[glib/revert-channel-bindings] Revert "Add g_(d)tls_connection_get_channel_binding_data calls and enums"
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib/revert-channel-bindings] Revert "Add g_(d)tls_connection_get_channel_binding_data calls and enums"
- Date: Tue, 1 Sep 2020 18:17:00 +0000 (UTC)
commit 6d1cb13c4f30b69fb55f546283545383a6b3f4a8
Author: Michael Catanzaro <mcatanzaro gnome org>
Date: Tue Sep 1 13:14:14 2020 -0500
Revert "Add g_(d)tls_connection_get_channel_binding_data calls and enums"
This reverts commit 44524b9daa622058e3e55617b9b0d4c986e3b8b3.
We were not able to implement this API in glib-networking because it
wasn't released until glib 2.65.1, one day before freeze. We eventually
landed the implementation via the feature freeze break process, but
failed to notice that it introduced new strings. It's much too late to
be adding new translatable strings, so implementation will have to wait
until next release cycle, after the first glib 2.67 release.
https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/124
docs/reference/gio/gio-sections-common.txt | 10 ---
gio/gdtlsconnection.c | 50 ---------------
gio/gdtlsconnection.h | 15 -----
gio/gioenums.h | 55 -----------------
gio/gtlsconnection.c | 60 ------------------
gio/gtlsconnection.h | 29 +--------
gio/tests/gtesttlsbackend.c | 6 --
gio/tests/meson.build | 1 -
gio/tests/tls-bindings.c | 97 ------------------------------
9 files changed, 1 insertion(+), 322 deletions(-)
---
diff --git a/docs/reference/gio/gio-sections-common.txt b/docs/reference/gio/gio-sections-common.txt
index 39999c452..016b1f9e1 100644
--- a/docs/reference/gio/gio-sections-common.txt
+++ b/docs/reference/gio/gio-sections-common.txt
@@ -3652,20 +3652,15 @@ g_pollable_return_get_type
<FILE>gtls</FILE>
G_TLS_ERROR
GTlsError
-G_TLS_CHANNEL_BINDING_ERROR
-GTlsChannelBindingError
<SUBSECTION>
GTlsAuthenticationMode
GTlsCertificateFlags
<SUBSECTION Standard>
G_TYPE_TLS_AUTHENTICATION_MODE
G_TYPE_TLS_CERTIFICATE_FLAGS
-G_TYPE_TLS_CHANNEL_BINDING_ERROR
G_TYPE_TLS_ERROR
g_tls_authentication_mode_get_type
g_tls_certificate_flags_get_type
-g_tls_channel_binding_error_get_type
-g_tls_channel_binding_error_quark
g_tls_error_get_type
</SECTION>
@@ -3724,12 +3719,10 @@ g_tls_certificate_get_type
<FILE>gtlsconnection</FILE>
<TITLE>GTlsConnection</TITLE>
GTlsConnection
-GTlsChannelBindingType
g_tls_connection_set_certificate
g_tls_connection_get_certificate
g_tls_connection_get_peer_certificate
g_tls_connection_get_peer_certificate_errors
-g_tls_connection_get_channel_binding_data
g_tls_connection_set_require_close_notify
g_tls_connection_get_require_close_notify
GTlsRehandshakeMode
@@ -3757,11 +3750,9 @@ G_IS_TLS_CONNECTION_CLASS
G_TLS_CONNECTION
G_TLS_CONNECTION_CLASS
G_TLS_CONNECTION_GET_CLASS
-G_TYPE_TLS_CHANNEL_BINDING_TYPE
G_TYPE_TLS_CONNECTION
G_TYPE_TLS_REHANDSHAKE_MODE
<SUBSECTION Private>
-g_tls_channel_binding_type_get_type
g_tls_connection_get_type
g_tls_rehandshake_mode_get_type
</SECTION>
@@ -3926,7 +3917,6 @@ g_dtls_connection_set_certificate
g_dtls_connection_get_certificate
g_dtls_connection_get_peer_certificate
g_dtls_connection_get_peer_certificate_errors
-g_dtls_connection_get_channel_binding_data
g_dtls_connection_set_require_close_notify
g_dtls_connection_get_require_close_notify
g_dtls_connection_set_rehandshake_mode
diff --git a/gio/gdtlsconnection.c b/gio/gdtlsconnection.c
index 4bbc88d7a..2704133ff 100644
--- a/gio/gdtlsconnection.c
+++ b/gio/gdtlsconnection.c
@@ -26,7 +26,6 @@
#include "gsocket.h"
#include "gtlsbackend.h"
#include "gtlscertificate.h"
-#include "gtlsconnection.h"
#include "gdtlsclientconnection.h"
#include "gtlsdatabase.h"
#include "gtlsinteraction.h"
@@ -1074,52 +1073,3 @@ g_dtls_connection_get_negotiated_protocol (GDtlsConnection *conn)
return iface->get_negotiated_protocol (conn);
}
-
-/**
- * g_dtls_connection_get_channel_binding_data:
- * @conn: a #GDtlsConnection
- * @type: #GTlsChannelBindingType type of data to fetch
- * @data: (out callee-allocates)(optional)(transfer none): #GByteArray is
- * filled with the binding data, or %NULL
- * @error: a #GError pointer, or %NULL
- *
- * Query the TLS backend for TLS channel binding data of @type for @conn.
