Copyright	Will Thompson and Iñaki García Etxebarria
License	LGPL-2.1
Maintainer	Iñaki García Etxebarria
Safe Haskell	None
Language	Haskell2010

GI.Gio.Interfaces.DtlsClientConnection

Contents

Exported types
Methods
Properties

Description

GDtlsClientConnection is the client-side subclass of DtlsConnection, representing a client-side DTLS connection.

Since: 2.48

Synopsis

newtype DtlsClientConnection = DtlsClientConnection (ManagedPtr DtlsClientConnection)
class (GObject o, IsDescendantOf DtlsClientConnection o) => IsDtlsClientConnection o
toDtlsClientConnection :: (MonadIO m, IsDtlsClientConnection o) => o -> m DtlsClientConnection
dtlsClientConnectionGetAcceptedCas :: (HasCallStack, MonadIO m, IsDtlsClientConnection a) => a -> m [ByteString]
dtlsClientConnectionGetServerIdentity :: (HasCallStack, MonadIO m, IsDtlsClientConnection a) => a -> m SocketConnectable
dtlsClientConnectionGetValidationFlags :: (HasCallStack, MonadIO m, IsDtlsClientConnection a) => a -> m [TlsCertificateFlags]
dtlsClientConnectionNew :: (HasCallStack, MonadIO m, IsDatagramBased a, IsSocketConnectable b) => a -> Maybe b -> m DtlsClientConnection
dtlsClientConnectionSetServerIdentity :: (HasCallStack, MonadIO m, IsDtlsClientConnection a, IsSocketConnectable b) => a -> b -> m ()
dtlsClientConnectionSetValidationFlags :: (HasCallStack, MonadIO m, IsDtlsClientConnection a) => a -> [TlsCertificateFlags] -> m ()
getDtlsClientConnectionAcceptedCas :: (MonadIO m, IsDtlsClientConnection o) => o -> m [Ptr ()]
constructDtlsClientConnectionServerIdentity :: (IsDtlsClientConnection o, MonadIO m, IsSocketConnectable a) => a -> m (GValueConstruct o)
getDtlsClientConnectionServerIdentity :: (MonadIO m, IsDtlsClientConnection o) => o -> m SocketConnectable
setDtlsClientConnectionServerIdentity :: (MonadIO m, IsDtlsClientConnection o, IsSocketConnectable a) => o -> a -> m ()
constructDtlsClientConnectionValidationFlags :: (IsDtlsClientConnection o, MonadIO m) => [TlsCertificateFlags] -> m (GValueConstruct o)
getDtlsClientConnectionValidationFlags :: (MonadIO m, IsDtlsClientConnection o) => o -> m [TlsCertificateFlags]
setDtlsClientConnectionValidationFlags :: (MonadIO m, IsDtlsClientConnection o) => o -> [TlsCertificateFlags] -> m ()

Exported types

newtype DtlsClientConnection Source #

Memory-managed wrapper type.

Constructors

DtlsClientConnection (ManagedPtr DtlsClientConnection)

Instances

Instances details

Eq DtlsClientConnection Source #
Instance details Defined in GI.Gio.Interfaces.DtlsClientConnection Methods (==) :: DtlsClientConnection -> DtlsClientConnection -> Bool # (/=) :: DtlsClientConnection -> DtlsClientConnection -> Bool #
GObject DtlsClientConnection Source #
Instance details Defined in GI.Gio.Interfaces.DtlsClientConnection
ManagedPtrNewtype DtlsClientConnection Source #
Instance details Defined in GI.Gio.Interfaces.DtlsClientConnection Methods toManagedPtr :: DtlsClientConnection -> ManagedPtr DtlsClientConnection #
TypedObject DtlsClientConnection Source #
Instance details Defined in GI.Gio.Interfaces.DtlsClientConnection Methods glibType :: IO GType #
HasParentTypes DtlsClientConnection Source #
Instance details Defined in GI.Gio.Interfaces.DtlsClientConnection
IsGValue (Maybe DtlsClientConnection) Source #	Convert `DtlsClientConnection` to and from `GValue`. See `toGValue` and `fromGValue`.
Instance details Defined in GI.Gio.Interfaces.DtlsClientConnection Methods gvalueGType_ :: IO GType # gvalueSet_ :: Ptr GValue -> Maybe DtlsClientConnection -> IO () # gvalueGet_ :: Ptr GValue -> IO (Maybe DtlsClientConnection) #
type ParentTypes DtlsClientConnection Source #
Instance details Defined in GI.Gio.Interfaces.DtlsClientConnection type ParentTypes DtlsClientConnection = '[DatagramBased, DtlsConnection, Object]

class (GObject o, IsDescendantOf DtlsClientConnection o) => IsDtlsClientConnection o Source #

