gio/auto/
tls_server_connection.rs

1// This file was generated by gir (https://github.com/gtk-rs/gir)
2// from gir-files (https://github.com/gtk-rs/gir-files)
3// DO NOT EDIT
4
5use crate::{ffi, IOStream, TlsAuthenticationMode, TlsCertificate, TlsConnection};
6use glib::{
7    prelude::*,
8    signal::{connect_raw, SignalHandlerId},
9    translate::*,
10};
11use std::boxed::Box as Box_;
12
13glib::wrapper! {
14    /// `GTlsServerConnection` is the server-side subclass of
15    /// [`TlsConnection`][crate::TlsConnection], representing a server-side TLS connection.
16    ///
17    /// ## Properties
18    ///
19    ///
20    /// #### `authentication-mode`
21    ///  The #GTlsAuthenticationMode for the server. This can be changed
22    /// before calling g_tls_connection_handshake() if you want to
23    /// rehandshake with a different mode from the initial handshake.
24    ///
25    /// Readable | Writeable
26    /// <details><summary><h4>TlsConnection</h4></summary>
27    ///
28    ///
29    /// #### `advertised-protocols`
30    ///  The list of application-layer protocols that the connection
31    /// advertises that it is willing to speak. See
32    /// g_tls_connection_set_advertised_protocols().
33    ///
34    /// Readable | Writeable
35    ///
36    ///
37    /// #### `base-io-stream`
38    ///  The #GIOStream that the connection wraps. The connection holds a reference
39    /// to this stream, and may run operations on the stream from other threads
40    /// throughout its lifetime. Consequently, after the #GIOStream has been
41    /// constructed, application code may only run its own operations on this
42    /// stream when no #GIOStream operations are running.
43    ///
44    /// Readable | Writeable | Construct Only
45    ///
46    ///
47    /// #### `certificate`
48    ///  The connection's certificate; see
49    /// g_tls_connection_set_certificate().
50    ///
51    /// Readable | Writeable
52    ///
53    ///
54    /// #### `ciphersuite-name`
55    ///  The name of the TLS ciphersuite in use. See g_tls_connection_get_ciphersuite_name().
56    ///
57    /// Readable
58    ///
59    ///
60    /// #### `database`
61    ///  The certificate database to use when verifying this TLS connection.
62    /// If no certificate database is set, then the default database will be
63    /// used. See g_tls_backend_get_default_database().
64    ///
65    /// When using a non-default database, #GTlsConnection must fall back to using
66    /// the #GTlsDatabase to perform certificate verification using
67    /// g_tls_database_verify_chain(), which means certificate verification will
68    /// not be able to make use of TLS session context. This may be less secure.
69    /// For example, if you create your own #GTlsDatabase that just wraps the
70    /// default #GTlsDatabase, you might expect that you have not changed anything,
71    /// but this is not true because you may have altered the behavior of
72    /// #GTlsConnection by causing it to use g_tls_database_verify_chain(). See the
73    /// documentation of g_tls_database_verify_chain() for more details on specific
74    /// security checks that may not be performed. Accordingly, setting a
75    /// non-default database is discouraged except for specialty applications with
76    /// unusual security requirements.
77    ///
78    /// Readable | Writeable
79    ///
80    ///
81    /// #### `interaction`
82    ///  A #GTlsInteraction object to be used when the connection or certificate
83    /// database need to interact with the user. This will be used to prompt the
84    /// user for passwords where necessary.
85    ///
86    /// Readable | Writeable
87    ///
88    ///
89    /// #### `negotiated-protocol`
90    ///  The application-layer protocol negotiated during the TLS
91    /// handshake. See g_tls_connection_get_negotiated_protocol().
92    ///
93    /// Readable
94    ///
95    ///
96    /// #### `peer-certificate`
97    ///  The connection's peer's certificate, after the TLS handshake has
98    /// completed or failed. Note in particular that this is not yet set
99    /// during the emission of #GTlsConnection::accept-certificate.
100    ///
101    /// (You can watch for a #GObject::notify signal on this property to
102    /// detect when a handshake has occurred.)
103    ///
104    /// Readable
105    ///
106    ///
107    /// #### `peer-certificate-errors`
108    ///  The errors noticed while verifying
109    /// #GTlsConnection:peer-certificate. Normally this should be 0, but
110    /// it may not be if #GTlsClientConnection:validation-flags is not
111    /// [`TlsCertificateFlags::VALIDATE_ALL`][crate::TlsCertificateFlags::VALIDATE_ALL], or if
112    /// #GTlsConnection::accept-certificate overrode the default
113    /// behavior.
114    ///
115    /// GLib guarantees that if certificate verification fails, at least
116    /// one error will be set, but it does not guarantee that all possible
117    /// errors will be set. Accordingly, you may not safely decide to
118    /// ignore any particular type of error. For example, it would be
119    /// incorrect to mask [`TlsCertificateFlags::EXPIRED`][crate::TlsCertificateFlags::EXPIRED] if you want to allow
120    /// expired certificates, because this could potentially be the only
121    /// error flag set even if other problems exist with the certificate.
122    ///
123    /// Readable
124    ///
125    ///
126    /// #### `protocol-version`
127    ///  The TLS protocol version in use. See g_tls_connection_get_protocol_version().
128    ///
129    /// Readable
130    ///
131    ///
132    /// #### `rehandshake-mode`
133    ///  The rehandshaking mode. See
134    /// g_tls_connection_set_rehandshake_mode().
135    ///
136    /// Readable | Writeable | Construct
137    ///
138    ///
139    /// #### `require-close-notify`
140    ///  Whether or not proper TLS close notification is required.
141    /// See g_tls_connection_set_require_close_notify().
