Change GTlsClientConnection::accepted-cas to contain DER DNs

This property is now a GList of GByteArray values. Each
GByteArray contains the raw DER DN of the certificate authority.
This is far more useful for looking up a certificate (with the
relevant issuer) than a string encoded DN.

https://bugzilla.gnome.org/show_bug.cgi?id=637262

diff --git a/gio/gtlsclientconnection.c b/gio/gtlsclientconnection.c
index 92cd9f5..04e04da 100644 (file)
--- a/gio/gtlsclientconnection.c
+++ b/gio/gtlsclientconnection.c
@@ -133,15 +133,19 @@ g_tls_client_connection_default_init (GTlsClientConnectionInterface *iface)
    * server requests a client certificate during the handshake, then
    * this property will be set after the handshake completes.
    *
+   * Each item in the list is a #GByteArray which contains the complete
+   * subject DN of the certificate authority.
+   *
+   * Type: GList<GByteArray>
+   * Transfer: full
    * Since: 2.28
    */
   g_object_interface_install_property (iface,
-                                      g_param_spec_boxed ("accepted-cas",
-                                                          P_("Accepted CAs"),
-                                                          P_("Distinguished names of the CAs the server accepts certificates from"),
-                                                          G_TYPE_STRV,
-                                                          G_PARAM_READABLE |
-                                                          G_PARAM_STATIC_STRINGS));
+                                      g_param_spec_pointer ("accepted-cas",
+                                                            P_("Accepted CAs"),
+                                                            P_("Distinguished names of the CAs the server accepts certificates from"),
+                                                            G_PARAM_READABLE |
+                                                            G_PARAM_STATIC_STRINGS));
 }
 
 /**
@@ -316,15 +320,19 @@ g_tls_client_connection_set_use_ssl3 (GTlsClientConnection *conn,
  * during the TLS handshake if the server requests a certificate.
  * Otherwise, it will be %NULL.
  *
- * Return value: (transfer full) (array zero-terminated=1): the list
- * of CA names, which you must free (eg, with g_strfreev()).
+ * Each item in the list is a #GByteArray which contains the complete
+ * subject DN of the certificate authority.
+ *
+ * Return value: (element-type GByteArray) (transfer full): the list of
+ * CA DNs. You should unref each element with g_byte_array_unref() and then
+ * the free the list with g_list_free().
  *
  * Since: 2.28
  */
-char **
+GList *
 g_tls_client_connection_get_accepted_cas (GTlsClientConnection *conn)
 {
-  char **accepted_cas = NULL;
+  GList *accepted_cas = NULL;
 
   g_return_val_if_fail (G_IS_TLS_CLIENT_CONNECTION (conn), NULL);
 

diff --git a/gio/gtlsclientconnection.h b/gio/gtlsclientconnection.h
index 2aaaa97..fd6088a 100644 (file)
--- a/gio/gtlsclientconnection.h
+++ b/gio/gtlsclientconnection.h
@@ -65,7 +65,7 @@ void                  g_tls_client_connection_set_server_identity  (GTlsClientCo
 gboolean              g_tls_client_connection_get_use_ssl3         (GTlsClientConnection    *conn);
 void                  g_tls_client_connection_set_use_ssl3         (GTlsClientConnection    *conn,
                                                                    gboolean                 use_ssl3);
-char **               g_tls_client_connection_get_accepted_cas     (GTlsClientConnection    *conn);
+GList *               g_tls_client_connection_get_accepted_cas     (GTlsClientConnection    *conn);
 
 G_END_DECLS