Setting8021x

nm_rs

Struct Setting8021x 

Source 
pub struct Setting8021x { /* private fields */ }
Expand description

IEEE 802.1x Authentication Settings

§Properties

§altsubject-matches

List of strings to be matched against the altSubjectName of the certificate presented by the authentication server. If the list is empty, no verification of the server certificate’s altSubjectName is performed.

Readable | Writeable

§anonymous-identity

Anonymous identity string for EAP authentication methods. Used as the unencrypted identity with EAP types that support different tunneled identity like EAP-TTLS.

Readable | Writeable

§auth-timeout

A timeout for the authentication. Zero means the global default; if the global default is not set, the authentication timeout is 25 seconds.

Readable | Writeable

§ca-cert

Contains the CA certificate if used by the EAP method specified in the #NMSetting8021x:eap property.

Certificate data is specified using a “scheme”; three are currently supported: blob, path and pkcs#11 URL. When using the blob scheme this property should be set to the certificate’s DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string “file://” and ending with a terminating NUL byte. This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended.

Note that enabling NMSetting8021x:system-ca-certs will override this setting to use the built-in path, if the built-in path is not a directory.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_ca_cert() function instead.

Readable | Writeable

§ca-cert-password

The password used to access the CA certificate stored in #NMSetting8021x:ca-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Readable | Writeable

§ca-cert-password-flags

Flags indicating how to handle the #NMSetting8021x:ca-cert-password property.

Readable | Writeable

§ca-path

UTF-8 encoded path to a directory containing PEM or DER formatted certificates to be added to the verification chain in addition to the certificate specified in the #NMSetting8021x:ca-cert property.

If NMSetting8021x:system-ca-certs is enabled and the built-in CA path is an existing directory, then this setting is ignored.

Readable | Writeable

§client-cert

Contains the client certificate if used by the EAP method specified in the #NMSetting8021x:eap property.

Certificate data is specified using a “scheme”; two are currently supported: blob and path. When using the blob scheme (which is backwards compatible with NM 0.7.x) this property should be set to the certificate’s DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string “file://” and ending with a terminating NUL byte.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_client_cert() function instead.

Readable | Writeable

§client-cert-password

The password used to access the client certificate stored in #NMSetting8021x:client-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Readable | Writeable

§client-cert-password-flags

Flags indicating how to handle the #NMSetting8021x:client-cert-password property.

Readable | Writeable

§domain-match

Constraint for server domain name. If set, this list of FQDNs is used as a match requirement for dNSName element(s) of the certificate presented by the authentication server. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using the same comparison. Multiple valid FQDNs can be passed as a “;” delimited list.

Readable | Writeable

§domain-suffix-match

Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for dNSName element(s) of the certificate presented by the authentication server. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. Since version 1.24, multiple valid FQDNs can be passed as a “;” delimited list.

Readable | Writeable

§eap

The allowed EAP method to be used when authenticating to the network with 802.1x. Valid methods are: “leap”, “md5”, “tls”, “peap”, “ttls”, “pwd”, and “fast”. Each method requires different configuration using the properties of this setting; refer to wpa_supplicant documentation for the allowed combinations.

Readable | Writeable

§identity

Identity string for EAP authentication methods. Often the user’s user or login name.

Readable | Writeable

§openssl-ciphers

Define openssl_ciphers for wpa_supplicant. Openssl sometimes moves ciphers among SECLEVELs, thus compiled-in default value in wpa_supplicant (as modified by some linux distributions) sometimes prevents to connect to old servers that do not support new protocols.

Readable | Writeable

§optional

Whether the 802.1X authentication is optional. If true, the activation will continue even after a timeout or an authentication failure. Setting the property to true is currently allowed only for Ethernet connections. If set to false, the activation can continue only after a successful authentication.

Readable | Writeable

§pac-file

UTF-8 encoded file path containing PAC for EAP-FAST.

Readable | Writeable

§password

UTF-8 encoded password used for EAP authentication methods. If both the #NMSetting8021x:password property and the #NMSetting8021x:password-raw property are specified, #NMSetting8021x:password is preferred.

Readable | Writeable

§password-flags

Flags indicating how to handle the #NMSetting8021x:password property.

Readable | Writeable

§password-raw

Password used for EAP authentication methods, given as a byte array to allow passwords in other encodings than UTF-8 to be used. If both the #NMSetting8021x:password property and the #NMSetting8021x:password-raw property are specified, #NMSetting8021x:password is preferred.

Readable | Writeable

§password-raw-flags

Flags indicating how to handle the #NMSetting8021x:password-raw property.

Readable | Writeable

§phase1-auth-flags

Specifies authentication flags to use in “phase 1” outer authentication using #NMSetting8021xAuthFlags options. The individual TLS versions can be explicitly disabled. TLS time checks can be also disabled. If a certain TLS disable flag is not set, it is up to the supplicant to allow or forbid it. The TLS options map to tls_disable_tlsv1_x and tls_disable_time_checks settings. See the wpa_supplicant documentation for more details.

Readable | Writeable

§phase1-fast-provisioning

Enables or disables in-line provisioning of EAP-FAST credentials when FAST is specified as the EAP method in the #NMSetting8021x:eap property. Recognized values are “0” (disabled), “1” (allow unauthenticated provisioning), “2” (allow authenticated provisioning), and “3” (allow both authenticated and unauthenticated provisioning). See the wpa_supplicant documentation for more details.

Readable | Writeable

§phase1-peaplabel

Forces use of the new PEAP label during key derivation. Some RADIUS servers may require forcing the new PEAP label to interoperate with PEAPv1. Set to “1” to force use of the new PEAP label. See the wpa_supplicant documentation for more details.

Readable | Writeable

§phase1-peapver

Forces which PEAP version is used when PEAP is set as the EAP method in the #NMSetting8021x:eap property. When unset, the version reported by the server will be used. Sometimes when using older RADIUS servers, it is necessary to force the client to use a particular PEAP version. To do so, this property may be set to “0” or “1” to force that specific PEAP version.

Readable | Writeable

§phase2-altsubject-matches

List of strings to be matched against the altSubjectName of the certificate presented by the authentication server during the inner “phase 2” authentication. If the list is empty, no verification of the server certificate’s altSubjectName is performed.

Readable | Writeable

§phase2-auth

Specifies the allowed “phase 2” inner authentication method when an EAP method that uses an inner TLS tunnel is specified in the #NMSetting8021x:eap property. For TTLS this property selects one of the supported non-EAP inner methods: “pap”, “chap”, “mschap”, “mschapv2” while #NMSetting8021x:phase2-autheap selects an EAP inner method. For PEAP this selects an inner EAP method, one of: “gtc”, “otp”, “md5” and “tls”. Each “phase 2” inner method requires specific parameters for successful authentication; see the wpa_supplicant documentation for more details. Both #NMSetting8021x:phase2-auth and #NMSetting8021x:phase2-autheap cannot be specified.

Readable | Writeable

§phase2-autheap

Specifies the allowed “phase 2” inner EAP-based authentication method when TTLS is specified in the #NMSetting8021x:eap property. Recognized EAP-based “phase 2” methods are “md5”, “mschapv2”, “otp”, “gtc”, and “tls”. Each “phase 2” inner method requires specific parameters for successful authentication; see the wpa_supplicant documentation for more details.

Readable | Writeable

§phase2-ca-cert

Contains the “phase 2” CA certificate if used by the EAP method specified in the #NMSetting8021x:phase2-auth or #NMSetting8021x:phase2-autheap properties.

Certificate data is specified using a “scheme”; three are currently supported: blob, path and pkcs#11 URL. When using the blob scheme this property should be set to the certificate’s DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string “file://” and ending with a terminating NUL byte. This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended.

Note that enabling NMSetting8021x:system-ca-certs will override this setting to use the built-in path, if the built-in path is not a directory.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_phase2_ca_cert() function instead.

Readable | Writeable

§phase2-ca-cert-password

The password used to access the “phase2” CA certificate stored in #NMSetting8021x:phase2-ca-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Readable | Writeable

§phase2-ca-cert-password-flags

Flags indicating how to handle the #NMSetting8021x:phase2-ca-cert-password property.

Readable | Writeable

§phase2-ca-path

UTF-8 encoded path to a directory containing PEM or DER formatted certificates to be added to the verification chain in addition to the certificate specified in the #NMSetting8021x:phase2-ca-cert property.

If NMSetting8021x:system-ca-certs is enabled and the built-in CA path is an existing directory, then this setting is ignored.

Readable | Writeable

§phase2-client-cert

Contains the “phase 2” client certificate if used by the EAP method specified in the #NMSetting8021x:phase2-auth or #NMSetting8021x:phase2-autheap properties.

Certificate data is specified using a “scheme”; two are currently supported: blob and path. When using the blob scheme (which is backwards compatible with NM 0.7.x) this property should be set to the certificate’s DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string “file://” and ending with a terminating NUL byte. This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_phase2_client_cert() function instead.

Readable | Writeable

§phase2-client-cert-password

The password used to access the “phase2” client certificate stored in #NMSetting8021x:phase2-client-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Readable | Writeable

§phase2-client-cert-password-flags

Flags indicating how to handle the #NMSetting8021x:phase2-client-cert-password property.

Readable | Writeable

§phase2-domain-match

Constraint for server domain name. If set, this list of FQDNs is used as a match requirement for dNSName element(s) of the certificate presented by the authentication server during the inner “phase 2” authentication. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using the same comparison. Multiple valid FQDNs can be passed as a “;” delimited list.

