Interface TlsClientConnection.Builder<B extends Builder<B>>

All Superinterfaces:
BuilderInterface
Enclosing interface:
TlsClientConnection
public static interface TlsClientConnection.Builder<B extends Builder<B>> extends BuilderInterface
Since:
2.28

  • Method Details

    • setServerIdentity

      default B setServerIdentity(SocketConnectable serverIdentity)

      A GSocketConnectable describing the identity of the server that is expected on the other end of the connection.

      If the TlsCertificateFlags.BAD_IDENTITY flag is set in GTlsClientConnection:validation-flags, this object will be used to determine the expected identify of the remote end of the connection; if GTlsClientConnection:server-identity is not set, or does not match the identity presented by the server, then the TlsCertificateFlags.BAD_IDENTITY validation will fail.

      In addition to its use in verifying the server certificate, this is also used to give a hint to the server about what certificate we expect, which is useful for servers that serve virtual hosts.

      Parameters:
      serverIdentity - the value for the server-identity property
      Returns:
      the Builder instance is returned, to allow method chaining
      Since:
      2.28

    • setUseSsl3

      @Deprecated default B setUseSsl3(boolean useSsl3)
      Deprecated.
      SSL 3.0 is insecure.
      SSL 3.0 is no longer supported. See g_tls_client_connection_set_use_ssl3() for details.
      Parameters:
      useSsl3 - the value for the use-ssl3 property
      Returns:
      the Builder instance is returned, to allow method chaining
      Since:
      2.28

    • setValidationFlags

      @Deprecated default B setValidationFlags(Set<TlsCertificateFlags> validationFlags)
      Deprecated.
      Do not attempt to ignore validation errors.

      What steps to perform when validating a certificate received from a server. Server certificates that fail to validate in any of the ways indicated here will be rejected unless the application overrides the default via GTlsConnection::accept-certificate.

      GLib guarantees that if certificate verification fails, at least one flag will be set, but it does not guarantee that all possible flags will be set. Accordingly, you may not safely decide to ignore any particular type of error. For example, it would be incorrect to mask TlsCertificateFlags.EXPIRED if you want to allow expired certificates, because this could potentially be the only error flag set even if other problems exist with the certificate. Therefore, there is no safe way to use this property. This is not a horrible problem, though, because you should not be attempting to ignore validation errors anyway. If you really must ignore TLS certificate errors, connect to GTlsConnection::accept-certificate.

      Parameters:
      validationFlags - the value for the validation-flags property
      Returns:
      the Builder instance is returned, to allow method chaining
      Since:
      2.28

    • setValidationFlags

      @Deprecated default B setValidationFlags(TlsCertificateFlags... validationFlags)
      Deprecated.
      Do not attempt to ignore validation errors.

      What steps to perform when validating a certificate received from a server. Server certificates that fail to validate in any of the ways indicated here will be rejected unless the application overrides the default via GTlsConnection::accept-certificate.

      GLib guarantees that if certificate verification fails, at least one flag will be set, but it does not guarantee that all possible flags will be set. Accordingly, you may not safely decide to ignore any particular type of error. For example, it would be incorrect to mask TlsCertificateFlags.EXPIRED if you want to allow expired certificates, because this could potentially be the only error flag set even if other problems exist with the certificate. Therefore, there is no safe way to use this property. This is not a horrible problem, though, because you should not be attempting to ignore validation errors anyway. If you really must ignore TLS certificate errors, connect to GTlsConnection::accept-certificate.

      Parameters:
      validationFlags - the value for the validation-flags property
      Returns:
      the Builder instance is returned, to allow method chaining
      Since:
      2.28