[glib] tlsclientconnection: Deprecate ssl3 property and functions
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib] tlsclientconnection: Deprecate ssl3 property and functions
- Date: Tue, 9 Jan 2018 01:17:37 +0000 (UTC)
commit 045b805199ee6e1635bbabc79552a075855a1473
Author: Michael Catanzaro <mcatanzaro igalia com>
Date: Sun Jan 7 16:02:17 2018 -0600
tlsclientconnection: Deprecate ssl3 property and functions
I originally planned to introduce a new property and functions to
replace these, with the same behavior but less-confusing names. But that
might not be the best approach in the long run. Instead, let's just
deprecate them without replacement.
TLS 1.2 intolerance is no longer a thing in the wild, and no known
GTlsBackend supports TLS 1.3 yet. But you might need to use this
property in the future, even though it's deprecated, if your
GTlsBackend has added support for TLS 1.3 and you need to talk to a
server that is TLS 1.3 intolerant.
Independently of all that, these APIs simply no longer do what their
names suggest, so deprecation is sensible regardless.
https://bugzilla.gnome.org/show_bug.cgi?id=792217
gio/gtlsclientconnection.c | 12 +++++++++++-
gio/gtlsclientconnection.h | 4 ++--
2 files changed, 13 insertions(+), 3 deletions(-)
---
diff --git a/gio/gtlsclientconnection.c b/gio/gtlsclientconnection.c
index 13fbfde..f80c625 100644
--- a/gio/gtlsclientconnection.c
+++ b/gio/gtlsclientconnection.c
@@ -115,6 +115,9 @@ g_tls_client_connection_default_init (GTlsClientConnectionInterface *iface)
* as the fallback version.
*
* Since: 2.28
+ *
+ * Deprecated: 2.56: SSL 3.0 is insecure, and this property does not
+ * generally enable or disable it, despite its name.
*/
g_object_interface_install_property (iface,
g_param_spec_boolean ("use-ssl3",
@@ -123,7 +126,8 @@ g_tls_client_connection_default_init (GTlsClientConnectionInterface *iface)
FALSE,
G_PARAM_READWRITE |
G_PARAM_CONSTRUCT |
- G_PARAM_STATIC_STRINGS));
+ G_PARAM_STATIC_STRINGS |
+ G_PARAM_DEPRECATED));
/**
* GTlsClientConnection:accepted-cas: (type GLib.List) (element-type GLib.ByteArray)
@@ -280,6 +284,9 @@ g_tls_client_connection_set_server_identity (GTlsClientConnection *conn,
* Returns: whether @conn will use the lowest-supported TLS protocol version
*
* Since: 2.28
+ *
+ * Deprecated: 2.56: SSL 3.0 is insecure, and this function does not
+ * actually indicate whether it is enabled.
*/
gboolean
g_tls_client_connection_get_use_ssl3 (GTlsClientConnection *conn)
@@ -307,6 +314,9 @@ g_tls_client_connection_get_use_ssl3 (GTlsClientConnection *conn)
* the lowest-supported protocol version is probably not SSL 3.0.
*
* Since: 2.28
+ *
+ * Deprecated: 2.56: SSL 3.0 is insecure, and this function does not
+ * generally enable or disable it, despite its name.
*/
void
g_tls_client_connection_set_use_ssl3 (GTlsClientConnection *conn,
diff --git a/gio/gtlsclientconnection.h b/gio/gtlsclientconnection.h
index 84711ec..29dbafc 100644
--- a/gio/gtlsclientconnection.h
+++ b/gio/gtlsclientconnection.h
@@ -69,9 +69,9 @@ GSocketConnectable *g_tls_client_connection_get_server_identity (GTlsClientCo
GLIB_AVAILABLE_IN_ALL
void g_tls_client_connection_set_server_identity (GTlsClientConnection *conn,
GSocketConnectable *identity);
-GLIB_AVAILABLE_IN_ALL
+GLIB_DEPRECATED_IN_2_56
gboolean g_tls_client_connection_get_use_ssl3 (GTlsClientConnection *conn);
-GLIB_AVAILABLE_IN_ALL
+GLIB_DEPRECATED_IN_2_56
void g_tls_client_connection_set_use_ssl3 (GTlsClientConnection *conn,
gboolean use_ssl3);
GLIB_AVAILABLE_IN_ALL
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