Readable | Writeable

§phase2-domain-suffix-match

Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for dNSName element(s) of the certificate presented by the authentication server during the inner “phase 2” authentication. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. Since version 1.24, multiple valid FQDNs can be passed as a “;” delimited list.

Readable | Writeable

§phase2-private-key

Contains the “phase 2” inner private key when the #NMSetting8021x:phase2-auth or #NMSetting8021x:phase2-autheap property is set to “tls”.

Key data is specified using a “scheme”; two are currently supported: blob and path. When using the blob scheme and private keys, this property should be set to the key’s encrypted PEM encoded data. When using private keys with the path scheme, this property should be set to the full UTF-8 encoded path of the key, prefixed with the string “file://” and ending with a terminating NUL byte. When using PKCS#12 format private keys and the blob scheme, this property should be set to the PKCS#12 data and the #NMSetting8021x:phase2-private-key-password property must be set to password used to decrypt the PKCS#12 certificate and key. When using PKCS#12 files and the path scheme, this property should be set to the full UTF-8 encoded path of the key, prefixed with the string “file://” and ending with a terminating NUL byte, and as with the blob scheme the #NMSetting8021x:phase2-private-key-password property must be set to the password used to decode the PKCS#12 private key and certificate.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_phase2_private_key() function instead.

Readable | Writeable

§phase2-private-key-password

The password used to decrypt the “phase 2” private key specified in the #NMSetting8021x:phase2-private-key property when the private key either uses the path scheme, or is a PKCS#12 format key. Setting this property directly is not generally necessary except when returning secrets to NetworkManager; it is generally set automatically when setting the private key by the nm_setting_802_1x_set_phase2_private_key() function.

Readable | Writeable

§phase2-private-key-password-flags

Flags indicating how to handle the #NMSetting8021x:phase2-private-key-password property.

Readable | Writeable

§phase2-subject-match

Substring to be matched against the subject of the certificate presented by the authentication server during the inner “phase 2” authentication. When unset, no verification of the authentication server certificate’s subject is performed. This property provides little security, if any, and should not be used.

Readable | Writeable

§pin

PIN used for EAP authentication methods.

Readable | Writeable

§pin-flags

Flags indicating how to handle the #NMSetting8021x:pin property.

Readable | Writeable

§private-key

Contains the private key when the #NMSetting8021x:eap property is set to “tls”.

Key data is specified using a “scheme”; two are currently supported: blob and path. When using the blob scheme and private keys, this property should be set to the key’s encrypted PEM encoded data. When using private keys with the path scheme, this property should be set to the full UTF-8 encoded path of the key, prefixed with the string “file://” and ending with a terminating NUL byte. When using PKCS#12 format private keys and the blob scheme, this property should be set to the PKCS#12 data and the #NMSetting8021x:private-key-password property must be set to password used to decrypt the PKCS#12 certificate and key. When using PKCS#12 files and the path scheme, this property should be set to the full UTF-8 encoded path of the key, prefixed with the string “file://” and ending with a terminating NUL byte, and as with the blob scheme the “private-key-password” property must be set to the password used to decode the PKCS#12 private key and certificate.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_private_key() function instead.

WARNING: #NMSetting8021x:private-key is not a “secret” property, and thus unencrypted private key data using the BLOB scheme may be readable by unprivileged users. Private keys should always be encrypted with a private key password to prevent unauthorized access to unencrypted private key data.

Readable | Writeable

§private-key-password

The password used to decrypt the private key specified in the #NMSetting8021x:private-key property when the private key either uses the path scheme, or if the private key is a PKCS#12 format key. Setting this property directly is not generally necessary except when returning secrets to NetworkManager; it is generally set automatically when setting the private key by the nm_setting_802_1x_set_private_key() function.

Readable | Writeable

§private-key-password-flags

Flags indicating how to handle the #NMSetting8021x:private-key-password property.

Readable | Writeable

§subject-match

Substring to be matched against the subject of the certificate presented by the authentication server. When unset, no verification of the authentication server certificate’s subject is performed. This property provides little security, if any, and should not be used.

Readable | Writeable

§system-ca-certs

When true, overrides the #NMSetting8021x:ca-path and #NMSetting8021x:phase2-ca-path properties using the system CA directory specified at configure time with the –system-ca-path switch. The certificates in this directory are added to the verification chain in addition to any certificates specified by the #NMSetting8021x:ca-cert and #NMSetting8021x:phase2-ca-cert properties. If the path provided with –system-ca-path is rather a file name (bundle of trusted CA certificates), it overrides #NMSetting8021x:ca-cert and #NMSetting8021x:phase2-ca-cert properties instead (sets ca_cert/ca_cert2 options for wpa_supplicant).

Readable | Writeable

Setting
§name

The setting’s name, which uniquely identifies the setting within the connection. Each setting type has a name unique to that type, for example “ppp” or “802-11-wireless” or “802-3-ethernet”.

Readable

§Implements

SettingExt

GLib type: GObject with reference counted clone semantics.

Implementations§

Source§

impl Setting8021x

Source

pub fn new() -> Setting8021x

Creates a new #NMSetting8021x object with default values.

§Returns

the new empty #NMSetting8021x object

Source

pub fn builder() -> Setting8021xBuilder

Creates a new builder-pattern struct instance to construct Setting8021x objects.

This method returns an instance of Setting8021xBuilder which can be used to create Setting8021x objects.

Source

pub fn add_altsubject_match(&self, altsubject_match: &str) -> bool

Adds an allowed alternate subject name match. Until at least one match is added, the altSubjectName of the remote authentication server is not verified.

§altsubject_match

the altSubjectName to allow for this connection

§Returns

true if the alternative subject name match was successfully added, false if it was already allowed.

Source

pub fn add_eap_method(&self, eap: &str) -> bool

Adds an allowed EAP method. The setting is not valid until at least one EAP method has been added. See #NMSetting8021x:eap property for a list of allowed EAP methods.

§eap

the name of the EAP method to allow for this connection

§Returns

true if the EAP method was successfully added, false if it was not a valid method or if it was already allowed.

Source

pub fn add_phase2_altsubject_match(&self, phase2_altsubject_match: &str) -> bool

Adds an allowed alternate subject name match for “phase 2”. Until at least one match is added, the altSubjectName of the “phase 2” remote authentication server is not verified.

§phase2_altsubject_match

the “phase 2” altSubjectName to allow for this connection

§Returns

true if the “phase 2” alternative subject name match was successfully added, false if it was already allowed.

Source

pub fn clear_altsubject_matches(&self)

Clears all altSubjectName matches.

Source

pub fn clear_eap_methods(&self)

Clears all allowed EAP methods.

Source

pub fn clear_phase2_altsubject_matches(&self)

Clears all “phase 2” altSubjectName matches.

Source

pub fn altsubject_match(&self, i: u32) -> GString

Returns the altSubjectName match at index @i.

§i

the zero-based index of the array of altSubjectName matches

§Returns

the altSubjectName match at index @i

Source

pub fn anonymous_identity(&self) -> GString

Returns the anonymous identifier used by some EAP methods (like TTLS) to authenticate the user in the outer unencrypted “phase 1” authentication. The inner “phase 2” authentication will use the #NMSetting8021x:identity in a secure form, if applicable for that EAP method.

§Returns

the anonymous identifier

Source

pub fn auth_timeout(&self) -> i32

Available on crate feature v1_8 only.

Returns the value contained in the #NMSetting8021x:auth-timeout property.

§Returns

the configured authentication timeout in seconds. Zero means the global default value.

Source

pub fn ca_cert_password(&self) -> GString

Available on crate feature v1_8 only.
§Returns

the password used to access the CA certificate stored in #NMSetting8021x:ca-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Source

pub fn ca_cert_password_flags(&self) -> SettingSecretFlags

Available on crate feature v1_8 only.
§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:ca-cert-password

Source

pub fn ca_cert_path(&self) -> GString

Returns the CA certificate path if the CA certificate is stored using the Setting8021xCKScheme::Path scheme. Not all EAP methods use a CA certificate (LEAP for example), and those that can take advantage of the CA certificate allow it to be unset. Note that lack of a CA certificate reduces security by allowing man-in-the-middle attacks, because the identity of the network cannot be confirmed by the client.

§Returns

path to the CA certificate file

Source

pub fn ca_cert_scheme(&self) -> Setting8021xCKScheme

Returns the scheme used to store the CA certificate. If the returned scheme is Setting8021xCKScheme::Blob, use nm_setting_802_1x_get_ca_cert_blob(); if Setting8021xCKScheme::Path, use nm_setting_802_1x_get_ca_cert_path(); if Setting8021xCKScheme::Pkcs11, use nm_setting_802_1x_get_ca_cert_uri().

§Returns

scheme used to store the CA certificate (blob or path)

Source

pub fn ca_cert_uri(&self) -> GString

Available on crate feature v1_6 only.

Returns the CA certificate URI analogously to nm_setting_802_1x_get_ca_cert_blob() and nm_setting_802_1x_get_ca_cert_path().

Currently, it’s limited to PKCS#11 URIs (‘pkcs11’ scheme as defined by RFC 7512), but may be extended to other schemes in future (such as ‘file’ URIs for local files and ‘data’ URIs for inline certificate data).

§Returns

the URI string

Source

pub fn ca_path(&self) -> GString

Returns the path of the CA certificate directory if previously set. Systems will often have a directory that contains multiple individual CA certificates which the supplicant can then add to the verification chain. This may be used in addition to the #NMSetting8021x:ca-cert property to add more CA certificates for verifying the network to client.

