the callback function * * Asynchronously verify's a certificate chain after looking up and adding * any missing certificates to the chain. See g_tls_database_verify_chain() * for more information. * * Since: 2.30 */ void g_tls_database_verify_chain_async (GTlsDatabase *self, GTlsCertificate *chain, const gchar *purpose, GSocketConnectable *identity, GTlsInteraction *interaction, GTlsDatabaseVerifyFlags flags, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { g_return_if_fail (G_IS_TLS_DATABASE (self)); g_return_if_fail (G_IS_TLS_CERTIFICATE (chain)); g_return_if_fail (purpose != NULL); g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); g_return_if_fail (identity == NULL || G_IS_SOCKET_CONNECTABLE (identity)); g_return_if_fail (callback != NULL); g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain_async); G_TLS_DATABASE_GET_CLASS (self)->verify_chain_async (self, chain, purpose, identity, interaction, flags, cancellable, callback, user_data); }
/** * g_tls_interaction_ask_password_async: * @interaction: a #GTlsInteraction object * @password: a #GTlsPassword object * @cancellable: an optional #GCancellable cancellation object * @callback: (allow-none): will be called when the interaction completes * @user_data: (allow-none): data to pass to the @callback * * Run asynchronous interaction to ask the user for a password. In general, * g_tls_interaction_invoke_ask_password() should be used instead of this * function. * * Derived subclasses usually implement a password prompt, although they may * also choose to provide a password from elsewhere. The @password value will * be filled in and then @callback will be called. Alternatively the user may * abort this password request, which will usually abort the TLS connection. * * If the interaction is cancelled by the cancellation object, or by the * user then %G_TLS_INTERACTION_FAILED will be returned with an error that * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may * not support immediate cancellation. * * Certain implementations may not support immediate cancellation. * * Since: 2.30 */ void g_tls_interaction_ask_password_async (GTlsInteraction *interaction, GTlsPassword *password, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GTlsInteractionClass *klass; GSimpleAsyncResult *res; g_return_if_fail (G_IS_TLS_INTERACTION (interaction)); g_return_if_fail (G_IS_TLS_PASSWORD (password)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); klass = G_TLS_INTERACTION_GET_CLASS (interaction); if (klass->ask_password_async) { g_return_if_fail (klass->ask_password_finish); (klass->ask_password_async) (interaction, password, cancellable, callback, user_data); } else { res = g_simple_async_result_new (G_OBJECT (interaction), callback, user_data, g_tls_interaction_ask_password_async); g_simple_async_result_complete_in_idle (res); g_object_unref (res); } }
/** * g_tls_interaction_ask_password_async: * @interaction: a #GTlsInteraction object * @password: a #GTlsPassword object * @cancellable: an optional #GCancellable cancellation object * @callback: (allow-none): will be called when the interaction completes * @user_data: (allow-none): data to pass to the @callback * * Run asynchronous interaction to ask the user for a password. In general, * g_tls_interaction_invoke_ask_password() should be used instead of this * function. * * Derived subclasses usually implement a password prompt, although they may * also choose to provide a password from elsewhere. The @password value will * be filled in and then @callback will be called. Alternatively the user may * abort this password request, which will usually abort the TLS connection. * * If the interaction is cancelled by the cancellation object, or by the * user then %G_TLS_INTERACTION_FAILED will be returned with an error that * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may * not support immediate cancellation. * * Certain implementations may not support immediate cancellation. * * Since: 2.30 */ void g_tls_interaction_ask_password_async (GTlsInteraction *interaction, GTlsPassword *password, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GTlsInteractionClass *klass; GTask *task; g_return_if_fail (G_IS_TLS_INTERACTION (interaction)); g_return_if_fail (G_IS_TLS_PASSWORD (password)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); klass = G_TLS_INTERACTION_GET_CLASS (interaction); if (klass->ask_password_async) { g_return_if_fail (klass->ask_password_finish); (klass->ask_password_async) (interaction, password, cancellable, callback, user_data); } else { task = g_task_new (interaction, cancellable, callback, user_data); g_task_set_source_tag (task, g_tls_interaction_ask_password_async); g_task_return_int (task, G_TLS_INTERACTION_UNHANDLED); g_object_unref (task); } }
