Gjsify LogoGjsify Logo

IEEE 802.1x Authentication Settings

Hierarchy

Index

Constructors

Properties

Methods

Constructors

Properties

altsubject_matches: string[]

List of strings to be matched against the altSubjectName of the certificate presented by the authentication server. If the list is empty, no verification of the server certificate's altSubjectName is performed.

anonymous_identity: string

Anonymous identity string for EAP authentication methods. Used as the unencrypted identity with EAP types that support different tunneled identity like EAP-TTLS.

auth_timeout: number

A timeout for the authentication. Zero means the global default; if the global default is not set, the authentication timeout is 25 seconds.

ca_cert: Bytes

Contains the CA certificate if used by the EAP method specified in the #NMSetting8021x:eap property.

Certificate data is specified using a "scheme"; three are currently supported: blob, path and pkcs#11 URL. When using the blob scheme this property should be set to the certificate's DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string "file://" and ending with a terminating NUL byte. This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended.

Note that enabling NMSetting8021x:system-ca-certs will override this setting to use the built-in path, if the built-in path is not a directory.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_ca_cert() function instead.

ca_cert_password: string

The password used to access the CA certificate stored in #NMSetting8021x:ca-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

ca_cert_password_flags: NM.SettingSecretFlags

Flags indicating how to handle the #NMSetting8021x:ca-cert-password property.

ca_path: string

UTF-8 encoded path to a directory containing PEM or DER formatted certificates to be added to the verification chain in addition to the certificate specified in the #NMSetting8021x:ca-cert property.

If NMSetting8021x:system-ca-certs is enabled and the built-in CA path is an existing directory, then this setting is ignored.

client_cert: Bytes

Contains the client certificate if used by the EAP method specified in the #NMSetting8021x:eap property.

Certificate data is specified using a "scheme"; two are currently supported: blob and path. When using the blob scheme (which is backwards compatible with NM 0.7.x) this property should be set to the certificate's DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string "file://" and ending with a terminating NUL byte.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_client_cert() function instead.

client_cert_password: string

The password used to access the client certificate stored in #NMSetting8021x:client-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

client_cert_password_flags: NM.SettingSecretFlags

Flags indicating how to handle the #NMSetting8021x:client-cert-password property.

domain_match: string

Constraint for server domain name. If set, this list of FQDNs is used as a match requirement for dNSName element(s) of the certificate presented by the authentication server. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using the same comparison. Multiple valid FQDNs can be passed as a ";" delimited list.

domain_suffix_match: string

Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for dNSName element(s) of the certificate presented by the authentication server. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. Since version 1.24, multiple valid FQDNs can be passed as a ";" delimited list.

eap: string[]

The allowed EAP method to be used when authenticating to the network with 802.1x. Valid methods are: "leap", "md5", "tls", "peap", "ttls", "pwd", and "fast". Each method requires different configuration using the properties of this setting; refer to wpa_supplicant documentation for the allowed combinations.

g_type_instance: TypeInstance
identity: string

Identity string for EAP authentication methods. Often the user's user or login name.

name: string

The setting's name, which uniquely identifies the setting within the connection. Each setting type has a name unique to that type, for example "ppp" or "802-11-wireless" or "802-3-ethernet".

optional: boolean

Whether the 802.1X authentication is optional. If %TRUE, the activation will continue even after a timeout or an authentication failure. Setting the property to %TRUE is currently allowed only for Ethernet connections. If set to %FALSE, the activation can continue only after a successful authentication.

pac_file: string

UTF-8 encoded file path containing PAC for EAP-FAST.

password: string

UTF-8 encoded password used for EAP authentication methods. If both the #NMSetting8021x:password property and the #NMSetting8021x:password-raw property are specified, #NMSetting8021x:password is preferred.

password_flags: NM.SettingSecretFlags

Flags indicating how to handle the #NMSetting8021x:password property.

password_raw: Bytes

Password used for EAP authentication methods, given as a byte array to allow passwords in other encodings than UTF-8 to be used. If both the #NMSetting8021x:password property and the #NMSetting8021x:password-raw property are specified, #NMSetting8021x:password is preferred.

password_raw_flags: NM.SettingSecretFlags

Flags indicating how to handle the #NMSetting8021x:password-raw property.

phase1_auth_flags: number

Specifies authentication flags to use in "phase 1" outer authentication using #NMSetting8021xAuthFlags options. The individual TLS versions can be explicitly disabled. If a certain TLS disable flag is not set, it is up to the supplicant to allow or forbid it. The TLS options map to tls_disable_tlsv1_x settings. See the wpa_supplicant documentation for more details.

phase1_fast_provisioning: string

Enables or disables in-line provisioning of EAP-FAST credentials when FAST is specified as the EAP method in the #NMSetting8021x:eap property. Recognized values are "0" (disabled), "1" (allow unauthenticated provisioning), "2" (allow authenticated provisioning), and "3" (allow both authenticated and unauthenticated provisioning). See the wpa_supplicant documentation for more details.

phase1_peaplabel: string

Forces use of the new PEAP label during key derivation. Some RADIUS servers may require forcing the new PEAP label to interoperate with PEAPv1. Set to "1" to force use of the new PEAP label. See the wpa_supplicant documentation for more details.

phase1_peapver: string

Forces which PEAP version is used when PEAP is set as the EAP method in the #NMSetting8021x:eap property. When unset, the version reported by the server will be used. Sometimes when using older RADIUS servers, it is necessary to force the client to use a particular PEAP version. To do so, this property may be set to "0" or "1" to force that specific PEAP version.

phase2_altsubject_matches: string[]

List of strings to be matched against the altSubjectName of the certificate presented by the authentication server during the inner "phase 2" authentication. If the list is empty, no verification of the server certificate's altSubjectName is performed.