§Returns

the CA certificate directory path

Source

pub fn client_cert_password(&self) -> GString

Available on crate feature v1_8 only.
§Returns

the password used to access the client certificate stored in #NMSetting8021x:client-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Source

pub fn client_cert_password_flags(&self) -> SettingSecretFlags

Available on crate feature v1_8 only.
§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:client-cert-password

Source

pub fn client_cert_path(&self) -> GString

Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the “phase 1” or “phase 2” 802.1x authentication method.

§Returns

path to the client certificate file

Source

pub fn client_cert_scheme(&self) -> Setting8021xCKScheme

Returns the scheme used to store the client certificate. If the returned scheme is Setting8021xCKScheme::Blob, use nm_setting_802_1x_get_client_cert_blob(); if Setting8021xCKScheme::Path, use nm_setting_802_1x_get_client_cert_path(); if Setting8021xCKScheme::Pkcs11, use nm_setting_802_1x_get_client_cert_uri().

§Returns

scheme used to store the client certificate (blob or path)

Source

pub fn client_cert_uri(&self) -> GString

Available on crate feature v1_6 only.

Returns the client certificate URI analogously to nm_setting_802_1x_get_client_cert_blob() and nm_setting_802_1x_get_client_cert_path().

Currently, it’s limited to PKCS#11 URIs (‘pkcs11’ scheme as defined by RFC 7512), but may be extended to other schemes in future (such as ‘file’ URIs for local files and ‘data’ URIs for inline certificate data).

§Returns

the URI string

Source

pub fn domain_suffix_match(&self) -> GString

Available on crate feature v1_2 only.
§Returns

the #NMSetting8021x:domain-suffix-match property.

Source

pub fn eap_method(&self, i: u32) -> GString

Returns the name of the allowed EAP method at index @i.

§i

the index of the EAP method name to return

§Returns

the name of the allowed EAP method at index @i

Source

pub fn identity(&self) -> GString

Returns the identifier used by some EAP methods (like TLS) to authenticate the user. Often this is a username or login name.

§Returns

the user identifier

Source

pub fn num_altsubject_matches(&self) -> u32

Returns the number of entries in the #NMSetting8021x:altsubject-matches property of this setting.

§Returns

the number of altsubject-matches entries.

Source

pub fn num_eap_methods(&self) -> u32

Returns the number of eap methods allowed for use when connecting to the network. Generally only one EAP method is used. Use the functions nm_setting_802_1x_get_eap_method(), nm_setting_802_1x_add_eap_method(), and nm_setting_802_1x_remove_eap_method() for adding, removing, and retrieving allowed EAP methods.

§Returns

the number of allowed EAP methods

Source

pub fn num_phase2_altsubject_matches(&self) -> u32

Returns the number of entries in the #NMSetting8021x:phase2-altsubject-matches property of this setting.

§Returns

the number of phase2-altsubject-matches entries.

Source

pub fn pac_file(&self) -> GString

Returns the file containing PAC credentials used by EAP-FAST method.

§Returns

the PAC file

Source

pub fn password(&self) -> GString

§Returns

the password used by the authentication method, if any, as specified by the #NMSetting8021x:password property

Source

pub fn password_flags(&self) -> SettingSecretFlags

§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:password

Source

pub fn password_raw_flags(&self) -> SettingSecretFlags

§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:password-raw

Source

pub fn phase1_auth_flags(&self) -> Setting8021xAuthFlags

Available on crate feature v1_8 only.
§Returns

the authentication flags for “phase 1”.

Source

pub fn phase1_fast_provisioning(&self) -> GString

§Returns

whether “phase 1” PEAP fast provisioning should be used, as specified by the #NMSetting8021x:phase1-fast-provisioning property. See the wpa_supplicant documentation for more details.

Source

pub fn phase1_peaplabel(&self) -> GString

§Returns

whether the “phase 1” PEAP label is new-style or old-style, to be used when authenticating with EAP-PEAP, as contained in the #NMSetting8021x:phase1-peaplabel property. Valid values are None (unset), “0” (use old-style label), and “1” (use new-style label). See the wpa_supplicant documentation for more details.

Source

pub fn phase1_peapver(&self) -> GString

§Returns

the “phase 1” PEAP version to be used when authenticating with EAP-PEAP as contained in the #NMSetting8021x:phase1-peapver property. Valid values are None (unset), “0” (PEAP version 0), and “1” (PEAP version 1).

Source

pub fn phase2_altsubject_match(&self, i: u32) -> GString

Returns the “phase 2” altSubjectName match at index @i.

§i

the zero-based index of the array of “phase 2” altSubjectName matches

§Returns

the “phase 2” altSubjectName match at index @i

Source

pub fn phase2_auth(&self) -> GString

§Returns

the “phase 2” non-EAP (ex MD5) allowed authentication method as specified by the #NMSetting8021x:phase2-auth property.

Source

pub fn phase2_autheap(&self) -> GString

§Returns

the “phase 2” EAP-based (ex TLS) allowed authentication method as specified by the #NMSetting8021x:phase2-autheap property.

Source

pub fn phase2_ca_cert_password(&self) -> GString

Available on crate feature v1_8 only.
§Returns

the password used to access the “phase2” CA certificate stored in #NMSetting8021x:phase2-ca-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Source

pub fn phase2_ca_cert_password_flags(&self) -> SettingSecretFlags

Available on crate feature v1_8 only.
§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:phase2-private-key-password

Source

pub fn phase2_ca_cert_path(&self) -> GString

Returns the “phase 2” CA certificate path if the CA certificate is stored using the Setting8021xCKScheme::Path scheme. Not all EAP methods use a CA certificate (LEAP for example), and those that can take advantage of the CA certificate allow it to be unset. Note that lack of a CA certificate reduces security by allowing man-in-the-middle attacks, because the identity of the network cannot be confirmed by the client.

§Returns

path to the “phase 2” CA certificate file

Source

pub fn phase2_ca_cert_scheme(&self) -> Setting8021xCKScheme

Returns the scheme used to store the “phase 2” CA certificate. If the returned scheme is Setting8021xCKScheme::Blob, use nm_setting_802_1x_get_ca_cert_blob(); if Setting8021xCKScheme::Path, use nm_setting_802_1x_get_ca_cert_path(); if Setting8021xCKScheme::Pkcs11, use nm_setting_802_1x_get_ca_cert_uri().

§Returns

scheme used to store the “phase 2” CA certificate (blob or path)

Source

pub fn phase2_ca_cert_uri(&self) -> GString

Available on crate feature v1_6 only.

Returns the “phase 2” CA certificate URI analogously to nm_setting_802_1x_get_phase2_ca_cert_blob() and nm_setting_802_1x_get_phase2_ca_cert_path().

Currently, it’s limited to PKCS#11 URIs (‘pkcs11’ scheme as defined by RFC 7512), but may be extended to other schemes in future (such as ‘file’ URIs for local files and ‘data’ URIs for inline certificate data).

§Returns

the URI string

Source

pub fn phase2_ca_path(&self) -> GString

Returns the path of the “phase 2” CA certificate directory if previously set. Systems will often have a directory that contains multiple individual CA certificates which the supplicant can then add to the verification chain. This may be used in addition to the #NMSetting8021x:phase2-ca-cert property to add more CA certificates for verifying the network to client.

§Returns

the “phase 2” CA certificate directory path

Source

pub fn phase2_client_cert_password(&self) -> GString

Available on crate feature v1_8 only.
§Returns

the password used to access the “phase2” client certificate stored in #NMSetting8021x:phase2-client-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Source

pub fn phase2_client_cert_password_flags(&self) -> SettingSecretFlags

Available on crate feature v1_8 only.
§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:phase2-client-cert-password

Source

pub fn phase2_client_cert_path(&self) -> GString

Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the “phase 1” or “phase 2” 802.1x authentication method.

§Returns

path to the “phase 2” client certificate file

Source

pub fn phase2_client_cert_scheme(&self) -> Setting8021xCKScheme

Returns the scheme used to store the “phase 2” client certificate. If the returned scheme is Setting8021xCKScheme::Blob, use nm_setting_802_1x_get_client_cert_blob(); if Setting8021xCKScheme::Path, use nm_setting_802_1x_get_client_cert_path(); if Setting8021xCKScheme::Pkcs11, use nm_setting_802_1x_get_client_cert_uri().

§Returns

scheme used to store the “phase 2” client certificate (blob or path)

Source

pub fn phase2_client_cert_uri(&self) -> GString

Available on crate feature v1_6 only.

Returns the “phase 2” client certificate URI analogously to nm_setting_802_1x_get_phase2_ca_cert_blob() and nm_setting_802_1x_get_phase2_ca_cert_path().

Currently, it’s limited to PKCS#11 URIs (‘pkcs11’ scheme as defined by RFC 7512), but may be extended to other schemes in future (such as ‘file’ URIs for local files and ‘data’ URIs for inline certificate data).

§Returns

the URI string

Source

pub fn phase2_domain_suffix_match(&self) -> GString

Available on crate feature v1_2 only.
§Returns

the #NMSetting8021x:phase2-domain-suffix-match property.