142    ///
143    /// Readable | Writeable | Construct
144    ///
145    ///
146    /// #### `use-system-certdb`
147    ///  Whether or not the system certificate database will be used to
148    /// verify peer certificates. See
149    /// g_tls_connection_set_use_system_certdb().
150    ///
151    /// Readable | Writeable | Construct
152    /// </details>
153    /// <details><summary><h4>IOStream</h4></summary>
154    ///
155    ///
156    /// #### `closed`
157    ///  Whether the stream is closed.
158    ///
159    /// Readable
160    ///
161    ///
162    /// #### `input-stream`
163    ///  The [`InputStream`][crate::InputStream] to read from.
164    ///
165    /// Readable
166    ///
167    ///
168    /// #### `output-stream`
169    ///  The [`OutputStream`][crate::OutputStream] to write to.
170    ///
171    /// Readable
172    /// </details>
173    ///
174    /// # Implements
175    ///
176    /// [`TlsServerConnectionExt`][trait@crate::prelude::TlsServerConnectionExt], [`TlsConnectionExt`][trait@crate::prelude::TlsConnectionExt], [`IOStreamExt`][trait@crate::prelude::IOStreamExt], [`trait@glib::ObjectExt`], [`TlsConnectionExtManual`][trait@crate::prelude::TlsConnectionExtManual], [`IOStreamExtManual`][trait@crate::prelude::IOStreamExtManual]
177    #[doc(alias = "GTlsServerConnection")]
178    pub struct TlsServerConnection(Interface<ffi::GTlsServerConnection, ffi::GTlsServerConnectionInterface>) @requires TlsConnection, IOStream;
179
180    match fn {
181        type_ => || ffi::g_tls_server_connection_get_type(),
182    }
183}
184
185impl TlsServerConnection {
186    pub const NONE: Option<&'static TlsServerConnection> = None;
187
188    /// Creates a new #GTlsServerConnection wrapping @base_io_stream (which
189    /// must have pollable input and output streams).
190    ///
191    /// See the documentation for #GTlsConnection:base-io-stream for restrictions
192    /// on when application code can run operations on the @base_io_stream after
193    /// this function has returned.
194    /// ## `base_io_stream`
195    /// the #GIOStream to wrap
196    /// ## `certificate`
197    /// the default server certificate, or [`None`]
198    ///
199    /// # Returns
200    ///
201    /// the new
202    /// #GTlsServerConnection, or [`None`] on error
203    #[doc(alias = "g_tls_server_connection_new")]
204    pub fn new(
205        base_io_stream: &impl IsA<IOStream>,
206        certificate: Option<&impl IsA<TlsCertificate>>,
207    ) -> Result<TlsServerConnection, glib::Error> {
208        unsafe {
209            let mut error = std::ptr::null_mut();
210            let ret = ffi::g_tls_server_connection_new(
211                base_io_stream.as_ref().to_glib_none().0,
212                certificate.map(|p| p.as_ref()).to_glib_none().0,
213                &mut error,
214            );
215            if error.is_null() {
216                Ok(from_glib_full(ret))
217            } else {
218                Err(from_glib_full(error))
219            }
220        }
221    }
222}
223
224mod sealed {
225    pub trait Sealed {}
226    impl<T: super::IsA<super::TlsServerConnection>> Sealed for T {}
227}
228
229/// Trait containing all [`struct@TlsServerConnection`] methods.
230///
231/// # Implementors
232///
233/// [`TlsServerConnection`][struct@crate::TlsServerConnection]
234pub trait TlsServerConnectionExt: IsA<TlsServerConnection> + sealed::Sealed + 'static {
235    /// The #GTlsAuthenticationMode for the server. This can be changed
236    /// before calling g_tls_connection_handshake() if you want to
237    /// rehandshake with a different mode from the initial handshake.
238    #[doc(alias = "authentication-mode")]
239    fn authentication_mode(&self) -> TlsAuthenticationMode {
240        ObjectExt::property(self.as_ref(), "authentication-mode")
241    }
242
243    /// The #GTlsAuthenticationMode for the server. This can be changed
244    /// before calling g_tls_connection_handshake() if you want to
245    /// rehandshake with a different mode from the initial handshake.
246    #[doc(alias = "authentication-mode")]
247    fn set_authentication_mode(&self, authentication_mode: TlsAuthenticationMode) {
248        ObjectExt::set_property(self.as_ref(), "authentication-mode", authentication_mode)
249    }
250
251    #[doc(alias = "authentication-mode")]
252    fn connect_authentication_mode_notify<F: Fn(&Self) + 'static>(&self, f: F) -> SignalHandlerId {
253        unsafe extern "C" fn notify_authentication_mode_trampoline<
254            P: IsA<TlsServerConnection>,
255            F: Fn(&P) + 'static,
256        >(
257            this: *mut ffi::GTlsServerConnection,
258            _param_spec: glib::ffi::gpointer,
259            f: glib::ffi::gpointer,
260        ) {
261            let f: &F = &*(f as *const F);
262            f(TlsServerConnection::from_glib_borrow(this).unsafe_cast_ref())
263        }
264        unsafe {
265            let f: Box_<F> = Box_::new(f);
266            connect_raw(
267                self.as_ptr() as *mut _,
268                b"notify::authentication-mode\0".as_ptr() as *const _,
269                Some(std::mem::transmute::<*const (), unsafe extern "C" fn()>(
270                    notify_authentication_mode_trampoline::<Self, F> as *const (),
271                )),
272                Box_::into_raw(f),
273            )
274        }
275    }
276}
277
278impl<O: IsA<TlsServerConnection>> TlsServerConnectionExt for O {}