/** * g_tls_database_verify_chain: * @self: a #GTlsDatabase * @chain: a #GTlsCertificate chain * @purpose: the purpose that this certificate chain will be used for. * @identity: (allow-none): the expected peer identity * @interaction: (allow-none): used to interact with the user if necessary * @flags: additional verify flags * @cancellable: (allow-none): a #GCancellable, or %NULL * @error: (allow-none): a #GError, or %NULL * * Verify's a certificate chain after looking up and adding any missing * certificates to the chain. * * @chain is a chain of #GTlsCertificate objects each pointing to the next * certificate in the chain by its %issuer property. The chain may initially * consist of one or more certificates. After the verification process is * complete, @chain may be modified by adding missing certificates, or removing * extra certificates. If a certificate anchor was found, then it is added to * the @chain. * * @purpose describes the purpose (or usage) for which the certificate * is being used. Typically @purpose will be set to #G_TLS_DATABASE_PURPOSE_AUTHENTICATE_SERVER * which means that the certificate is being used to authenticate a server * (and we are acting as the client). * * The @identity is used to check for pinned certificates (trust exceptions) * in the database. These will override the normal verification process on a * host by host basis. * * Currently there are no @flags, and %G_TLS_DATABASE_VERIFY_NONE should be * used. * * This function can block, use g_tls_database_verify_chain_async() to perform * the verification operation asynchronously. * * Return value: the appropriate #GTlsCertificateFlags which represents the * result of verification. * * Since: 2.30 */ GTlsCertificateFlags g_tls_database_verify_chain (GTlsDatabase *self, GTlsCertificate *chain, const gchar *purpose, GSocketConnectable *identity, GTlsInteraction *interaction, GTlsDatabaseVerifyFlags flags, GCancellable *cancellable, GError **error) { g_return_val_if_fail (G_IS_TLS_DATABASE (self), G_TLS_CERTIFICATE_GENERIC_ERROR); g_return_val_if_fail (G_IS_TLS_DATABASE (self), G_TLS_CERTIFICATE_GENERIC_ERROR); g_return_val_if_fail (G_IS_TLS_CERTIFICATE (chain), G_TLS_CERTIFICATE_GENERIC_ERROR); g_return_val_if_fail (purpose, G_TLS_CERTIFICATE_GENERIC_ERROR); g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), G_TLS_CERTIFICATE_GENERIC_ERROR); g_return_val_if_fail (identity == NULL || G_IS_SOCKET_CONNECTABLE (identity), G_TLS_CERTIFICATE_GENERIC_ERROR); g_return_val_if_fail (error == NULL || *error == NULL, G_TLS_CERTIFICATE_GENERIC_ERROR); g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->verify_chain, G_TLS_CERTIFICATE_GENERIC_ERROR); return G_TLS_DATABASE_GET_CLASS (self)->verify_chain (self, chain, purpose, identity, interaction, flags, cancellable, error); }
/** * g_dtls_connection_set_interaction: * @conn: a connection * @interaction: (allow-none): an interaction object, or %NULL * * Set the object that will be used to interact with the user. It will be used * for things like prompting the user for passwords. * * The @interaction argument will normally be a derived subclass of * #GTlsInteraction. %NULL can also be provided if no user interaction * should occur for this connection. * * Since: 2.48 */ void g_dtls_connection_set_interaction (GDtlsConnection *conn, GTlsInteraction *interaction) { g_return_if_fail (G_IS_DTLS_CONNECTION (conn)); g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction)); g_object_set (G_OBJECT (conn), "interaction", interaction, NULL); }
/** * g_tls_interaction_ask_password: * @interaction: a #GTlsInteraction object * @password: a #GTlsPassword object * @cancellable: an optional #GCancellable cancellation object * @error: an optional location to place an error on failure * * Run synchronous interaction to ask the user for a password. In general, * g_tls_interaction_invoke_ask_password() should be used instead of this * function. * * Derived subclasses usually implement a password prompt, although they may * also choose to provide a password from elsewhere. The @password value will * be filled in and then @callback will be called. Alternatively the user may * abort this password request, which will usually abort the TLS connection. * * If the interaction is cancelled by the cancellation object, or by the * user then %G_TLS_INTERACTION_FAILED will be returned with an error that * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may * not support immediate cancellation. * * Returns: The status of the ask password interaction. * * Since: 2.30 */ GTlsInteractionResult g_tls_interaction_ask_password (GTlsInteraction *interaction, GTlsPassword *password, GCancellable *cancellable, GError **error) { GTlsInteractionClass *klass; g_return_val_if_fail (G_IS_TLS_INTERACTION (interaction), G_TLS_INTERACTION_UNHANDLED); g_return_val_if_fail (G_IS_TLS_PASSWORD (password), G_TLS_INTERACTION_UNHANDLED); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), G_TLS_INTERACTION_UNHANDLED); klass = G_TLS_INTERACTION_GET_CLASS (interaction); if (klass->ask_password) return (klass->ask_password) (interaction, password, cancellable, error); else return G_TLS_INTERACTION_UNHANDLED; }