Source

pub fn phase2_private_key_format(&self) -> Setting8021xCKFormat

§Returns

the data format of the “phase 2” private key data stored in the #NMSetting8021x:phase2-private-key property

Source

pub fn phase2_private_key_password(&self) -> GString

§Returns

the private key password used to decrypt the private key if previously set with nm_setting_802_1x_set_phase2_private_key() or the #NMSetting8021x:phase2-private-key-password property.

Source

pub fn phase2_private_key_password_flags(&self) -> SettingSecretFlags

§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:phase2-private-key-password

Source

pub fn phase2_private_key_path(&self) -> GString

Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the “phase 1” or “phase 2” 802.1x authentication method.

§Returns

path to the “phase 2” private key file

Source

pub fn phase2_private_key_scheme(&self) -> Setting8021xCKScheme

Returns the scheme used to store the “phase 2” private key. If the returned scheme is Setting8021xCKScheme::Blob, use nm_setting_802_1x_get_client_cert_blob(); if Setting8021xCKScheme::Path, use nm_setting_802_1x_get_client_cert_path(); if Setting8021xCKScheme::Pkcs11, use nm_setting_802_1x_get_client_cert_uri().

§Returns

scheme used to store the “phase 2” private key (blob or path)

Source

pub fn phase2_private_key_uri(&self) -> GString

Available on crate feature v1_6 only.

Returns the “phase 2” private key URI analogously to nm_setting_802_1x_get_phase2_private_key_blob() and nm_setting_802_1x_get_phase2_private_key_path().

Currently, it’s limited to PKCS#11 URIs (‘pkcs11’ scheme as defined by RFC 7512), but may be extended to other schemes in future (such as ‘file’ URIs for local files and ‘data’ URIs for inline certificate data).

§Returns

the URI string

Source

pub fn phase2_subject_match(&self) -> GString

§Returns

the #NMSetting8021x:phase2-subject-match property. This is the substring to be matched against the subject of the “phase 2” authentication server certificate, or None no subject verification is to be performed.

Source

pub fn pin(&self) -> GString

§Returns

the PIN used by the authentication method, if any, as specified by the #NMSetting8021x:pin property

Source

pub fn pin_flags(&self) -> SettingSecretFlags

§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:pin

Source

pub fn private_key_format(&self) -> Setting8021xCKFormat

§Returns

the data format of the private key data stored in the #NMSetting8021x:private-key property

Source

pub fn private_key_password(&self) -> GString

§Returns

the private key password used to decrypt the private key if previously set with nm_setting_802_1x_set_private_key(), or the #NMSetting8021x:private-key-password property.

Source

pub fn private_key_password_flags(&self) -> SettingSecretFlags

§Returns

the #NMSettingSecretFlags pertaining to the #NMSetting8021x:private-key-password

Source

pub fn private_key_path(&self) -> GString

Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the “phase 1” or “phase 2” 802.1x authentication method.

§Returns

path to the private key file

Source

pub fn private_key_scheme(&self) -> Setting8021xCKScheme

Returns the scheme used to store the private key. If the returned scheme is Setting8021xCKScheme::Blob, use nm_setting_802_1x_get_client_cert_blob(); if Setting8021xCKScheme::Path, use nm_setting_802_1x_get_client_cert_path(); if Setting8021xCKScheme::Pkcs11, use nm_setting_802_1x_get_client_cert_uri().

§Returns

scheme used to store the private key (blob or path)

Source

pub fn private_key_uri(&self) -> GString

Available on crate feature v1_6 only.

Returns the private key URI analogously to nm_setting_802_1x_get_private_key_blob() and nm_setting_802_1x_get_private_key_path().

Currently, it’s limited to PKCS#11 URIs (‘pkcs11’ scheme as defined by RFC 7512), but may be extended to other schemes in future (such as ‘file’ URIs for local files and ‘data’ URIs for inline certificate data).

§Returns

the URI string

Source

pub fn subject_match(&self) -> GString

§Returns

the #NMSetting8021x:subject-match property. This is the substring to be matched against the subject of the authentication server certificate, or None no subject verification is to be performed.

Source

pub fn is_system_ca_certs(&self) -> bool

Sets the #NMSetting8021x:system-ca-certs property. The #NMSetting8021x:ca-path and #NMSetting8021x:phase2-ca-path properties are ignored if the #NMSetting8021x:system-ca-certs property is true, in which case a system-wide CA certificate directory specified at compile time (using the –system-ca-path configure option) is used in place of these properties.

§Returns

true if a system CA certificate path should be used, false if not

Source

pub fn remove_altsubject_match(&self, i: u32)

Removes the allowed altSubjectName at the specified index.

§i

the index of the altSubjectName match to remove

Source

pub fn remove_altsubject_match_by_value(&self, altsubject_match: &str) -> bool

Removes the allowed altSubjectName @altsubject_match.

§altsubject_match

the altSubjectName to remove

§Returns

true if the alternative subject name match was found and removed, false if it was not.

Source

pub fn remove_eap_method(&self, i: u32)

Removes the allowed EAP method at the specified index.

§i

the index of the EAP method to remove

Source

pub fn remove_eap_method_by_value(&self, eap: &str) -> bool

Removes the allowed EAP method @method.

§eap

the name of the EAP method to remove

§Returns

true if the EAP method was founs and removed, false if it was not.

Source

pub fn remove_phase2_altsubject_match(&self, i: u32)

Removes the allowed “phase 2” altSubjectName at the specified index.

§i

the index of the “phase 2” altSubjectName match to remove

Source

pub fn remove_phase2_altsubject_match_by_value( &self, phase2_altsubject_match: &str, ) -> bool

Removes the allowed “phase 2” altSubjectName @phase2_altsubject_match.

§phase2_altsubject_match

the “phase 2” altSubjectName to remove

§Returns

true if the alternative subject name match for “phase 2” was found and removed, false if it was not.

Source

pub fn set_ca_cert( &self, value: &str, scheme: Setting8021xCKScheme, out_format: Setting8021xCKFormat, ) -> Result<(), Error>

Reads a certificate from disk and sets the #NMSetting8021x:ca-cert property with the raw certificate data if using the Setting8021xCKScheme::Blob scheme, or with the path to the certificate file if using the Setting8021xCKScheme::Path scheme.

§value

when @scheme is set to either Setting8021xCKScheme::Path or Setting8021xCKScheme::Blob, pass the path of the CA certificate file (PEM or DER format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing None with any @scheme clears the CA certificate.

§scheme

desired storage scheme for the certificate

§out_format

on successful return, the type of the certificate added

§Returns

true if the operation succeeded, false if it was unsuccessful

Source

pub fn set_client_cert( &self, value: &str, scheme: Setting8021xCKScheme, out_format: Setting8021xCKFormat, ) -> Result<(), Error>

Reads a certificate from disk and sets the #NMSetting8021x:client-cert property with the raw certificate data if using the Setting8021xCKScheme::Blob scheme, or with the path to the certificate file if using the Setting8021xCKScheme::Path scheme.

Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the “phase 1” or “phase 2” 802.1x authentication method.

§value

when @scheme is set to either Setting8021xCKScheme::Path or Setting8021xCKScheme::Blob, pass the path of the client certificate file (PEM, DER, or PKCS#12 format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing None with any @scheme clears the client certificate.

§scheme

desired storage scheme for the certificate

§out_format

on successful return, the type of the certificate added

§Returns

true if the operation succeeded, false if it was unsuccessful

Source

pub fn set_phase2_ca_cert( &self, value: &str, scheme: Setting8021xCKScheme, out_format: Setting8021xCKFormat, ) -> Result<(), Error>

Reads a certificate from disk and sets the #NMSetting8021x:phase2-ca-cert property with the raw certificate data if using the Setting8021xCKScheme::Blob scheme, or with the path to the certificate file if using the Setting8021xCKScheme::Path scheme.

§value

when @scheme is set to either Setting8021xCKScheme::Path or Setting8021xCKScheme::Blob, pass the path of the “phase2” CA certificate file (PEM or DER format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing None with any @scheme clears the “phase2” CA certificate.

§scheme

desired storage scheme for the certificate

§out_format

on successful return, the type of the certificate added

§Returns

true if the operation succeeded, false if it was unsuccessful

Source

pub fn set_phase2_client_cert( &self, value: &str, scheme: Setting8021xCKScheme, out_format: Setting8021xCKFormat, ) -> Result<(), Error>

Reads a certificate from disk and sets the #NMSetting8021x:phase2-client-cert property with the raw certificate data if using the Setting8021xCKScheme::Blob scheme, or with the path to the certificate file if using the Setting8021xCKScheme::Path scheme.

Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the “phase 1” or “phase 2” 802.1x authentication method.

§value

when @scheme is set to either Setting8021xCKScheme::Path or Setting8021xCKScheme::Blob, pass the path of the “phase2” client certificate file (PEM, DER, or PKCS#12 format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing None with any @scheme clears the “phase2” client certificate.

§scheme

desired storage scheme for the certificate

§out_format

on successful return, the type of the certificate added

§Returns

true if the operation succeeded, false if it was unsuccessful

Source

pub fn set_phase2_private_key( &self, value: &str, password: &str, scheme: Setting8021xCKScheme, out_format: Setting8021xCKFormat, ) -> Result<(), Error>

Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the “phase 1” or “phase 2” 802.1x authentication method.

This function reads a private key from disk and sets the #NMSetting8021x:phase2-private-key property with the private key file data if using the Setting8021xCKScheme::Blob scheme, or with the path to the private key file if using the Setting8021xCKScheme::Path scheme.

