1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357

// This file was generated by gir (https://github.com/gtk-rs/gir)
// from gir-files (https://github.com/gtk-rs/gir-files)
// DO NOT EDIT

use gio_sys;
use glib;
use glib::object::Cast;
use glib::object::IsA;
use glib::signal::connect_raw;
use glib::signal::SignalHandlerId;
use glib::translate::*;
use glib_sys;
use std::boxed::Box as Box_;
use std::fmt;
use std::mem::transmute;
use std::ptr;
use IOStream;
use SocketConnectable;
use TlsCertificateFlags;
use TlsConnection;

glib_wrapper! {
    /// `TlsClientConnection` is the client-side subclass of
    /// `TlsConnection`, representing a client-side TLS connection.
    ///
    /// # Implements
    ///
    /// [`TlsClientConnectionExt`](trait.TlsClientConnectionExt.html), [`TlsConnectionExt`](trait.TlsConnectionExt.html), [`IOStreamExt`](trait.IOStreamExt.html), [`glib::object::ObjectExt`](../glib/object/trait.ObjectExt.html)
    pub struct TlsClientConnection(Interface<gio_sys::GTlsClientConnection>) @requires TlsConnection, IOStream;

    match fn {
        get_type => || gio_sys::g_tls_client_connection_get_type(),
    }
}

impl TlsClientConnection {
    /// Creates a new `TlsClientConnection` wrapping `base_io_stream` (which
    /// must have pollable input and output streams) which is assumed to
    /// communicate with the server identified by `server_identity`.
    ///
    /// See the documentation for `TlsConnection:base-io-stream` for restrictions
    /// on when application code can run operations on the `base_io_stream` after
    /// this function has returned.
    /// ## `base_io_stream`
    /// the `IOStream` to wrap
    /// ## `server_identity`
    /// the expected identity of the server
    ///
    /// # Returns
    ///
    /// the new
    /// `TlsClientConnection`, or `None` on error
    pub fn new<P: IsA<IOStream>, Q: IsA<SocketConnectable>>(
        base_io_stream: &P,
        server_identity: Option<&Q>,
    ) -> Result<TlsClientConnection, glib::Error> {
        unsafe {
            let mut error = ptr::null_mut();
            let ret = gio_sys::g_tls_client_connection_new(
                base_io_stream.as_ref().to_glib_none().0,
                server_identity.map(|p| p.as_ref()).to_glib_none().0,
                &mut error,
            );
            if error.is_null() {
                Ok(from_glib_full(ret))
            } else {
                Err(from_glib_full(error))
            }
        }
    }
}

pub const NONE_TLS_CLIENT_CONNECTION: Option<&TlsClientConnection> = None;

/// Trait containing all `TlsClientConnection` methods.
///
/// # Implementors
///
/// [`TlsClientConnection`](struct.TlsClientConnection.html)
pub trait TlsClientConnectionExt: 'static {
    /// Copies session state from one connection to another. This is
    /// not normally needed, but may be used when the same session
    /// needs to be used between different endpoints as is required
    /// by some protocols such as FTP over TLS. `source` should have
    /// already completed a handshake, and `self` should not have
    /// completed a handshake.
    ///
    /// Feature: `v2_46`
    ///
    /// ## `source`
    /// a `TlsClientConnection`
    #[cfg(any(feature = "v2_46", feature = "dox"))]
    fn copy_session_state<P: IsA<TlsClientConnection>>(&self, source: &P);

    //fn get_accepted_cas(&self) -> /*Ignored*/Vec<glib::ByteArray>;

    /// Gets `self`'s expected server identity
    ///
    /// # Returns
    ///
    /// a `SocketConnectable` describing the
    /// expected server identity, or `None` if the expected identity is not
    /// known.
    fn get_server_identity(&self) -> Option<SocketConnectable>;

    /// Gets whether `self` will force the lowest-supported TLS protocol
    /// version rather than attempt to negotiate the highest mutually-
    /// supported version of TLS; see `TlsClientConnection::set_use_ssl3`.
    ///
    /// # Deprecated since 2.56
    ///
    /// SSL 3.0 is insecure, and this function does not
    /// actually indicate whether it is enabled.
    ///
    /// # Returns
    ///
    /// whether `self` will use the lowest-supported TLS protocol version
    #[cfg_attr(feature = "v2_56", deprecated)]
    fn get_use_ssl3(&self) -> bool;

