Infinity.CertificateVerify¶
| Subclasses: | None |
|---|
Methods¶
| Inherited: | GObject.Object (37) |
|---|---|
| Structs: | GObject.ObjectClass (5) |
| class | new (xmpp_manager, known_hosts_file) |
checked (connection, result) |
Virtual Methods¶
| Inherited: | GObject.Object (7) |
|---|
do_check_cancelled (connection) |
|
do_check_certificate (connection, certificate_chain, pinned_certificate, flags) |
Properties¶
| Name | Type | Flags | Short Description |
|---|---|---|---|
known-hosts-file |
str |
r/w | File containing certificates of known hosts |
xmpp-manager |
Infinity.XmppManager |
r/w/co | The XMPP manager of registered connections |
Signals¶
| Inherited: | GObject.Object (1) |
|---|
| Name | Short Description |
|---|---|
check-cancelled |
This signal is emitted when a manual certificate check as initiated with the Infinity.CertificateVerify ::check-certificate signal should be cancelled. |
check-certificate |
This signal is emitted every time a certificate presented by a remote host needs to be checked manually. |
Class Details¶
-
class
Infinity.CertificateVerify(**kwargs)¶ Bases: GObject.ObjectAbstract: No Structure: Infinity.CertificateVerifyClassInfinity.CertificateVerifyis an opaque data type. You should only access it via the public API functions.-
classmethod
new(xmpp_manager, known_hosts_file)¶ Parameters: - xmpp_manager (
Infinity.XmppManager) – TheInfinity.XmppManagerwhoseInfinity.XmppConnections to manage the certificates for. - known_hosts_file (
strorNone) – Path pointing to a file that contains certificates of known hosts, orNone.
Returns: A new
Infinity.CertificateVerify.Return type: Creates a new
Infinity.CertificateVerify. For each new client-sideInfinity.XmppConnectionin xmpp_manager, the certificate manager will verify the server’s certificate.If the certificate is contained in known_hosts_file, or is issued by a trusted CA, then the certificate is accepted automatically. Otherwise, the
Infinity.CertificateVerify::check-certificatesignal is emitted for a manual check of the certificate to be performed.- xmpp_manager (
-
checked(connection, result)¶ Parameters: - connection (
Infinity.XmppConnection) – TheInfinity.XmppConnectionwhose certificate has been checked. - result (
bool) –Trueif the certificate of connection should be accepted, orFalseif it should be rejected.
This function should be called as a response to the
Infinity.CertificateVerify::check-certificatesignal being emitted.- connection (
-
do_check_cancelled(connection) virtual¶ Parameters: connection ( Infinity.XmppConnection) –
-
do_check_certificate(connection, certificate_chain, pinned_certificate, flags) virtual¶ Parameters: - connection (
Infinity.XmppConnection) – - certificate_chain (
Infinity.CertificateChain) – - pinned_certificate (
InfGnutls.X509Crt) – - flags (
Infinity.CertificateVerifyFlags) –
- connection (
-
classmethod
Signal Details¶
-
Infinity.CertificateVerify.signals.check_cancelled(certificate_verify, connection)¶ Signal Name: check-cancelledFlags: Parameters: - certificate_verify (
Infinity.CertificateVerify) – The object which received the signal - connection (
Infinity.XmppConnection) – The connection to the remote host whose certificate is being verified.
This signal is emitted when a manual certificate check as initiated with the
Infinity.CertificateVerify::check-certificatesignal should be cancelled. After this signal has been emitted,Infinity.CertificateVerify.checked() should not be called anymore for the specified connection.This typically happens when the connection to the remote host is lost while the certificate check is in progress.
- certificate_verify (
-
Infinity.CertificateVerify.signals.check_certificate(certificate_verify, connection, certificate_chain, pinned_certificate, flags)¶ Signal Name: check-certificateFlags: Parameters: - certificate_verify (
Infinity.CertificateVerify) – The object which received the signal - connection (
Infinity.XmppConnection) – The connection to the remote host whose certificate is being verified. - certificate_chain (
Infinity.CertificateChain) – The certificate chain presented by the remote host. - pinned_certificate (
objectorNone) – The certificate that we have pinned for this host, orNone. - flags (
Infinity.CertificateVerifyFlags) – Flags explaining why this certificate needs to be checked.
This signal is emitted every time a certificate presented by a remote host needs to be checked manually. This happens when the issuer of the certificate is not in the list of trusted CAs, or the certificate was issued for a different hostname than we expected. In this case, if the certificate is accepted manually, it will be pinned, so that next time a connection is made to the same host under the same hostname, the certificate is accepted automatically.
Consumers of this class should listen to this signal and call
Infinity.CertificateVerify.checked() when they finished the manual certificate check.The pinned_certificate instance is valid until either
Infinity.CertificateVerify.checked() is called or theInfinity.CertificateVerify::check-cancelledsignal is emitted.- certificate_verify (
Property Details¶
-
Infinity.CertificateVerify.props.known_hosts_file¶ Name: known-hosts-fileType: strDefault Value: NoneFlags: READABLE,WRITABLEFile containing certificates of known hosts
-
Infinity.CertificateVerify.props.xmpp_manager¶ Name: xmpp-managerType: Infinity.XmppManagerDefault Value: NoneFlags: READABLE,WRITABLE,CONSTRUCT_ONLYThe XMPP manager of registered connections