If @password is given, this function attempts to decrypt the private key to verify that @password is correct, and if it is, updates the #NMSetting8021x:phase2-private-key-password property with the given @password. If the decryption is unsuccessful, false is returned, @error is set, and no internal data is changed. If no @password is given, the private key is assumed to be valid, no decryption is performed, and the password may be set at a later time.

WARNING: the “phase2” private key property is not a “secret” property, and thus unencrypted private key data using the BLOB scheme may be readable by unprivileged users. Private keys should always be encrypted with a private key password to prevent unauthorized access to unencrypted private key data.

§value

when @scheme is set to either Setting8021xCKScheme::Path or Setting8021xCKScheme::Blob, pass the path of the “phase2” private key file (PEM, DER, or PKCS#12 format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing None with any @scheme clears the private key.

§password

password used to decrypt the private key, or None if the password is unknown. If the password is given but fails to decrypt the private key, an error is returned.

§scheme

desired storage scheme for the private key

§out_format

on successful return, the type of the private key added

§Returns

true if the operation succeeded, false if it was unsuccessful

Source

pub fn set_private_key( &self, value: &str, password: &str, scheme: Setting8021xCKScheme, out_format: Setting8021xCKFormat, ) -> Result<(), Error>

Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the “phase 1” or “phase 2” 802.1x authentication method.

This function reads a private key from disk and sets the #NMSetting8021x:private-key property with the private key file data if using the Setting8021xCKScheme::Blob scheme, or with the path to the private key file if using the Setting8021xCKScheme::Path scheme.

If @password is given, this function attempts to decrypt the private key to verify that @password is correct, and if it is, updates the #NMSetting8021x:private-key-password property with the given @password. If the decryption is unsuccessful, false is returned, @error is set, and no internal data is changed. If no @password is given, the private key is assumed to be valid, no decryption is performed, and the password may be set at a later time.

WARNING: the private key property is not a “secret” property, and thus unencrypted private key data using the BLOB scheme may be readable by unprivileged users. Private keys should always be encrypted with a private key password to prevent unauthorized access to unencrypted private key data.

§value

when @scheme is set to either Setting8021xCKScheme::Path or Setting8021xCKScheme::Blob, pass the path of the private key file (PEM, DER, or PKCS#12 format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing None with any @scheme clears the private key.

§password

password used to decrypt the private key, or None if the password is unknown. If the password is given but fails to decrypt the private key, an error is returned.

§scheme

desired storage scheme for the private key

§out_format

on successful return, the type of the private key added

§Returns

true if the operation succeeded, false if it was unsuccessful

Source

pub fn altsubject_matches(&self) -> Vec<GString>

List of strings to be matched against the altSubjectName of the certificate presented by the authentication server. If the list is empty, no verification of the server certificate’s altSubjectName is performed.

Source

pub fn set_altsubject_matches(&self, altsubject_matches: &[&str])

List of strings to be matched against the altSubjectName of the certificate presented by the authentication server. If the list is empty, no verification of the server certificate’s altSubjectName is performed.

Source

pub fn set_anonymous_identity(&self, anonymous_identity: Option<&str>)

Anonymous identity string for EAP authentication methods. Used as the unencrypted identity with EAP types that support different tunneled identity like EAP-TTLS.

Source

pub fn set_auth_timeout(&self, auth_timeout: i32)

Available on crate feature v1_8 only.

A timeout for the authentication. Zero means the global default; if the global default is not set, the authentication timeout is 25 seconds.

Source

pub fn set_ca_cert_password(&self, ca_cert_password: Option<&str>)

Available on crate feature v1_8 only.

The password used to access the CA certificate stored in #NMSetting8021x:ca-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Source

pub fn set_ca_cert_password_flags( &self, ca_cert_password_flags: SettingSecretFlags, )

Available on crate feature v1_8 only.

Flags indicating how to handle the #NMSetting8021x:ca-cert-password property.

Source

pub fn set_ca_path(&self, ca_path: Option<&str>)

UTF-8 encoded path to a directory containing PEM or DER formatted certificates to be added to the verification chain in addition to the certificate specified in the #NMSetting8021x:ca-cert property.

If NMSetting8021x:system-ca-certs is enabled and the built-in CA path is an existing directory, then this setting is ignored.

Source

pub fn set_client_cert_password(&self, client_cert_password: Option<&str>)

Available on crate feature v1_8 only.

The password used to access the client certificate stored in #NMSetting8021x:client-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Source

pub fn set_client_cert_password_flags( &self, client_cert_password_flags: SettingSecretFlags, )

Available on crate feature v1_8 only.

Flags indicating how to handle the #NMSetting8021x:client-cert-password property.

Source

pub fn set_domain_suffix_match(&self, domain_suffix_match: Option<&str>)

Available on crate feature v1_2 only.

Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for dNSName element(s) of the certificate presented by the authentication server. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. Since version 1.24, multiple valid FQDNs can be passed as a “;” delimited list.

Source

pub fn eap(&self) -> Vec<GString>

The allowed EAP method to be used when authenticating to the network with 802.1x. Valid methods are: “leap”, “md5”, “tls”, “peap”, “ttls”, “pwd”, and “fast”. Each method requires different configuration using the properties of this setting; refer to wpa_supplicant documentation for the allowed combinations.

Source

pub fn set_eap(&self, eap: &[&str])

The allowed EAP method to be used when authenticating to the network with 802.1x. Valid methods are: “leap”, “md5”, “tls”, “peap”, “ttls”, “pwd”, and “fast”. Each method requires different configuration using the properties of this setting; refer to wpa_supplicant documentation for the allowed combinations.

Source

pub fn set_identity(&self, identity: Option<&str>)

Identity string for EAP authentication methods. Often the user’s user or login name.

Source

pub fn set_pac_file(&self, pac_file: Option<&str>)

UTF-8 encoded file path containing PAC for EAP-FAST.

Source

pub fn set_password(&self, password: Option<&str>)

UTF-8 encoded password used for EAP authentication methods. If both the #NMSetting8021x:password property and the #NMSetting8021x:password-raw property are specified, #NMSetting8021x:password is preferred.

Source

pub fn set_password_flags(&self, password_flags: SettingSecretFlags)

Flags indicating how to handle the #NMSetting8021x:password property.

Source

pub fn set_password_raw_flags(&self, password_raw_flags: SettingSecretFlags)

Flags indicating how to handle the #NMSetting8021x:password-raw property.

Source

pub fn set_phase1_auth_flags(&self, phase1_auth_flags: u32)

Available on crate feature v1_8 only.

Specifies authentication flags to use in “phase 1” outer authentication using #NMSetting8021xAuthFlags options. The individual TLS versions can be explicitly disabled. TLS time checks can be also disabled. If a certain TLS disable flag is not set, it is up to the supplicant to allow or forbid it. The TLS options map to tls_disable_tlsv1_x and tls_disable_time_checks settings. See the wpa_supplicant documentation for more details.

Source

pub fn set_phase1_fast_provisioning( &self, phase1_fast_provisioning: Option<&str>, )

Enables or disables in-line provisioning of EAP-FAST credentials when FAST is specified as the EAP method in the #NMSetting8021x:eap property. Recognized values are “0” (disabled), “1” (allow unauthenticated provisioning), “2” (allow authenticated provisioning), and “3” (allow both authenticated and unauthenticated provisioning). See the wpa_supplicant documentation for more details.

Source

pub fn set_phase1_peaplabel(&self, phase1_peaplabel: Option<&str>)

Forces use of the new PEAP label during key derivation. Some RADIUS servers may require forcing the new PEAP label to interoperate with PEAPv1. Set to “1” to force use of the new PEAP label. See the wpa_supplicant documentation for more details.

Source

pub fn set_phase1_peapver(&self, phase1_peapver: Option<&str>)

Forces which PEAP version is used when PEAP is set as the EAP method in the #NMSetting8021x:eap property. When unset, the version reported by the server will be used. Sometimes when using older RADIUS servers, it is necessary to force the client to use a particular PEAP version. To do so, this property may be set to “0” or “1” to force that specific PEAP version.

Source

pub fn phase2_altsubject_matches(&self) -> Vec<GString>

List of strings to be matched against the altSubjectName of the certificate presented by the authentication server during the inner “phase 2” authentication. If the list is empty, no verification of the server certificate’s altSubjectName is performed.

Source

pub fn set_phase2_altsubject_matches(&self, phase2_altsubject_matches: &[&str])

List of strings to be matched against the altSubjectName of the certificate presented by the authentication server during the inner “phase 2” authentication. If the list is empty, no verification of the server certificate’s altSubjectName is performed.

Source

pub fn set_phase2_auth(&self, phase2_auth: Option<&str>)

Specifies the allowed “phase 2” inner authentication method when an EAP method that uses an inner TLS tunnel is specified in the #NMSetting8021x:eap property. For TTLS this property selects one of the supported non-EAP inner methods: “pap”, “chap”, “mschap”, “mschapv2” while #NMSetting8021x:phase2-autheap selects an EAP inner method. For PEAP this selects an inner EAP method, one of: “gtc”, “otp”, “md5” and “tls”. Each “phase 2” inner method requires specific parameters for successful authentication; see the wpa_supplicant documentation for more details. Both #NMSetting8021x:phase2-auth and #NMSetting8021x:phase2-autheap cannot be specified.

Source

pub fn set_phase2_autheap(&self, phase2_autheap: Option<&str>)

Specifies the allowed “phase 2” inner EAP-based authentication method when TTLS is specified in the #NMSetting8021x:eap property. Recognized EAP-based “phase 2” methods are “md5”, “mschapv2”, “otp”, “gtc”, and “tls”. Each “phase 2” inner method requires specific parameters for successful authentication; see the wpa_supplicant documentation for more details.