/** * g_tls_database_lookup_certificates_issued_by: * @self: a #GTlsDatabase * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN. * @interaction: (allow-none): used to interact with the user if necessary * @flags: Flags which affect the lookup operation. * @cancellable: (allow-none): a #GCancellable, or %NULL * @error: (allow-none): a #GError, or %NULL * * Lookup certificates issued by this issuer in the database. * * This function can block, use g_tls_database_lookup_certificates_issued_by_async() to perform * the lookup operation asynchronously. * * Return value: (transfer full) (element-type GTlsCertificate): a newly allocated list of #GTlsCertificate * objects. Use g_object_unref() on each certificate, and g_list_free() on the release the list. * * Since: 2.30 */ GList* g_tls_database_lookup_certificates_issued_by (GTlsDatabase *self, GByteArray *issuer_raw_dn, GTlsInteraction *interaction, GTlsDatabaseLookupFlags flags, GCancellable *cancellable, GError **error) { g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL); g_return_val_if_fail (issuer_raw_dn, NULL); g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by, NULL); return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by (self, issuer_raw_dn, interaction, flags, cancellable, error); }
/** * g_tls_database_lookup_certificate_issuer: * @self: a #GTlsDatabase * @certificate: a #GTlsCertificate * @interaction: (allow-none): used to interact with the user if necessary * @flags: flags which affect the lookup operation * @cancellable: (allow-none): a #GCancellable, or %NULL * @error: (allow-none): a #GError, or %NULL * * Lookup the issuer of @certificate in the database. * * The %issuer property * of @certificate is not modified, and the two certificates are not hooked * into a chain. * * This function can block, use g_tls_database_lookup_certificate_issuer_async() to perform * the lookup operation asynchronously. * * Return value: (transfer full): a newly allocated issuer #GTlsCertificate, * or %NULL. Use g_object_unref() to release the certificate. * * Since: 2.30 */ GTlsCertificate* g_tls_database_lookup_certificate_issuer (GTlsDatabase *self, GTlsCertificate *certificate, GTlsInteraction *interaction, GTlsDatabaseLookupFlags flags, GCancellable *cancellable, GError **error) { g_return_val_if_fail (G_IS_TLS_DATABASE (self), NULL); g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL); g_return_val_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction), NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); g_return_val_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer, NULL); return G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_issuer (self, certificate, interaction, flags, cancellable, error); }
/** * g_tls_database_lookup_certificate_for_handle_async: * @self: a #GTlsDatabase * @handle: a certificate handle * @interaction: (allow-none): used to interact with the user if necessary * @flags: Flags which affect the lookup. * @cancellable: (allow-none): a #GCancellable, or %NULL * @callback: callback to call when the operation completes * @user_data: the data to pass to the callback function * * Asynchronously lookup a certificate by its handle in the database. See * g_tls_database_lookup_certificate_for_handle() for more information. * * Since: 2.30 */ void g_tls_database_lookup_certificate_for_handle_async (GTlsDatabase *self, const gchar *handle, GTlsInteraction *interaction, GTlsDatabaseLookupFlags flags, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { g_return_if_fail (G_IS_TLS_DATABASE (self)); g_return_if_fail (handle != NULL); g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_async); G_TLS_DATABASE_GET_CLASS (self)->lookup_certificate_for_handle_async (self, handle, interaction, flags, cancellable, callback, user_data); }
/** * g_tls_database_lookup_certificates_issued_by_async: * @self: a #GTlsDatabase * @issuer_raw_dn: a #GByteArray which holds the DER encoded issuer DN. * @interaction: (allow-none): used to interact with the user if necessary * @flags: Flags which affect the lookup operation. * @cancellable: (allow-none): a #GCancellable, or %NULL * @callback: callback to call when the operation completes * @user_data: the data to pass to the callback function * * Asynchronously lookup certificates issued by this issuer in the database. See * g_tls_database_lookup_certificates_issued_by() for more information. * * The database may choose to hold a reference to the issuer byte array for the duration * of of this asynchronous operation. The byte array should not be modified during * this time. * * Since: 2.30 */ void g_tls_database_lookup_certificates_issued_by_async (GTlsDatabase *self, GByteArray *issuer_raw_dn, GTlsInteraction *interaction, GTlsDatabaseLookupFlags flags, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { g_return_if_fail (G_IS_TLS_DATABASE (self)); g_return_if_fail (issuer_raw_dn != NULL); g_return_if_fail (interaction == NULL || G_IS_TLS_INTERACTION (interaction)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); g_return_if_fail (callback != NULL); g_return_if_fail (G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_async); G_TLS_DATABASE_GET_CLASS (self)->lookup_certificates_issued_by_async (self, issuer_raw_dn, interaction, flags, cancellable, callback, user_data); }