- *
- * This call retrieves TLS channel binding data as specified in RFC
- * [5056](https://tools.ietf.org/html/rfc5056), RFC
- * [5929](https://tools.ietf.org/html/rfc5929), and related RFCs. The
- * binding data is returned in @data. The @data is resized by the callee
- * using #GByteArray buffer management and will be freed when the @data
- * is destroyed by g_byte_array_unref(). If @data is %NULL, it will only
- * check whether TLS backend is able to fetch the data (e.g. whether @type
- * is supported by the TLS backend). It does not guarantee that the data
- * will be available though. That could happen if TLS connection does not
- * support @type or the binding data is not available yet due to additional
- * negotiation or input required.
- *
- * Returns: %TRUE on success, %FALSE otherwise
- *
- * Since: 2.66
- */
-gboolean
-g_dtls_connection_get_channel_binding_data (GDtlsConnection *conn,
- GTlsChannelBindingType type,
- GByteArray *data,
- GError **error)
-{
- GDtlsConnectionInterface *iface;
-
- g_return_val_if_fail (G_IS_DTLS_CONNECTION (conn), FALSE);
- g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
-
- iface = G_DTLS_CONNECTION_GET_INTERFACE (conn);
- if (iface->get_binding_data == NULL)
- {
- g_set_error_literal (error, G_TLS_CHANNEL_BINDING_ERROR,
- G_TLS_CHANNEL_BINDING_ERROR_NOT_IMPLEMENTED,
- _("TLS backend does not implement TLS binding retrieval"));
- return FALSE;
- }
-
- return iface->get_binding_data (conn, type, data, error);
-}
diff --git a/gio/gdtlsconnection.h b/gio/gdtlsconnection.h
index e73cf1459..3901cdc9e 100644
--- a/gio/gdtlsconnection.h
+++ b/gio/gdtlsconnection.h
@@ -95,13 +95,6 @@ struct _GDtlsConnectionInterface
void (*set_advertised_protocols) (GDtlsConnection *conn,
const gchar * const *protocols);
const gchar *(*get_negotiated_protocol) (GDtlsConnection *conn);
-
-G_GNUC_BEGIN_IGNORE_DEPRECATIONS
- gboolean (*get_binding_data) (GDtlsConnection *conn,
- GTlsChannelBindingType type,
- GByteArray *data,
- GError **error);
-G_GNUC_END_IGNORE_DEPRECATIONS
};
GLIB_AVAILABLE_IN_2_48
@@ -208,14 +201,6 @@ void g_dtls_connection_set_advertised_protocols (GDtlsConnec
GLIB_AVAILABLE_IN_2_60
const gchar * g_dtls_connection_get_negotiated_protocol (GDtlsConnection *conn);
-G_GNUC_BEGIN_IGNORE_DEPRECATIONS
-GLIB_AVAILABLE_IN_2_66
-gboolean g_dtls_connection_get_channel_binding_data (GDtlsConnection *conn,
- GTlsChannelBindingType type,
- GByteArray *data,
- GError **error);
-G_GNUC_END_IGNORE_DEPRECATIONS
-
G_END_DECLS
#endif /* __G_DTLS_CONNECTION_H__ */
diff --git a/gio/gioenums.h b/gio/gioenums.h
index 2692b746d..8aede1af6 100644
--- a/gio/gioenums.h
+++ b/gio/gioenums.h
@@ -1613,61 +1613,6 @@ typedef enum {
G_TLS_AUTHENTICATION_REQUIRED