Source

pub fn set_phase2_ca_cert_password(&self, phase2_ca_cert_password: Option<&str>)

Available on crate feature v1_8 only.

The password used to access the “phase2” CA certificate stored in #NMSetting8021x:phase2-ca-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Source

pub fn set_phase2_ca_cert_password_flags( &self, phase2_ca_cert_password_flags: SettingSecretFlags, )

Available on crate feature v1_8 only.

Flags indicating how to handle the #NMSetting8021x:phase2-ca-cert-password property.

Source

pub fn set_phase2_ca_path(&self, phase2_ca_path: Option<&str>)

UTF-8 encoded path to a directory containing PEM or DER formatted certificates to be added to the verification chain in addition to the certificate specified in the #NMSetting8021x:phase2-ca-cert property.

If NMSetting8021x:system-ca-certs is enabled and the built-in CA path is an existing directory, then this setting is ignored.

Source

pub fn set_phase2_client_cert_password( &self, phase2_client_cert_password: Option<&str>, )

Available on crate feature v1_8 only.

The password used to access the “phase2” client certificate stored in #NMSetting8021x:phase2-client-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

Source

pub fn set_phase2_client_cert_password_flags( &self, phase2_client_cert_password_flags: SettingSecretFlags, )

Available on crate feature v1_8 only.

Flags indicating how to handle the #NMSetting8021x:phase2-client-cert-password property.

Source

pub fn set_phase2_domain_suffix_match( &self, phase2_domain_suffix_match: Option<&str>, )

Available on crate feature v1_2 only.

Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for dNSName element(s) of the certificate presented by the authentication server during the inner “phase 2” authentication. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. Since version 1.24, multiple valid FQDNs can be passed as a “;” delimited list.

Source

pub fn set_phase2_private_key_password( &self, phase2_private_key_password: Option<&str>, )

The password used to decrypt the “phase 2” private key specified in the #NMSetting8021x:phase2-private-key property when the private key either uses the path scheme, or is a PKCS#12 format key. Setting this property directly is not generally necessary except when returning secrets to NetworkManager; it is generally set automatically when setting the private key by the nm_setting_802_1x_set_phase2_private_key() function.

Source

pub fn set_phase2_private_key_password_flags( &self, phase2_private_key_password_flags: SettingSecretFlags, )

Flags indicating how to handle the #NMSetting8021x:phase2-private-key-password property.

Source

pub fn set_phase2_subject_match(&self, phase2_subject_match: Option<&str>)

👎Deprecated: Since 1.2

Substring to be matched against the subject of the certificate presented by the authentication server during the inner “phase 2” authentication. When unset, no verification of the authentication server certificate’s subject is performed. This property provides little security, if any, and should not be used.

§Deprecated since 1.2

Use #NMSetting8021x:phase2-domain-suffix-match instead.

Source

pub fn set_pin(&self, pin: Option<&str>)

PIN used for EAP authentication methods.

Source

pub fn set_pin_flags(&self, pin_flags: SettingSecretFlags)

Flags indicating how to handle the #NMSetting8021x:pin property.

Source

pub fn set_private_key_password(&self, private_key_password: Option<&str>)

The password used to decrypt the private key specified in the #NMSetting8021x:private-key property when the private key either uses the path scheme, or if the private key is a PKCS#12 format key. Setting this property directly is not generally necessary except when returning secrets to NetworkManager; it is generally set automatically when setting the private key by the nm_setting_802_1x_set_private_key() function.

Source

pub fn set_private_key_password_flags( &self, private_key_password_flags: SettingSecretFlags, )

Flags indicating how to handle the #NMSetting8021x:private-key-password property.

Source

pub fn set_subject_match(&self, subject_match: Option<&str>)

👎Deprecated: Since 1.2

Substring to be matched against the subject of the certificate presented by the authentication server. When unset, no verification of the authentication server certificate’s subject is performed. This property provides little security, if any, and should not be used.

§Deprecated since 1.2

Use #NMSetting8021x:phase2-domain-suffix-match instead.

Source

pub fn set_system_ca_certs(&self, system_ca_certs: bool)

When true, overrides the #NMSetting8021x:ca-path and #NMSetting8021x:phase2-ca-path properties using the system CA directory specified at configure time with the –system-ca-path switch. The certificates in this directory are added to the verification chain in addition to any certificates specified by the #NMSetting8021x:ca-cert and #NMSetting8021x:phase2-ca-cert properties. If the path provided with –system-ca-path is rather a file name (bundle of trusted CA certificates), it overrides #NMSetting8021x:ca-cert and #NMSetting8021x:phase2-ca-cert properties instead (sets ca_cert/ca_cert2 options for wpa_supplicant).

Source

pub fn connect_altsubject_matches_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_anonymous_identity_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_auth_timeout_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_ca_cert_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_ca_cert_password_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_ca_cert_password_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_ca_path_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_client_cert_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_client_cert_password_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_client_cert_password_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_domain_suffix_match_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_2 only.
Source

pub fn connect_eap_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_identity_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_pac_file_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_password_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_password_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_password_raw_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_password_raw_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase1_auth_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_phase1_fast_provisioning_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase1_peaplabel_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase1_peapver_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_altsubject_matches_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_auth_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_autheap_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_ca_cert_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_ca_cert_password_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_phase2_ca_cert_password_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_phase2_ca_path_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_client_cert_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_client_cert_password_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_phase2_client_cert_password_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_8 only.
Source

pub fn connect_phase2_domain_suffix_match_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Available on crate feature v1_2 only.
Source

pub fn connect_phase2_private_key_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_private_key_password_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_private_key_password_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_phase2_subject_match_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

👎Deprecated: Since 1.2
Source

pub fn connect_pin_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_pin_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_private_key_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_private_key_password_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_private_key_password_flags_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Source

pub fn connect_subject_match_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

👎Deprecated: Since 1.2
Source

pub fn connect_system_ca_certs_notify<F: Fn(&Self) + 'static>( &self, f: F, ) -> SignalHandlerId

Trait Implementations§

Source§

impl Clone for Setting8021x

Source§

fn clone(&self) -> Self

Makes a clone of this shared reference.

This increments the strong reference count of the object. Dropping the object will decrement it again.

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Setting8021x

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for Setting8021x

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl HasParamSpec for Setting8021x

Source§

type ParamSpec = ParamSpecObject

Source§

type SetValue = Setting8021x

Preferred value to be used as setter for the associated ParamSpec.
Source§

type BuilderFn = fn(&str) -> ParamSpecObjectBuilder<'_, Setting8021x>

Source§

fn param_spec_builder() -> Self::BuilderFn

Source§

impl Hash for Setting8021x

Source§

fn hash<H>(&self, state: &mut H)
where H: Hasher,

Hashes the memory address of this object.

1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl Ord for Setting8021x

Source§

fn cmp(&self, other: &Self) -> Ordering

Comparison for two GObjects.

Compares the memory addresses of the provided objects.

1.21.0 · Source§

fn max(self, other: Self) -> Self
where Self: Sized,

Compares and returns the maximum of two values. Read more
1.21.0 · Source§

fn min(self, other: Self) -> Self
where Self: Sized,

Compares and returns the minimum of two values. Read more
1.50.0 · Source§

fn clamp(self, min: Self, max: Self) -> Self
where Self: Sized,

Restrict a value to a certain interval. Read more
Source§

impl ParentClassIs for Setting8021x

Source§

type Parent = Setting

Source§

impl<OT: ObjectType> PartialEq<OT> for Setting8021x

Source§

fn eq(&self, other: &OT) -> bool

Equality for two GObjects.

Two GObjects are equal if their memory addresses are equal.

1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<OT: ObjectType> PartialOrd<OT> for Setting8021x

Source§

fn partial_cmp(&self, other: &OT) -> Option<Ordering>

Partial comparison for two GObjects.

Compares the memory addresses of the provided objects.

