GNOME Bugzilla – Bug 711231
rtspconnection: allow setting tls certificate validation flags
Last modified: 2013-11-01 15:45:05 UTC
Because of bug 711230, we need a way to set the TLS certificate validatoin flags to be used in a TLS connection.
Created attachment 258692 [details] [review] new function gst_rtsp_connection_set_tls_validation_flags
Review of attachment 258692 [details] [review]: Please get rid of all the unrelated whitespace changes ::: gst-libs/gst/rtsp/gstrtspconnection.c @@ +448,3 @@ +/** + * gst_rtsp_connection_set_tls_validation_flags: Maybe also a getter function for them? @@ +458,3 @@ + * @conn is NULL or is not a TLS connection. + * + * Since: 1.2.1 Will be Since: 1.4.0 probably
Created attachment 258737 [details] [review] tls validation flags setter/getter Let's see now. I've updated to 1.4.0 but it would be nice for 1.2, but it's an API addition...
Review of attachment 258737 [details] [review]: ::: gst-libs/gst/rtsp/gstrtspconnection.c @@ +482,3 @@ + * when a TLS connection is established. + * + * Returns: the validationg flags. If @conn is NULL 0 is returned. As you've used g_return_val_if_fail(), conn==NULL is considered a programming error and should not be mentioned at all in the docs. Same above @@ +491,3 @@ + g_return_val_if_fail (conn != NULL, 0); + + return g_socket_client_get_tls_validation_flags (conn->client); What is this doing if this is not a TLS connection?
Also make it "Since: 1.2.1" please :)
(In reply to comment #4) > Review of attachment 258737 [details] [review]: > > > As you've used g_return_val_if_fail(), conn==NULL is considered a programming > error and should not be mentioned at all in the docs. Same above > OK, didn't notice that convention. Thanks! > @@ +491,3 @@ > + g_return_val_if_fail (conn != NULL, 0); > + > + return g_socket_client_get_tls_validation_flags (conn->client); > > What is this doing if this is not a TLS connection? It just returns the flags that you have set. It doesn't make any check whether the connection is TLS or not. I guess because you can set it later, that is you can set and get the flags and later make the client socket TLS.
Created attachment 258743 [details] [review] tls validation flags setter/getter for 1.2.1
commit 53c7ad0c8723e2bb95aafef6f92ec59de0203d7f Author: Aleix Conchillo Flaque <aleix@oblong.com> Date: Fri Nov 1 07:25:01 2013 -0700 rtspconnection: allow setting tls certificate validation Added new functions gst_rtsp_connection_set_tls_validation_flags() to allow setting the TLS certificate validation flags when establishing a TLS connection. A getter is also available, gst_rtsp_connection_get_tls_validation_flags(). https://bugzilla.gnome.org/show_bug.cgi?id=711231