g_object_interface_install_property (iface, g_param_spec_uint ("timeout",
"Timeout", "RTMP timeout in seconds", 0, G_MAXUINT, DEFAULT_TIMEOUT,
G_PARAM_CONSTRUCT | G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
+ /**
+ * GstRtmpLocationHandler::tls-validation-flags:
+ *
+ * TLS certificate validation flags used to validate server
+ * certificate.
+ *
+ * GLib guarantees that if certificate verification fails, at least one
+ * error will be set, but it does not guarantee that all possible errors
+ * will be set. Accordingly, you may not safely decide to ignore any
+ * particular type of error.
+ *
+ * For example, it would be incorrect to mask %G_TLS_CERTIFICATE_EXPIRED if
+ * you want to allow expired certificates, because this could potentially be
+ * the only error flag set even if other problems exist with the
+ * certificate.
+ */
g_object_interface_install_property (iface,
g_param_spec_flags ("tls-validation-flags", "TLS validation flags",
"TLS validation flags to use", G_TYPE_TLS_CERTIFICATE_FLAGS,
GST_DEBUG ("Configuring TLS, validation flags 0x%02x",
data->location.tls_flags);
g_socket_client_set_tls (socket_client, TRUE);
+ G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
g_socket_client_set_tls_validation_flags (socket_client,
data->location.tls_flags);
+ G_GNUC_END_IGNORE_DEPRECATIONS;
break;
default:
* Sets the TLS validation flags to be used to verify the peer
* certificate when a TLS connection is established.
*
+ * GLib guarantees that if certificate verification fails, at least one error
+ * will be set, but it does not guarantee that all possible errors will be
+ * set. Accordingly, you may not safely decide to ignore any particular type
+ * of error.
+ *
+ * For example, it would be incorrect to mask %G_TLS_CERTIFICATE_EXPIRED if
+ * you want to allow expired certificates, because this could potentially be
+ * the only error flag set even if other problems exist with the certificate.
+ *
* Returns: TRUE if the validation flags are set correctly, or FALSE if
* @conn is NULL or is not a TLS connection.
*
g_return_val_if_fail (conn != NULL, FALSE);
res = g_socket_client_get_tls (conn->client);
+ G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
if (res)
g_socket_client_set_tls_validation_flags (conn->client, flags);
+ G_GNUC_END_IGNORE_DEPRECATIONS;
return res;
}
* Gets the TLS validation flags used to verify the peer certificate
* when a TLS connection is established.
*
- * Returns: the validationg flags.
+ * GLib guarantees that if certificate verification fails, at least one error
+ * will be set, but it does not guarantee that all possible errors will be
+ * set. Accordingly, you may not safely decide to ignore any particular type
+ * of error.
+ *
+ * For example, it would be incorrect to ignore %G_TLS_CERTIFICATE_EXPIRED if
+ * you want to allow expired certificates, because this could potentially be
+ * the only error flag set even if other problems exist with the certificate.
+ *
+ * Returns: the validation flags.
*
* Since: 1.2.1
*/
{
g_return_val_if_fail (conn != NULL, 0);
+ G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
return g_socket_client_get_tls_validation_flags (conn->client);
+ G_GNUC_END_IGNORE_DEPRECATIONS;
}
/**
* TLS certificate validation flags used to validate server
* certificate.
*
+ * GLib guarantees that if certificate verification fails, at least one
+ * error will be set, but it does not guarantee that all possible errors
+ * will be set. Accordingly, you may not safely decide to ignore any
+ * particular type of error.
+ *
+ * For example, it would be incorrect to mask %G_TLS_CERTIFICATE_EXPIRED if
+ * you want to allow expired certificates, because this could potentially be
+ * the only error flag set even if other problems exist with the
+ * certificate.
+ *
* Since: 1.2.1
*/
g_object_class_install_property (gobject_class, PROP_TLS_VALIDATION_FLAGS,
* TLS certificate validation flags used to validate server
* certificate.
*
+ * GLib guarantees that if certificate verification fails, at least one
+ * error will be set, but it does not guarantee that all possible errors
+ * will be set. Accordingly, you may not safely decide to ignore any
+ * particular type of error.
+ *
+ * For example, it would be incorrect to mask %G_TLS_CERTIFICATE_EXPIRED if
+ * you want to allow expired certificates, because this could potentially be
+ * the only error flag set even if other problems exist with the
+ * certificate.
+ *
*/
g_object_class_install_property (gobject_class, PROP_TLS_VALIDATION_FLAGS,
g_param_spec_flags ("tls-validation-flags", "TLS validation flags",