Type class for types which can be safely cast to DtlsClientConnection, for instance with toDtlsClientConnection.

Instances

Instances details

(GObject o, IsDescendantOf DtlsClientConnection o) => IsDtlsClientConnection o Source #
Instance details Defined in GI.Gio.Interfaces.DtlsClientConnection

toDtlsClientConnection :: (MonadIO m, IsDtlsClientConnection o) => o -> m DtlsClientConnection Source #

Cast to DtlsClientConnection, for types for which this is known to be safe. For general casts, use castTo.

Methods

Click to display all available methods, including inherited ones

Expand

getAcceptedCas

dtlsClientConnectionGetAcceptedCas Source #

Arguments

:: (HasCallStack, MonadIO m, IsDtlsClientConnection a)
=> a	`conn`: the `DtlsClientConnection`
-> m [ByteString]	Returns: the list of CA DNs. You should unref each element with `byteArrayUnref` and then the free the list with `g_list_free()`.

Gets the list of distinguished names of the Certificate Authorities that the server will accept certificates from. This will be set during the TLS handshake if the server requests a certificate. Otherwise, it will be Nothing.

Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.

Since: 2.48

getServerIdentity

dtlsClientConnectionGetServerIdentity Source #

Arguments

:: (HasCallStack, MonadIO m, IsDtlsClientConnection a)
=> a	`conn`: the `DtlsClientConnection`
-> m SocketConnectable	Returns: a `SocketConnectable` describing the expected server identity, or `Nothing` if the expected identity is not known.

Gets conn's expected server identity

Since: 2.48

getValidationFlags

dtlsClientConnectionGetValidationFlags Source #

Arguments

:: (HasCallStack, MonadIO m, IsDtlsClientConnection a)
=> a	`conn`: the `DtlsClientConnection`
-> m [TlsCertificateFlags]	Returns: the validation flags

Deprecated: (Since version 2.74)Do not attempt to ignore validation errors.

Gets conn's validation flags

This function does not work as originally designed and is impossible to use correctly. See DtlsClientConnection:validation-flags for more information.

Since: 2.48

new

dtlsClientConnectionNew Source #

Arguments

:: (HasCallStack, MonadIO m, IsDatagramBased a, IsSocketConnectable b)
=> a	`baseSocket`: the `DatagramBased` to wrap
-> Maybe b	`serverIdentity`: the expected identity of the server
-> m DtlsClientConnection	Returns: the new `DtlsClientConnection`, or `Nothing` on error (Can throw `GError`)

Creates a new DtlsClientConnection wrapping baseSocket which is assumed to communicate with the server identified by serverIdentity.

Since: 2.48

setServerIdentity

dtlsClientConnectionSetServerIdentity Source #

Arguments

:: (HasCallStack, MonadIO m, IsDtlsClientConnection a, IsSocketConnectable b)
=> a	`conn`: the `DtlsClientConnection`
-> b	`identity`: a `SocketConnectable` describing the expected server identity
-> m ()

Sets conn's expected server identity, which is used both to tell servers on virtual hosts which certificate to present, and also to let conn know what name to look for in the certificate when performing TlsCertificateFlagsBadIdentity validation, if enabled.

Since: 2.48

setValidationFlags

dtlsClientConnectionSetValidationFlags Source #

Arguments

:: (HasCallStack, MonadIO m, IsDtlsClientConnection a)
=> a	`conn`: the `DtlsClientConnection`
-> [TlsCertificateFlags]	`flags`: the `TlsCertificateFlags` to use
-> m ()

Deprecated: (Since version 2.74)Do not attempt to ignore validation errors.