/** * g_tls_interaction_ask_password_finish: * @interaction: a #GTlsInteraction object * @result: the result passed to the callback * @error: an optional location to place an error on failure * * Complete an ask password user interaction request. This should be once * the g_tls_interaction_ask_password_async() completion callback is called. * * If %G_TLS_INTERACTION_HANDLED is returned, then the #GTlsPassword passed * to g_tls_interaction_ask_password() will have its password filled in. * * If the interaction is cancelled by the cancellation object, or by the * user then %G_TLS_INTERACTION_FAILED will be returned with an error that * contains a %G_IO_ERROR_CANCELLED error code. * * Returns: The status of the ask password interaction. * * Since: 2.30 */ GTlsInteractionResult g_tls_interaction_ask_password_finish (GTlsInteraction *interaction, GAsyncResult *result, GError **error) { GTlsInteractionClass *klass; g_return_val_if_fail (G_IS_TLS_INTERACTION (interaction), G_TLS_INTERACTION_UNHANDLED); g_return_val_if_fail (G_IS_ASYNC_RESULT (result), G_TLS_INTERACTION_UNHANDLED); klass = G_TLS_INTERACTION_GET_CLASS (interaction); if (klass->ask_password_finish) { g_return_val_if_fail (klass->ask_password_async != NULL, G_TLS_INTERACTION_UNHANDLED); return (klass->ask_password_finish) (interaction, result, error); } else { g_return_val_if_fail (g_async_result_is_tagged (result, g_tls_interaction_ask_password_async), G_TLS_INTERACTION_UNHANDLED); return g_task_propagate_int (G_TASK (result), error); } }
/** * g_tls_interaction_invoke_ask_password: * @interaction: a #GTlsInteraction object * @password: a #GTlsPassword object * @cancellable: an optional #GCancellable cancellation object * @error: an optional location to place an error on failure * * Invoke the interaction to ask the user for a password. It invokes this * interaction in the main loop, specifically the #GMainContext returned by * g_main_context_get_thread_default() when the interaction is created. This * is called by called by #GTlsConnection or #GTlsDatabase to ask the user * for a password. * * Derived subclasses usually implement a password prompt, although they may * also choose to provide a password from elsewhere. The @password value will * be filled in and then @callback will be called. Alternatively the user may * abort this password request, which will usually abort the TLS connection. * * The implementation can either be a synchronous (eg: modal dialog) or an * asynchronous one (eg: modeless dialog). This function will take care of * calling which ever one correctly. * * If the interaction is cancelled by the cancellation object, or by the * user then %G_TLS_INTERACTION_FAILED will be returned with an error that * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may * not support immediate cancellation. * * Returns: The status of the ask password interaction. * * Since: 2.30 */ GTlsInteractionResult g_tls_interaction_invoke_ask_password (GTlsInteraction *interaction, GTlsPassword *password, GCancellable *cancellable, GError **error) { GTlsInteractionResult result; InvokeClosure *closure; GTlsInteractionClass *klass; g_return_val_if_fail (G_IS_TLS_INTERACTION (interaction), G_TLS_INTERACTION_UNHANDLED); g_return_val_if_fail (G_IS_TLS_PASSWORD (password), G_TLS_INTERACTION_UNHANDLED); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), G_TLS_INTERACTION_UNHANDLED); closure = invoke_closure_new (interaction, G_OBJECT (password), cancellable); klass = G_TLS_INTERACTION_GET_CLASS (interaction); if (klass->ask_password) { g_main_context_invoke (interaction->priv->context, on_invoke_ask_password_sync, closure); result = invoke_closure_wait_and_free (closure, error); } else if (klass->ask_password_async) { g_return_val_if_fail (klass->ask_password_finish, G_TLS_INTERACTION_UNHANDLED); g_main_context_invoke (interaction->priv->context, on_invoke_ask_password_async_as_sync, closure); /* * Handle the case where we've been called from within the main context * or in the case where the main context is not running. This approximates * the behavior of a modal dialog. */ if (g_main_context_acquire (interaction->priv->context)) { while (!closure->complete) { g_mutex_unlock (closure->mutex); g_main_context_iteration (interaction->priv->context, TRUE); g_mutex_lock (closure->mutex); } g_main_context_release (interaction->priv->context); if (closure->error) { g_propagate_error (error, closure->error); closure->error = NULL; } result = closure->result; invoke_closure_free (closure); } /* * Handle the case where we're in a different thread than the main * context and a main loop is running. */ else { result = invoke_closure_wait_and_free (closure, error); } } else { result = G_TLS_INTERACTION_UNHANDLED; invoke_closure_free (closure); } return result; }