} GTlsAuthenticationMode;
-/**
- * GTlsChannelBindingType:
- * @G_TLS_CHANNEL_BINDING_TLS_UNIQUE:
- * [`tls-unique`](https://tools.ietf.org/html/rfc5929#section-3) binding
- * type
- * @G_TLS_CHANNEL_BINDING_TLS_SERVER_END_POINT:
- * [`tls-server-end-point`](https://tools.ietf.org/html/rfc5929#section-4)
- * binding type
- *
- * The type of TLS channel binding data to retrieve from #GTlsConnection
- * or #GDtlsConnection, as documented by RFC 5929. The
- * [`tls-unique-for-telnet`](https://tools.ietf.org/html/rfc5929#section-5)
- * binding type is not currently implemented.
- *
- * Since: 2.66
- */
-GLIB_AVAILABLE_TYPE_IN_2_66
-typedef enum {
- G_TLS_CHANNEL_BINDING_TLS_UNIQUE,
- G_TLS_CHANNEL_BINDING_TLS_SERVER_END_POINT
-} GTlsChannelBindingType;
-
-/**
- * GTlsChannelBindingError:
- * @G_TLS_CHANNEL_BINDING_ERROR_NOT_IMPLEMENTED: Either entire binding
- * retrieval facility or specific binding type is not implemented in the
- * TLS backend.
- * @G_TLS_CHANNEL_BINDING_ERROR_INVALID_STATE: The handshake is not yet
- * complete on the connection which is a strong requirement for any existing
- * binding type.
- * @G_TLS_CHANNEL_BINDING_ERROR_NOT_AVAILABLE: Handshake is complete but
- * binding data is not available. That normally indicates the TLS
- * implementation failed to provide the binding data. For example, some
- * implementations do not provide a peer certificate for resumed connections.
- * @G_TLS_CHANNEL_BINDING_ERROR_NOT_SUPPORTED: Binding type is not supported
- * on the current connection. This error could be triggered when requesting
- * `tls-server-end-point` binding data for a certificate which has no hash
- * function or uses multiple hash functions.
- * @G_TLS_CHANNEL_BINDING_ERROR_GENERAL_ERROR: Any other backend error
- * preventing binding data retrieval.
- *
- * An error code used with %G_TLS_CHANNEL_BINDING_ERROR in a #GError to
- * indicate a TLS channel binding retrieval error.
- *
- * Since: 2.66
- */
-GLIB_AVAILABLE_TYPE_IN_2_66
-typedef enum {
- G_TLS_CHANNEL_BINDING_ERROR_NOT_IMPLEMENTED,
- G_TLS_CHANNEL_BINDING_ERROR_INVALID_STATE,
- G_TLS_CHANNEL_BINDING_ERROR_NOT_AVAILABLE,
- G_TLS_CHANNEL_BINDING_ERROR_NOT_SUPPORTED,
- G_TLS_CHANNEL_BINDING_ERROR_GENERAL_ERROR
-} GTlsChannelBindingError;
-
/**
* GTlsRehandshakeMode:
* @G_TLS_REHANDSHAKE_NEVER: Never allow rehandshaking
diff --git a/gio/gtlsconnection.c b/gio/gtlsconnection.c
index 5654ca9ee..f01e492d5 100644
--- a/gio/gtlsconnection.c
+++ b/gio/gtlsconnection.c
@@ -865,66 +865,6 @@ g_tls_connection_get_negotiated_protocol (GTlsConnection *conn)
return priv->negotiated_protocol;
}
-/**
- * g_tls_channel_binding_error_quark:
- *
- * Gets the TLS channel binding error quark.