1.0.0 · Source§

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator. Read more
1.0.0 · Source§

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator. Read more
1.0.0 · Source§

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator. Read more
1.0.0 · Source§

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator. Read more
Source§

impl StaticType for Setting8021x

Source§

fn static_type() -> Type

Returns the type identifier of Self.
Source§

impl Eq for Setting8021x

Source§

impl IsA<Setting> for Setting8021x

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> Cast for T
where T: ObjectType,

Source§

fn upcast<T>(self) -> T
where T: ObjectType, Self: IsA<T>,

Upcasts an object to a superclass or interface T. Read more
Source§

fn upcast_ref<T>(&self) -> &T
where T: ObjectType, Self: IsA<T>,

Upcasts an object to a reference of its superclass or interface T. Read more
Source§

fn downcast<T>(self) -> Result<T, Self>
where T: ObjectType, Self: MayDowncastTo<T>,

Tries to downcast to a subclass or interface implementor T. Read more
Source§

fn downcast_ref<T>(&self) -> Option<&T>
where T: ObjectType, Self: MayDowncastTo<T>,

Tries to downcast to a reference of its subclass or interface implementor T. Read more
Source§

fn dynamic_cast<T>(self) -> Result<T, Self>
where T: ObjectType,

Tries to cast to an object of type T. This handles upcasting, downcasting and casting between interface and interface implementors. All checks are performed at runtime, while upcast will do many checks at compile-time already. downcast will perform the same checks at runtime as dynamic_cast, but will also ensure some amount of compile-time safety. Read more
Source§

fn dynamic_cast_ref<T>(&self) -> Option<&T>
where T: ObjectType,

Tries to cast to reference to an object of type T. This handles upcasting, downcasting and casting between interface and interface implementors. All checks are performed at runtime, while downcast and upcast will do many checks at compile-time already. Read more
Source§

unsafe fn unsafe_cast<T>(self) -> T
where T: ObjectType,

Casts to T unconditionally. Read more
Source§

unsafe fn unsafe_cast_ref<T>(&self) -> &T
where T: ObjectType,

Casts to &T unconditionally. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> FromGlibContainerAsVec<<T as GlibPtrDefault>::GlibType, *const GList> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_num_as_vec(ptr: *const GList, num: usize) -> Vec<T>

Source§

unsafe fn from_glib_container_num_as_vec(_: *const GList, _: usize) -> Vec<T>

Source§

unsafe fn from_glib_full_num_as_vec(_: *const GList, _: usize) -> Vec<T>

Source§

impl<T> FromGlibContainerAsVec<<T as GlibPtrDefault>::GlibType, *const GPtrArray> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_num_as_vec(ptr: *const GPtrArray, num: usize) -> Vec<T>

Source§

unsafe fn from_glib_container_num_as_vec( _: *const GPtrArray, _: usize, ) -> Vec<T>

Source§

unsafe fn from_glib_full_num_as_vec(_: *const GPtrArray, _: usize) -> Vec<T>

Source§

impl<T> FromGlibContainerAsVec<<T as GlibPtrDefault>::GlibType, *const GSList> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_num_as_vec(ptr: *const GSList, num: usize) -> Vec<T>

Source§

unsafe fn from_glib_container_num_as_vec(_: *const GSList, _: usize) -> Vec<T>

Source§

unsafe fn from_glib_full_num_as_vec(_: *const GSList, _: usize) -> Vec<T>

Source§

impl<T> FromGlibContainerAsVec<<T as GlibPtrDefault>::GlibType, *mut GList> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_num_as_vec(ptr: *mut GList, num: usize) -> Vec<T>

Source§

unsafe fn from_glib_container_num_as_vec(ptr: *mut GList, num: usize) -> Vec<T>

Source§

unsafe fn from_glib_full_num_as_vec(ptr: *mut GList, num: usize) -> Vec<T>

Source§

impl<T> FromGlibContainerAsVec<<T as GlibPtrDefault>::GlibType, *mut GPtrArray> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_num_as_vec(ptr: *mut GPtrArray, num: usize) -> Vec<T>

Source§

unsafe fn from_glib_container_num_as_vec( ptr: *mut GPtrArray, num: usize, ) -> Vec<T>

Source§

unsafe fn from_glib_full_num_as_vec(ptr: *mut GPtrArray, num: usize) -> Vec<T>

Source§

impl<T> FromGlibContainerAsVec<<T as GlibPtrDefault>::GlibType, *mut GSList> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_num_as_vec(ptr: *mut GSList, num: usize) -> Vec<T>

Source§

unsafe fn from_glib_container_num_as_vec(ptr: *mut GSList, num: usize) -> Vec<T>

Source§

unsafe fn from_glib_full_num_as_vec(ptr: *mut GSList, num: usize) -> Vec<T>

Source§

impl<T> FromGlibPtrArrayContainerAsVec<<T as GlibPtrDefault>::GlibType, *const GList> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_as_vec(ptr: *const GList) -> Vec<T>

Source§

unsafe fn from_glib_container_as_vec(_: *const GList) -> Vec<T>

Source§

unsafe fn from_glib_full_as_vec(_: *const GList) -> Vec<T>

Source§

impl<T> FromGlibPtrArrayContainerAsVec<<T as GlibPtrDefault>::GlibType, *const GPtrArray> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_as_vec(ptr: *const GPtrArray) -> Vec<T>

Source§

unsafe fn from_glib_container_as_vec(_: *const GPtrArray) -> Vec<T>

Source§

unsafe fn from_glib_full_as_vec(_: *const GPtrArray) -> Vec<T>

Source§

impl<T> FromGlibPtrArrayContainerAsVec<<T as GlibPtrDefault>::GlibType, *const GSList> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_as_vec(ptr: *const GSList) -> Vec<T>

Source§

unsafe fn from_glib_container_as_vec(_: *const GSList) -> Vec<T>

Source§

unsafe fn from_glib_full_as_vec(_: *const GSList) -> Vec<T>

Source§

impl<T> FromGlibPtrArrayContainerAsVec<<T as GlibPtrDefault>::GlibType, *mut GList> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_as_vec(ptr: *mut GList) -> Vec<T>

Source§

unsafe fn from_glib_container_as_vec(ptr: *mut GList) -> Vec<T>

Source§

unsafe fn from_glib_full_as_vec(ptr: *mut GList) -> Vec<T>

Source§

impl<T> FromGlibPtrArrayContainerAsVec<<T as GlibPtrDefault>::GlibType, *mut GPtrArray> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_as_vec(ptr: *mut GPtrArray) -> Vec<T>

Source§

unsafe fn from_glib_container_as_vec(ptr: *mut GPtrArray) -> Vec<T>

Source§

unsafe fn from_glib_full_as_vec(ptr: *mut GPtrArray) -> Vec<T>

Source§

impl<T> FromGlibPtrArrayContainerAsVec<<T as GlibPtrDefault>::GlibType, *mut GSList> for T
where T: GlibPtrDefault + FromGlibPtrNone<<T as GlibPtrDefault>::GlibType> + FromGlibPtrFull<<T as GlibPtrDefault>::GlibType>,

Source§

unsafe fn from_glib_none_as_vec(ptr: *mut GSList) -> Vec<T>

Source§

unsafe fn from_glib_container_as_vec(ptr: *mut GSList) -> Vec<T>

Source§

unsafe fn from_glib_full_as_vec(ptr: *mut GSList) -> Vec<T>

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoClosureReturnValue for T
where T: Into<Value>,

Source§

fn into_closure_return_value(self) -> Option<Value>

Source§

impl<U> IsSubclassableExt for U
where U: IsClass + ParentClassIs,

Source§

fn parent_class_init<T>(class: &mut Class<U>)
where T: ObjectSubclass, <U as ParentClassIs>::Parent: IsSubclassable<T>,

Source§

fn parent_instance_init<T>(instance: &mut InitializingObject<T>)
where T: ObjectSubclass, <U as ParentClassIs>::Parent: IsSubclassable<T>,

Source§

impl<T> ObjectExt for T
where T: ObjectType,

Source§

fn is<U>(&self) -> bool
where U: StaticType,

Returns true if the object is an instance of (can be cast to) T.
Source§

fn type_(&self) -> Type

Returns the type of the object.
Source§

fn object_class(&self) -> &Class<Object>

Returns the ObjectClass of the object. Read more
Source§

fn class(&self) -> &Class<T>
where T: IsClass,

Returns the class of the object.
Source§

fn class_of<U>(&self) -> Option<&Class<U>>
where U: IsClass,

Returns the class of the object in the given type T. Read more
Source§

fn interface<U>(&self) -> Option<InterfaceRef<'_, U>>
where U: IsInterface,

Returns the interface T of the object. Read more
Source§

fn set_property(&self, property_name: &str, value: impl Into<Value>)

Sets the property property_name of the object to value value. Read more
Source§

fn set_property_from_value(&self, property_name: &str, value: &Value)

Sets the property property_name of the object to value value. Read more
Source§

fn set_properties(&self, property_values: &[(&str, &dyn ToValue)])

Sets multiple properties of the object at once. Read more
Source§

fn set_properties_from_value(&self, property_values: &[(&str, Value)])

Sets multiple properties of the object at once. Read more
Source§

fn property<V>(&self, property_name: &str) -> V
where V: for<'b> FromValue<'b> + 'static,

Gets the property property_name of the object and cast it to the type V. Read more
Source§

fn property_value(&self, property_name: &str) -> Value

Gets the property property_name of the object. Read more
Source§

fn has_property(&self, property_name: &str) -> bool

Check if the object has a property property_name.
Source§

fn has_property_with_type(&self, property_name: &str, type_: Type) -> bool

Check if the object has a property property_name of the given type_.
Source§

fn property_type(&self, property_name: &str) -> Option<Type>

Get the type of the property property_name of this object. Read more
Source§

fn find_property(&self, property_name: &str) -> Option<ParamSpec>

Get the ParamSpec of the property property_name of this object.
Source§

fn list_properties(&self) -> PtrSlice<ParamSpec>

Return all ParamSpec of the properties of this object.
Source§

fn freeze_notify(&self) -> PropertyNotificationFreezeGuard

Freeze all property notifications until the return guard object is dropped. Read more
Source§

unsafe fn set_qdata<QD>(&self, key: Quark, value: QD)
where QD: 'static,

Set arbitrary data on this object with the given key. Read more
Source§

unsafe fn qdata<QD>(&self, key: Quark) -> Option<NonNull<QD>>
where QD: 'static,

Return previously set arbitrary data of this object with the given key. Read more
Source§

unsafe fn steal_qdata<QD>(&self, key: Quark) -> Option<QD>
where QD: 'static,

Retrieve previously set arbitrary data of this object with the given key. Read more
Source§

unsafe fn set_data<QD>(&self, key: &str, value: QD)
where QD: 'static,

Set arbitrary data on this object with the given key. Read more
Source§

unsafe fn data<QD>(&self, key: &str) -> Option<NonNull<QD>>
where QD: 'static,

Return previously set arbitrary data of this object with the given key. Read more
Source§

unsafe fn steal_data<QD>(&self, key: &str) -> Option<QD>
where QD: 'static,

Retrieve previously set arbitrary data of this object with the given key. Read more
Source§

fn block_signal(&self, handler_id: &SignalHandlerId)

