summaryrefslogtreecommitdiff
path: root/src/lib/ecore_con/efl_net_ssl_context.eo
blob: fe543d28ee4008c7833cb86290efba4f0c0b02b6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
import efl_net_ssl_types;

class @beta Efl.Net.Ssl.Context extends Efl.Object {
    [[A SSL Context that is used to start a SSL socket wrapper.

      The context will contain common configurations such as
      certificates, private keys, certificate revocation lists (CRLs),
      certificate authorities (CAs) and so on.

      The method @.setup must be called once before
      @Efl.Object.finalize in order to define the mandatory
      operational parameters.

      Note: All setter methods must be called before @Efl.Object.finalize.
    ]]

    methods {
        @property default_dialer @static {
            [[The default context for dialers.

              It will start with:

               - default_paths_load = true
               - cipher = auto
               - verify_mode = required
               - verify_hostname = true

            ]]
            get { }
            values {
                default_client_context: Efl.Net.Ssl.Context; [[Default SSL context]]
            }
        }

        setup {
            [[Defines the context mandatory operation parameters]]
            params {
                cipher: Efl.Net.Ssl.Cipher; [[Cipher to use, prefer @Efl.Net.Ssl.Cipher.auto]]
                is_dialer: bool; [[If $true, this SSL context is targeted at dialers connecting to a remote serer]]
            }
        }

        @property certificates {
            [[The list of paths to certificates to use.

              Can only be set during object construction!
            ]]
            values {
                paths: iterator<string> @move; [[Path list for certificates]]
            }
        }

        @property private_keys {
            [[The list of paths to private keys to use.

              Can only be set during object construction!
            ]]
            values {
                paths: iterator<string> @move; [[Path list for private keys]]
            }
        }

        @property certificate_revocation_lists {
            [[The list of paths to CRL (certificate revocation list) to use.

              Can only be set during object construction!
            ]]
            values {
                paths: iterator<string> @move; [[Path list for CRL's]]
            }
        }

        @property certificate_authorities {
            [[The list of paths to CA (certificate authoritie) to use.

              Can only be set during object construction!
            ]]
            values {
                paths: iterator<string> @move; [[Path list for CA's]]
            }
        }

        @property default_paths_load {
            [[If $true, will use system's default certificate storage

              Can only be set during object construction!
            ]]
            values {
                default_paths_load: bool; [[$if true use system default paths for loading, $false otherwise]]
            }
        }

        @property verify_mode {
            [[How to verify the remote peer.]]
            values {
                verify_mode: Efl.Net.Ssl.Verify_Mode; [[Remote verification mode]]
            }
        }

        @property hostname_verify {
            [[Defines if hostname should be verified.

              This will check the socket hostname (without the port in
              case of an IP) or the overriden value from
              @.hostname.
            ]]
            values {
                hostname_verify: bool; [[$true if the hostname will be verified, $false otherwise]]
            }
        }

        @property hostname {
            [[Defines the hostname to use for sockets.

              This is useful to avoid replicating a hostname in all
              socket wrapper with hostname_override.

              If $NULL, then sockets wrappers will will fetch from
              adopted socket using address_remote or
              address_dial.

              It's only used if @.hostname_verify is $true.
            ]]
            values {
                hostname: string; [[Hostname for this socket]]
            }
        }
    }

    implements {
        Efl.Object.constructor;
        Efl.Object.destructor;
        Efl.Object.finalize;
    }
}