[glib/wip/danw/tls-new-apis: 1/4] GTlsServerConnection: Add SNI support

From: Dan Winship <danw src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib/wip/danw/tls-new-apis: 1/4] GTlsServerConnection: Add SNI support
Date: Wed, 31 May 2017 19:04:27 +0000 (UTC)
commit af88962c2362bf4de998e5eb0db4f5d92d4c8b67
Author: Dan Winship <danw gnome org>
Date:   Wed Dec 12 11:59:12 2012 +0100

    GTlsServerConnection: Add SNI support
    
    Add GTlsServerConnection:server-identity, for reporting the identity
    requested by the client via the SNI extension.
    
    Based on a patch from Marcin Lewandowski
    https://bugzilla.gnome.org/show_bug.cgi?id=681312

 docs/reference/gio/gio-sections.txt |    1 +
 gio/gtlsserverconnection.c          |   47 +++++++++++++++++++++++++++++++++++
 gio/gtlsserverconnection.h          |   12 ++++++---
 3 files changed, 56 insertions(+), 4 deletions(-)
---
diff --git a/docs/reference/gio/gio-sections.txt b/docs/reference/gio/gio-sections.txt
index 9eb68b2..cb46e77 100644
--- a/docs/reference/gio/gio-sections.txt
+++ b/docs/reference/gio/gio-sections.txt
@@ -3738,6 +3738,7 @@ g_tls_file_database_get_type
 GTlsServerConnection
 GTlsServerConnectionInterface
 g_tls_server_connection_new
+g_tls_server_connection_get_server_identity
 <SUBSECTION Standard>
 G_IS_TLS_SERVER_CONNECTION
 G_TLS_SERVER_CONNECTION
diff --git a/gio/gtlsserverconnection.c b/gio/gtlsserverconnection.c
index 4c2f486..aad9c37 100644
--- a/gio/gtlsserverconnection.c
+++ b/gio/gtlsserverconnection.c
@@ -60,6 +60,32 @@ g_tls_server_connection_default_init (GTlsServerConnectionInterface *iface)
                                                          G_TLS_AUTHENTICATION_NONE,
                                                          G_PARAM_READWRITE |
                                                          G_PARAM_STATIC_STRINGS));
+
+  /**
+   * GTlsServerConnection:server-identity:
+   *
+   * The server identity chosen by the client via the SNI extension.
+   * If the client sends that extension in the handshake, this
+   * property will be updated when it is parsed.
+   *
+   * You can connect to #GObject::notify for this property to be
+   * notified when this is set, and then call
+   * g_tls_connection_set_certificate() to set an appropriate
+   * certificate to send in reply. Beware that the notification may be
+   * emitted in a different thread from the one that you started the
+   * handshake in (but, as long as you are not also getting or setting
+   * the certificate from another thread, it is safe to call
+   * g_tls_connection_set_certificate() from that thread).
+   *
+   * Since: 2.46
+   */
+  g_object_interface_install_property (iface,
+                                      g_param_spec_string ("server-identity",
+                                                            P_("Server Identity"),
+                                                            P_("The server identity requested by the 
client"),
+                                                            NULL,
+                                                            G_PARAM_READABLE |
+                                                            G_PARAM_STATIC_STRINGS));
 }
 
 /**
@@ -92,3 +118,24 @@ g_tls_server_connection_new (GIOStream        *base_io_stream,
                         NULL);
   return G_IO_STREAM (conn);
 }
+
+/**
+ * g_tls_server_connection_get_server_identity:
+ * @conn: a #GTlsServerConnection
+ *
+ * Gets the server identity requested by the client via the SNI
+ * extension, after it has been set during the handshake.
+ *
+ * Return value: the requested server identity, or %NULL if the
+ *   client didn't use SNI.
+ *
+ * Since: 2.46
+ */
+const gchar *
+g_tls_server_connection_get_server_identity (GTlsServerConnection *conn)
+{
+  if (G_TLS_SERVER_CONNECTION_GET_INTERFACE (conn)->get_server_identity)
+    return G_TLS_SERVER_CONNECTION_GET_INTERFACE (conn)->get_server_identity (conn);
+  else
+    return NULL;
+}
diff --git a/gio/gtlsserverconnection.h b/gio/gtlsserverconnection.h
index ad61e30..c96c904 100644
--- a/gio/gtlsserverconnection.h
+++ b/gio/gtlsserverconnection.h
@@ -54,15 +54,19 @@ struct _GTlsServerConnectionInterface
 {
   GTypeInterface g_iface;
 
+  const char * (*get_server_identity) (GTlsServerConnection *);
 };
 
 GLIB_AVAILABLE_IN_ALL
-GType                 g_tls_server_connection_get_type                 (void) G_GNUC_CONST;
+GType        g_tls_server_connection_get_type            (void) G_GNUC_CONST;
 
 GLIB_AVAILABLE_IN_ALL
-GIOStream *           g_tls_server_connection_new                      (GIOStream        *base_io_stream,
-                                                                       GTlsCertificate  *certificate,
-                                                                       GError          **error);
+GIOStream *  g_tls_server_connection_new                 (GIOStream             *base_io_stream,
+                                                          GTlsCertificate       *certificate,
+                                                          GError               **error);
+
+GLIB_AVAILABLE_IN_2_46
+const gchar *g_tls_server_connection_get_server_identity (GTlsServerConnection  *conn);
 
 G_END_DECLS
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]