    /// Gets `self`'s validation flags
    ///
    /// # Returns
    ///
    /// the validation flags
    fn get_validation_flags(&self) -> TlsCertificateFlags;

    /// Sets `self`'s expected server identity, which is used both to tell
    /// servers on virtual hosts which certificate to present, and also
    /// to let `self` know what name to look for in the certificate when
    /// performing `TlsCertificateFlags::BadIdentity` validation, if enabled.
    /// ## `identity`
    /// a `SocketConnectable` describing the expected server identity
    fn set_server_identity<P: IsA<SocketConnectable>>(&self, identity: &P);

    /// Since 2.42.1, if `use_ssl3` is `true`, this forces `self` to use the
    /// lowest-supported TLS protocol version rather than trying to properly
    /// negotiate the highest mutually-supported protocol version with the
    /// peer. Be aware that SSL 3.0 is generally disabled by the
    /// `TlsBackend`, so the lowest-supported protocol version is probably
    /// not SSL 3.0.
    ///
    /// Since 2.58, this may additionally cause an RFC 7507 fallback SCSV to
    /// be sent to the server, causing modern TLS servers to immediately
    /// terminate the connection. You should generally only use this function
    /// if you need to connect to broken servers that exhibit TLS protocol
    /// version intolerance, and when an initial attempt to connect to a
    /// server normally has already failed.
    ///
    /// # Deprecated since 2.56
    ///
    /// SSL 3.0 is insecure, and this function does not
    /// generally enable or disable it, despite its name.
    /// ## `use_ssl3`
    /// whether to use the lowest-supported protocol version
    #[cfg_attr(feature = "v2_56", deprecated)]
    fn set_use_ssl3(&self, use_ssl3: bool);

    /// Sets `self`'s validation flags, to override the default set of
    /// checks performed when validating a server certificate. By default,
    /// `TlsCertificateFlags::ValidateAll` is used.
    /// ## `flags`
    /// the `TlsCertificateFlags` to use
    fn set_validation_flags(&self, flags: TlsCertificateFlags);

    fn connect_property_accepted_cas_notify<F: Fn(&Self) + 'static>(&self, f: F)
        -> SignalHandlerId;

    fn connect_property_server_identity_notify<F: Fn(&Self) + 'static>(
        &self,
        f: F,
    ) -> SignalHandlerId;

    #[cfg_attr(feature = "v2_56", deprecated)]
    fn connect_property_use_ssl3_notify<F: Fn(&Self) + 'static>(&self, f: F) -> SignalHandlerId;

    fn connect_property_validation_flags_notify<F: Fn(&Self) + 'static>(
        &self,
        f: F,
    ) -> SignalHandlerId;
}

impl<O: IsA<TlsClientConnection>> TlsClientConnectionExt for O {
    #[cfg(any(feature = "v2_46", feature = "dox"))]
    fn copy_session_state<P: IsA<TlsClientConnection>>(&self, source: &P) {
        unsafe {
            gio_sys::g_tls_client_connection_copy_session_state(
                self.as_ref().to_glib_none().0,
                source.as_ref().to_glib_none().0,
            );
        }
    }

    //fn get_accepted_cas(&self) -> /*Ignored*/Vec<glib::ByteArray> {
    //    unsafe { TODO: call gio_sys:g_tls_client_connection_get_accepted_cas() }
    //}

    fn get_server_identity(&self) -> Option<SocketConnectable> {
        unsafe {
            from_glib_none(gio_sys::g_tls_client_connection_get_server_identity(
                self.as_ref().to_glib_none().0,
            ))
        }
    }

    fn get_use_ssl3(&self) -> bool {
        unsafe {
            from_glib(gio_sys::g_tls_client_connection_get_use_ssl3(
                self.as_ref().to_glib_none().0,
            ))
        }
    }

    fn get_validation_flags(&self) -> TlsCertificateFlags {
        unsafe {
            from_glib(gio_sys::g_tls_client_connection_get_validation_flags(
                self.as_ref().to_glib_none().0,
            ))
        }
    }

    fn set_server_identity<P: IsA<SocketConnectable>>(&self, identity: &P) {
        unsafe {
            gio_sys::g_tls_client_connection_set_server_identity(
                self.as_ref().to_glib_none().0,
                identity.as_ref().to_glib_none().0,
            );
        }
    }