Block a given signal handler. Read more
Source§

fn unblock_signal(&self, handler_id: &SignalHandlerId)

Unblock a given signal handler.
Source§

fn stop_signal_emission(&self, signal_id: SignalId, detail: Option<Quark>)

Stop emission of the currently emitted signal.
Source§

fn stop_signal_emission_by_name(&self, signal_name: &str)

Stop emission of the currently emitted signal by the (possibly detailed) signal name.
Source§

fn connect<F>( &self, signal_name: &str, after: bool, callback: F, ) -> SignalHandlerId
where F: Fn(&[Value]) -> Option<Value> + Send + Sync + 'static,

Connect to the signal signal_name on this object. Read more
Source§

fn connect_id<F>( &self, signal_id: SignalId, details: Option<Quark>, after: bool, callback: F, ) -> SignalHandlerId
where F: Fn(&[Value]) -> Option<Value> + Send + Sync + 'static,

Connect to the signal signal_id on this object. Read more
Source§

fn connect_local<F>( &self, signal_name: &str, after: bool, callback: F, ) -> SignalHandlerId
where F: Fn(&[Value]) -> Option<Value> + 'static,

Connect to the signal signal_name on this object. Read more
Source§

fn connect_local_id<F>( &self, signal_id: SignalId, details: Option<Quark>, after: bool, callback: F, ) -> SignalHandlerId
where F: Fn(&[Value]) -> Option<Value> + 'static,

Connect to the signal signal_id on this object. Read more
Source§

unsafe fn connect_unsafe<F>( &self, signal_name: &str, after: bool, callback: F, ) -> SignalHandlerId
where F: Fn(&[Value]) -> Option<Value>,

Connect to the signal signal_name on this object. Read more
Source§

unsafe fn connect_unsafe_id<F>( &self, signal_id: SignalId, details: Option<Quark>, after: bool, callback: F, ) -> SignalHandlerId
where F: Fn(&[Value]) -> Option<Value>,

Connect to the signal signal_id on this object. Read more
Source§

fn connect_closure( &self, signal_name: &str, after: bool, closure: RustClosure, ) -> SignalHandlerId

Connect a closure to the signal signal_name on this object. Read more
Source§

fn connect_closure_id( &self, signal_id: SignalId, details: Option<Quark>, after: bool, closure: RustClosure, ) -> SignalHandlerId

Connect a closure to the signal signal_id on this object. Read more
Source§

fn watch_closure(&self, closure: &impl AsRef<Closure>)

Limits the lifetime of closure to the lifetime of the object. When the object’s reference count drops to zero, the closure will be invalidated. An invalidated closure will ignore any calls to invoke_with_values, or invoke when using Rust closures.
Source§

fn emit<R>(&self, signal_id: SignalId, args: &[&dyn ToValue]) -> R
where R: TryFromClosureReturnValue,

Emit signal by signal id. Read more
Source§

fn emit_with_values(&self, signal_id: SignalId, args: &[Value]) -> Option<Value>

Same as Self::emit but takes Value for the arguments.
Source§

fn emit_by_name<R>(&self, signal_name: &str, args: &[&dyn ToValue]) -> R
where R: TryFromClosureReturnValue,

Emit signal by its name. Read more
Source§

fn emit_by_name_with_values( &self, signal_name: &str, args: &[Value], ) -> Option<Value>

Emit signal by its name. Read more
Source§

fn emit_by_name_with_details<R>( &self, signal_name: &str, details: Quark, args: &[&dyn ToValue], ) -> R
where R: TryFromClosureReturnValue,

Emit signal by its name with details. Read more
Source§

fn emit_by_name_with_details_and_values( &self, signal_name: &str, details: Quark, args: &[Value], ) -> Option<Value>

Emit signal by its name with details. Read more
Source§

fn emit_with_details<R>( &self, signal_id: SignalId, details: Quark, args: &[&dyn ToValue], ) -> R
where R: TryFromClosureReturnValue,

Emit signal by signal id with details. Read more
Source§

fn emit_with_details_and_values( &self, signal_id: SignalId, details: Quark, args: &[Value], ) -> Option<Value>

Emit signal by signal id with details. Read more
Source§

fn disconnect(&self, handler_id: SignalHandlerId)

Disconnect a previously connected signal handler.
Source§

fn connect_notify<F>(&self, name: Option<&str>, f: F) -> SignalHandlerId
where F: Fn(&T, &ParamSpec) + Send + Sync + 'static,

Connect to the notify signal of the object. Read more
Source§

fn connect_notify_local<F>(&self, name: Option<&str>, f: F) -> SignalHandlerId
where F: Fn(&T, &ParamSpec) + 'static,

Connect to the notify signal of the object. Read more
Source§

unsafe fn connect_notify_unsafe<F>( &self, name: Option<&str>, f: F, ) -> SignalHandlerId
where F: Fn(&T, &ParamSpec),

Connect to the notify signal of the object. Read more
Source§

fn notify(&self, property_name: &str)

Notify that the given property has changed its value. Read more
Source§

fn notify_by_pspec(&self, pspec: &ParamSpec)

Notify that the given property has changed its value. Read more
Source§

fn downgrade(&self) -> WeakRef<T>

Downgrade this object to a weak reference.
Source§

fn add_weak_ref_notify<F>(&self, f: F) -> WeakRefNotify<T>
where F: FnOnce() + Send + 'static,

Add a callback to be notified when the Object is disposed.
Source§

fn add_weak_ref_notify_local<F>(&self, f: F) -> WeakRefNotify<T>
where F: FnOnce() + 'static,

Add a callback to be notified when the Object is disposed. Read more
Source§

fn bind_property<'a, 'f, 't, O>( &'a self, source_property: &'a str, target: &'a O, target_property: &'a str, ) -> BindingBuilder<'a, 'f, 't>
where O: ObjectType,

Bind property source_property on this object to the target_property on the target object. Read more
Source§

fn ref_count(&self) -> u32

Returns the strong reference count of this object.
Source§

unsafe fn run_dispose(&self)

Runs the dispose mechanism of the object. Read more
Source§

impl<T> Property for T
where T: HasParamSpec,

Source§

type Value = T

Source§

impl<T> PropertyGet for T
where T: HasParamSpec,

Source§

type Value = T

Source§

fn get<R, F>(&self, f: F) -> R
where F: Fn(&<T as PropertyGet>::Value) -> R,

Source§

impl<O> SettingExt for O
where O: IsA<Setting>,

Source§

fn compare(&self, b: &impl IsA<Setting>, flags: SettingCompareFlags) -> bool

Source§

fn duplicate(&self) -> Setting

Duplicates a #NMSetting. Read more
Source§

fn name(&self) -> GString

Returns the type name of the #NMSetting object Read more
Source§

fn secret_flags( &self, secret_name: &str, out_flags: SettingSecretFlags, ) -> Result<(), Error>

For a given secret, retrieves the #NMSettingSecretFlags describing how to handle that secret. Read more
Source§

fn set_secret_flags( &self, secret_name: &str, flags: SettingSecretFlags, ) -> Result<(), Error>

For a given secret, stores the #NMSettingSecretFlags describing how to handle that secret. Read more
Source§

fn to_str(&self) -> GString

Convert the setting (including secrets!) into a string. For debugging purposes ONLY, should NOT be used for serialization of the setting, or machine-parsed in any way. The output format is not guaranteed to be stable and may change at any time. Read more
Source§

fn verify(&self, connection: Option<&impl IsA<Connection>>) -> Result<(), Error>

Validates the setting. Each setting’s properties have allowed values, and some are dependent on other values (hence the need for @connection). The returned #GError contains information about which property of the setting failed validation, and in what way that property failed validation. Read more
Source§

fn verify_secrets( &self, connection: Option<&impl IsA<Connection>>, ) -> Result<(), Error>

Available on crate feature v1_2 only.
Verifies the secrets in the setting. The returned #GError contains information about which secret of the setting failed validation, and in what way that secret failed validation. The secret validation is done separately from main setting validation, because in some cases connection failure is not desired just for the secrets. Read more
Source§

fn connect_name_notify<F: Fn(&Self) + 'static>(&self, f: F) -> SignalHandlerId

Source§

impl<T> StaticTypeExt for T
where T: StaticType,

Source§

fn ensure_type()

Ensures that the type has been registered with the type system.
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> TransparentType for T
where T: TransparentPtrType,

Source§

type GlibType = <T as GlibPtrDefault>::GlibType

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T> TryFromClosureReturnValue for T
where T: for<'a> FromValue<'a> + StaticType + 'static,

Source§

fn try_from_closure_return_value(v: Option<Value>) -> Result<T, BoolError>

Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<'a, T, C, E> FromValueOptional<'a> for T
where T: FromValue<'a, Checker = C>, C: ValueTypeChecker<Error = ValueTypeMismatchOrNoneError<E>>, E: Error + Send + 'static,

Source§

impl<Super, Sub> MayDowncastTo<Sub> for Super
where Super: IsA<Super>, Sub: IsA<Super>,