- *
- * Returns: a #GQuark.
- *
- * Since: 2.66
- */
-G_DEFINE_QUARK (g-tls-channel-binding-error-quark, g_tls_channel_binding_error)
-
-/**
- * g_tls_connection_get_channel_binding_data:
- * @conn: a #GTlsConnection
- * @type: #GTlsChannelBindingType type of data to fetch
- * @data: (out callee-allocates)(optional)(transfer none): #GByteArray is
- * filled with the binding data, or %NULL
- * @error: a #GError pointer, or %NULL
- *
- * Query the TLS backend for TLS channel binding data of @type for @conn.
- *
- * This call retrieves TLS channel binding data as specified in RFC
- * [5056](https://tools.ietf.org/html/rfc5056), RFC
- * [5929](https://tools.ietf.org/html/rfc5929), and related RFCs. The
- * binding data is returned in @data. The @data is resized by the callee
- * using #GByteArray buffer management and will be freed when the @data
- * is destroyed by g_byte_array_unref(). If @data is %NULL, it will only
- * check whether TLS backend is able to fetch the data (e.g. whether @type
- * is supported by the TLS backend). It does not guarantee that the data
- * will be available though. That could happen if TLS connection does not
- * support @type or the binding data is not available yet due to additional
- * negotiation or input required.
- *
- * Returns: %TRUE on success, %FALSE otherwise
- *
- * Since: 2.66
- */
-gboolean
-g_tls_connection_get_channel_binding_data (GTlsConnection *conn,
- GTlsChannelBindingType type,
- GByteArray *data,
- GError **error)
-{
- GTlsConnectionClass *class;
-
- g_return_val_if_fail (G_IS_TLS_CONNECTION (conn), FALSE);
- g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
-
- class = G_TLS_CONNECTION_GET_CLASS (conn);
- if (class->get_binding_data == NULL)
- {
- g_set_error_literal (error, G_TLS_CHANNEL_BINDING_ERROR,
- G_TLS_CHANNEL_BINDING_ERROR_NOT_IMPLEMENTED,
- _("TLS backend does not implement TLS binding retrieval"));
- return FALSE;
- }
-
- return class->get_binding_data (conn, type, data, error);
-}
-
/**
* g_tls_connection_handshake:
* @conn: a #GTlsConnection
diff --git a/gio/gtlsconnection.h b/gio/gtlsconnection.h
index 037222733..be38dcf5c 100644
--- a/gio/gtlsconnection.h
+++ b/gio/gtlsconnection.h
@@ -66,16 +66,9 @@ struct _GTlsConnectionClass
GAsyncResult *result,
GError **error);
-G_GNUC_BEGIN_IGNORE_DEPRECATIONS
- gboolean ( *get_binding_data) (GTlsConnection *conn,
- GTlsChannelBindingType type,
- GByteArray *data,
- GError **error);
-G_GNUC_END_IGNORE_DEPRECATIONS
-
/*< private >*/
/* Padding for future expansion */
- gpointer padding[7];
+ gpointer padding[8];
};
GLIB_AVAILABLE_IN_ALL
@@ -131,14 +124,6 @@ void g_tls_connection_set_advertised_protocols (GTlsConnecti
GLIB_AVAILABLE_IN_2_60
const gchar * g_tls_connection_get_negotiated_protocol (GTlsConnection *conn);
-G_GNUC_BEGIN_IGNORE_DEPRECATIONS
-GLIB_AVAILABLE_IN_2_66
-gboolean g_tls_connection_get_channel_binding_data (GTlsConnection *conn,
- GTlsChannelBindingType type,
- GByteArray *data,
- GError **error);
-G_GNUC_END_IGNORE_DEPRECATIONS
-
GLIB_AVAILABLE_IN_ALL
gboolean g_tls_connection_handshake (GTlsConnection *conn,
GCancellable *cancellable,
@@ -166,18 +151,6 @@ gboolean g_tls_connection_handshake_finish (GTlsConnecti
GLIB_AVAILABLE_IN_ALL
GQuark g_tls_error_quark (void);
-/**
- * G_TLS_CHANNEL_BINDING_ERROR:
- *
- * Error domain for TLS channel binding. Errors in this domain will be from the
- * #GTlsChannelBindingError enumeration. See #GError for more information on error
- * domains.