    fn set_use_ssl3(&self, use_ssl3: bool) {
        unsafe {
            gio_sys::g_tls_client_connection_set_use_ssl3(
                self.as_ref().to_glib_none().0,
                use_ssl3.to_glib(),
            );
        }
    }

    fn set_validation_flags(&self, flags: TlsCertificateFlags) {
        unsafe {
            gio_sys::g_tls_client_connection_set_validation_flags(
                self.as_ref().to_glib_none().0,
                flags.to_glib(),
            );
        }
    }

    fn connect_property_accepted_cas_notify<F: Fn(&Self) + 'static>(
        &self,
        f: F,
    ) -> SignalHandlerId {
        unsafe extern "C" fn notify_accepted_cas_trampoline<P, F: Fn(&P) + 'static>(
            this: *mut gio_sys::GTlsClientConnection,
            _param_spec: glib_sys::gpointer,
            f: glib_sys::gpointer,
        ) where
            P: IsA<TlsClientConnection>,
        {
            let f: &F = &*(f as *const F);
            f(&TlsClientConnection::from_glib_borrow(this).unsafe_cast())
        }
        unsafe {
            let f: Box_<F> = Box_::new(f);
            connect_raw(
                self.as_ptr() as *mut _,
                b"notify::accepted-cas\0".as_ptr() as *const _,
                Some(transmute(
                    notify_accepted_cas_trampoline::<Self, F> as usize,
                )),
                Box_::into_raw(f),
            )
        }
    }

    fn connect_property_server_identity_notify<F: Fn(&Self) + 'static>(
        &self,
        f: F,
    ) -> SignalHandlerId {
        unsafe extern "C" fn notify_server_identity_trampoline<P, F: Fn(&P) + 'static>(
            this: *mut gio_sys::GTlsClientConnection,
            _param_spec: glib_sys::gpointer,
            f: glib_sys::gpointer,
        ) where
            P: IsA<TlsClientConnection>,
        {
            let f: &F = &*(f as *const F);
            f(&TlsClientConnection::from_glib_borrow(this).unsafe_cast())
        }
        unsafe {
            let f: Box_<F> = Box_::new(f);
            connect_raw(
                self.as_ptr() as *mut _,
                b"notify::server-identity\0".as_ptr() as *const _,
                Some(transmute(
                    notify_server_identity_trampoline::<Self, F> as usize,
                )),
                Box_::into_raw(f),
            )
        }
    }

    fn connect_property_use_ssl3_notify<F: Fn(&Self) + 'static>(&self, f: F) -> SignalHandlerId {
        unsafe extern "C" fn notify_use_ssl3_trampoline<P, F: Fn(&P) + 'static>(
            this: *mut gio_sys::GTlsClientConnection,
            _param_spec: glib_sys::gpointer,
            f: glib_sys::gpointer,
        ) where
            P: IsA<TlsClientConnection>,
        {
            let f: &F = &*(f as *const F);
            f(&TlsClientConnection::from_glib_borrow(this).unsafe_cast())
        }
        unsafe {
            let f: Box_<F> = Box_::new(f);
            connect_raw(
                self.as_ptr() as *mut _,
                b"notify::use-ssl3\0".as_ptr() as *const _,
                Some(transmute(notify_use_ssl3_trampoline::<Self, F> as usize)),
                Box_::into_raw(f),
            )
        }
    }

    fn connect_property_validation_flags_notify<F: Fn(&Self) + 'static>(
        &self,
        f: F,
    ) -> SignalHandlerId {
        unsafe extern "C" fn notify_validation_flags_trampoline<P, F: Fn(&P) + 'static>(
            this: *mut gio_sys::GTlsClientConnection,
            _param_spec: glib_sys::gpointer,
            f: glib_sys::gpointer,
        ) where
            P: IsA<TlsClientConnection>,
        {
            let f: &F = &*(f as *const F);
            f(&TlsClientConnection::from_glib_borrow(this).unsafe_cast())
        }
        unsafe {
            let f: Box_<F> = Box_::new(f);
            connect_raw(
                self.as_ptr() as *mut _,
                b"notify::validation-flags\0".as_ptr() as *const _,
                Some(transmute(
                    notify_validation_flags_trampoline::<Self, F> as usize,
                )),
                Box_::into_raw(f),
            )
        }
    }
}

impl fmt::Display for TlsClientConnection {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        write!(f, "TlsClientConnection")
    }
}