Sets conn's validation flags, to override the default set of checks performed when validating a server certificate. By default, TlsCertificateFlagsValidateAll is used.

This function does not work as originally designed and is impossible to use correctly. See DtlsClientConnection:validation-flags for more information.

Since: 2.48

Properties

acceptedCas

A list of the distinguished names of the Certificate Authorities that the server will accept client certificates signed by. If the server requests a client certificate during the handshake, then this property will be set after the handshake completes.

Each item in the list is a ByteArray which contains the complete subject DN of the certificate authority.

Since: 2.48

getDtlsClientConnectionAcceptedCas :: (MonadIO m, IsDtlsClientConnection o) => o -> m [Ptr ()] Source #

Get the value of the “accepted-cas” property. When overloading is enabled, this is equivalent to

get dtlsClientConnection #acceptedCas

serverIdentity

A SocketConnectable describing the identity of the server that is expected on the other end of the connection.

If the TlsCertificateFlagsBadIdentity flag is set in DtlsClientConnection:validation-flags, this object will be used to determine the expected identify of the remote end of the connection; if DtlsClientConnection:server-identity is not set, or does not match the identity presented by the server, then the TlsCertificateFlagsBadIdentity validation will fail.

In addition to its use in verifying the server certificate, this is also used to give a hint to the server about what certificate we expect, which is useful for servers that serve virtual hosts.

Since: 2.48

constructDtlsClientConnectionServerIdentity :: (IsDtlsClientConnection o, MonadIO m, IsSocketConnectable a) => a -> m (GValueConstruct o) Source #

Construct a GValueConstruct with valid value for the “server-identity” property. This is rarely needed directly, but it is used by new.

getDtlsClientConnectionServerIdentity :: (MonadIO m, IsDtlsClientConnection o) => o -> m SocketConnectable Source #

Get the value of the “server-identity” property. When overloading is enabled, this is equivalent to

get dtlsClientConnection #serverIdentity

setDtlsClientConnectionServerIdentity :: (MonadIO m, IsDtlsClientConnection o, IsSocketConnectable a) => o -> a -> m () Source #

Set the value of the “server-identity” property. When overloading is enabled, this is equivalent to

set dtlsClientConnection [ #serverIdentity := value ]

validationFlags

What steps to perform when validating a certificate received from a server. Server certificates that fail to validate in any of the ways indicated here will be rejected unless the application overrides the default via DtlsConnection::acceptCertificate.

GLib guarantees that if certificate verification fails, at least one flag will be set, but it does not guarantee that all possible flags will be set. Accordingly, you may not safely decide to ignore any particular type of error. For example, it would be incorrect to mask TlsCertificateFlagsExpired if you want to allow expired certificates, because this could potentially be the only error flag set even if other problems exist with the certificate. Therefore, there is no safe way to use this property. This is not a horrible problem, though, because you should not be attempting to ignore validation errors anyway. If you really must ignore TLS certificate errors, connect to DtlsConnection::acceptCertificate.

Since: 2.48

constructDtlsClientConnectionValidationFlags :: (IsDtlsClientConnection o, MonadIO m) => [TlsCertificateFlags] -> m (GValueConstruct o) Source #

Construct a GValueConstruct with valid value for the “validation-flags” property. This is rarely needed directly, but it is used by new.

getDtlsClientConnectionValidationFlags :: (MonadIO m, IsDtlsClientConnection o) => o -> m [TlsCertificateFlags] Source #

Get the value of the “validation-flags” property. When overloading is enabled, this is equivalent to

get dtlsClientConnection #validationFlags

setDtlsClientConnectionValidationFlags :: (MonadIO m, IsDtlsClientConnection o) => o -> [TlsCertificateFlags] -> m () Source #

Set the value of the “validation-flags” property. When overloading is enabled, this is equivalent to

set dtlsClientConnection [ #validationFlags := value ]

Exported types

Instances

Instances

Methods

Click to display all available methods, including inherited ones

Methods

Getters

Setters

getAcceptedCas

getServerIdentity

getValidationFlags

new

setServerIdentity

setValidationFlags

Properties

acceptedCas

serverIdentity

validationFlags