diff options
| author | Fabio Alessandrelli <fabio.alessandrelli@gmail.com> | 2023-01-20 01:51:35 +0100 |
|---|---|---|
| committer | Fabio Alessandrelli <fabio.alessandrelli@gmail.com> | 2023-01-28 11:08:02 +0100 |
| commit | adba870534bdcdd11f0f344e66090be8e2cd9ae4 (patch) | |
| tree | 90a82a28e69cf61b10f210cd02d086cdeb410d95 /modules/enet/doc_classes | |
| parent | 2afa175195d0fc885badb60441bef1b31e5e6d05 (diff) | |
| download | redot-engine-adba870534bdcdd11f0f344e66090be8e2cd9ae4.tar.gz | |
[NET] Refactor TLS configuration.
Use a TLSOptions configuration object which is created via static
functions.
- "TLSOptions.client": uses the standard CA and common name verification.
- "TLSOptions.client_unsafe": uses optional CA verification (i.e. if specified)
- "TLSOptions.server": is the standard server configuration (chain + key)
This will allow us to expand the TLS configuration options to include
e.g. mutual authentication without bloating the classes that uses
StreamPeerTLS and PacketPeerDTLS as underlying peers.
Diffstat (limited to 'modules/enet/doc_classes')
| -rw-r--r-- | modules/enet/doc_classes/ENetConnection.xml | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/modules/enet/doc_classes/ENetConnection.xml b/modules/enet/doc_classes/ENetConnection.xml index 8c84fe87d7..dc832976d9 100644 --- a/modules/enet/doc_classes/ENetConnection.xml +++ b/modules/enet/doc_classes/ENetConnection.xml @@ -84,19 +84,17 @@ </method> <method name="dtls_client_setup"> <return type="int" enum="Error" /> - <param index="0" name="certificate" type="X509Certificate" /> - <param index="1" name="hostname" type="String" /> - <param index="2" name="verify" type="bool" default="true" /> + <param index="0" name="hostname" type="String" /> + <param index="1" name="client_options" type="TLSOptions" default="null" /> <description> - Configure this ENetHost to use the custom Godot extension allowing DTLS encryption for ENet clients. Call this before [method connect_to_host] to have ENet connect using DTLS with [code]certificate[/code] and [code]hostname[/code] verification. Verification can be optionally turned off via the [code]verify[/code] parameter. + Configure this ENetHost to use the custom Godot extension allowing DTLS encryption for ENet clients. Call this before [method connect_to_host] to have ENet connect using DTLS validating the server certificate against [code]hostname[/code]. You can pass the optional [param client_options] parameter to customize the trusted certification authorities, or disable the common name verification. See [method TLSOptions.client] and [method TLSOptions.client_unsafe]. </description> </method> <method name="dtls_server_setup"> <return type="int" enum="Error" /> - <param index="0" name="key" type="CryptoKey" /> - <param index="1" name="certificate" type="X509Certificate" /> + <param index="0" name="server_options" type="TLSOptions" /> <description> - Configure this ENetHost to use the custom Godot extension allowing DTLS encryption for ENet servers. Call this right after [method create_host_bound] to have ENet expect peers to connect using DTLS. + Configure this ENetHost to use the custom Godot extension allowing DTLS encryption for ENet servers. Call this right after [method create_host_bound] to have ENet expect peers to connect using DTLS. See [method TLSOptions.server]. </description> </method> <method name="flush"> |