- *
- * Since: 2.66
- */
-#define G_TLS_CHANNEL_BINDING_ERROR (g_tls_channel_binding_error_quark ())
-GLIB_AVAILABLE_IN_2_66
-GQuark g_tls_channel_binding_error_quark (void);
/*< protected >*/
GLIB_AVAILABLE_IN_ALL
diff --git a/gio/tests/gtesttlsbackend.c b/gio/tests/gtesttlsbackend.c
index 346a20dd9..157a4a3f3 100644
--- a/gio/tests/gtesttlsbackend.c
+++ b/gio/tests/gtesttlsbackend.c
@@ -59,8 +59,6 @@ g_test_tls_backend_iface_init (GTlsBackendInterface *iface)
iface->get_certificate_type = _g_test_tls_certificate_get_type;
iface->get_client_connection_type = _g_test_tls_connection_get_type;
iface->get_server_connection_type = _g_test_tls_connection_get_type;
- iface->get_dtls_client_connection_type = _g_test_tls_connection_get_type;
- iface->get_dtls_server_connection_type = _g_test_tls_connection_get_type;
iface->get_default_database = _g_test_tls_backend_get_default_database;
iface->get_file_database_type = _g_test_tls_database_get_type;
}
@@ -247,7 +245,6 @@ struct _GTestTlsConnectionClass {
enum
{
PROP_CONN_BASE_IO_STREAM = 1,
- PROP_CONN_BASE_SOCKET,
PROP_CONN_USE_SYSTEM_CERTDB,
PROP_CONN_REQUIRE_CLOSE_NOTIFY,
PROP_CONN_REHANDSHAKE_MODE,
@@ -267,8 +264,6 @@ static void g_test_tls_connection_initable_iface_init (GInitableIface *iface);
G_DEFINE_TYPE_WITH_CODE (GTestTlsConnection, g_test_tls_connection, G_TYPE_TLS_CONNECTION,
G_IMPLEMENT_INTERFACE (G_TYPE_TLS_CLIENT_CONNECTION, NULL)
G_IMPLEMENT_INTERFACE (G_TYPE_TLS_SERVER_CONNECTION, NULL)
- G_IMPLEMENT_INTERFACE (G_TYPE_DATAGRAM_BASED, NULL)
- G_IMPLEMENT_INTERFACE (G_TYPE_DTLS_CONNECTION, NULL)
G_IMPLEMENT_INTERFACE (G_TYPE_INITABLE,
g_test_tls_connection_initable_iface_init))
@@ -313,7 +308,6 @@ g_test_tls_connection_class_init (GTestTlsConnectionClass *connection_class)
io_stream_class->close_fn = g_test_tls_connection_close;
g_object_class_override_property (gobject_class, PROP_CONN_BASE_IO_STREAM, "base-io-stream");
- g_object_class_override_property (gobject_class, PROP_CONN_BASE_SOCKET, "base-socket");
g_object_class_override_property (gobject_class, PROP_CONN_USE_SYSTEM_CERTDB, "use-system-certdb");
g_object_class_override_property (gobject_class, PROP_CONN_REQUIRE_CLOSE_NOTIFY, "require-close-notify");
g_object_class_override_property (gobject_class, PROP_CONN_REHANDSHAKE_MODE, "rehandshake-mode");
diff --git a/gio/tests/meson.build b/gio/tests/meson.build
index d8ebd56ac..c7c3e3035 100644
--- a/gio/tests/meson.build
+++ b/gio/tests/meson.build
@@ -78,7 +78,6 @@ gio_tests = {
'tls-certificate' : {'extra_sources' : ['gtesttlsbackend.c']},
'tls-interaction' : {'extra_sources' : ['gtesttlsbackend.c']},
'tls-database' : {'extra_sources' : ['gtesttlsbackend.c']},
- 'tls-bindings' : {'extra_sources' : ['gtesttlsbackend.c']},
'gdbus-address-get-session' : {},
'win32-appinfo' : {},
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