phase2_auth: string

Specifies the allowed "phase 2" inner authentication method when an EAP method that uses an inner TLS tunnel is specified in the #NMSetting8021x:eap property. For TTLS this property selects one of the supported non-EAP inner methods: "pap", "chap", "mschap", "mschapv2" while #NMSetting8021x:phase2-autheap selects an EAP inner method. For PEAP this selects an inner EAP method, one of: "gtc", "otp", "md5" and "tls". Each "phase 2" inner method requires specific parameters for successful authentication; see the wpa_supplicant documentation for more details. Both #NMSetting8021x:phase2-auth and #NMSetting8021x:phase2-autheap cannot be specified.

phase2_autheap: string

Specifies the allowed "phase 2" inner EAP-based authentication method when TTLS is specified in the #NMSetting8021x:eap property. Recognized EAP-based "phase 2" methods are "md5", "mschapv2", "otp", "gtc", and "tls". Each "phase 2" inner method requires specific parameters for successful authentication; see the wpa_supplicant documentation for more details.

phase2_ca_cert: Bytes

Contains the "phase 2" CA certificate if used by the EAP method specified in the #NMSetting8021x:phase2-auth or #NMSetting8021x:phase2-autheap properties.

Certificate data is specified using a "scheme"; three are currently supported: blob, path and pkcs#11 URL. When using the blob scheme this property should be set to the certificate's DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string "file://" and ending with a terminating NUL byte. This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended.

Note that enabling NMSetting8021x:system-ca-certs will override this setting to use the built-in path, if the built-in path is not a directory.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_phase2_ca_cert() function instead.

phase2_ca_cert_password: string

The password used to access the "phase2" CA certificate stored in #NMSetting8021x:phase2-ca-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

phase2_ca_cert_password_flags: NM.SettingSecretFlags

Flags indicating how to handle the #NMSetting8021x:phase2-ca-cert-password property.

phase2_ca_path: string

UTF-8 encoded path to a directory containing PEM or DER formatted certificates to be added to the verification chain in addition to the certificate specified in the #NMSetting8021x:phase2-ca-cert property.

If NMSetting8021x:system-ca-certs is enabled and the built-in CA path is an existing directory, then this setting is ignored.

phase2_client_cert: Bytes

Contains the "phase 2" client certificate if used by the EAP method specified in the #NMSetting8021x:phase2-auth or #NMSetting8021x:phase2-autheap properties.

Certificate data is specified using a "scheme"; two are currently supported: blob and path. When using the blob scheme (which is backwards compatible with NM 0.7.x) this property should be set to the certificate's DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string "file://" and ending with a terminating NUL byte. This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_phase2_client_cert() function instead.

phase2_client_cert_password: string

The password used to access the "phase2" client certificate stored in #NMSetting8021x:phase2-client-cert property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.

phase2_client_cert_password_flags: NM.SettingSecretFlags

Flags indicating how to handle the #NMSetting8021x:phase2-client-cert-password property.

phase2_domain_match: string

Constraint for server domain name. If set, this list of FQDNs is used as a match requirement for dNSName element(s) of the certificate presented by the authentication server during the inner "phase 2" authentication. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using the same comparison. Multiple valid FQDNs can be passed as a ";" delimited list.

phase2_domain_suffix_match: string

Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for dNSName element(s) of the certificate presented by the authentication server during the inner "phase 2" authentication. If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. Since version 1.24, multiple valid FQDNs can be passed as a ";" delimited list.

phase2_private_key: Bytes

Contains the "phase 2" inner private key when the #NMSetting8021x:phase2-auth or #NMSetting8021x:phase2-autheap property is set to "tls".

Key data is specified using a "scheme"; two are currently supported: blob and path. When using the blob scheme and private keys, this property should be set to the key's encrypted PEM encoded data. When using private keys with the path scheme, this property should be set to the full UTF-8 encoded path of the key, prefixed with the string "file://" and ending with a terminating NUL byte. When using PKCS#12 format private keys and the blob scheme, this property should be set to the PKCS#12 data and the #NMSetting8021x:phase2-private-key-password property must be set to password used to decrypt the PKCS#12 certificate and key. When using PKCS#12 files and the path scheme, this property should be set to the full UTF-8 encoded path of the key, prefixed with the string "file://" and ending with a terminating NUL byte, and as with the blob scheme the #NMSetting8021x:phase2-private-key-password property must be set to the password used to decode the PKCS#12 private key and certificate.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_phase2_private_key() function instead.

phase2_private_key_password: string

The password used to decrypt the "phase 2" private key specified in the #NMSetting8021x:phase2-private-key property when the private key either uses the path scheme, or is a PKCS#12 format key. Setting this property directly is not generally necessary except when returning secrets to NetworkManager; it is generally set automatically when setting the private key by the nm_setting_802_1x_set_phase2_private_key() function.

phase2_private_key_password_flags: NM.SettingSecretFlags

Flags indicating how to handle the #NMSetting8021x:phase2-private-key-password property.

phase2_subject_match: string

Substring to be matched against the subject of the certificate presented by the authentication server during the inner "phase 2" authentication. When unset, no verification of the authentication server certificate's subject is performed. This property provides little security, if any, and its use is deprecated in favor of NMSetting8021x:phase2-domain-suffix-match.

pin: string

PIN used for EAP authentication methods.

Flags indicating how to handle the #NMSetting8021x:pin property.

private_key: Bytes

Contains the private key when the #NMSetting8021x:eap property is set to "tls".

Key data is specified using a "scheme"; two are currently supported: blob and path. When using the blob scheme and private keys, this property should be set to the key's encrypted PEM encoded data. When using private keys with the path scheme, this property should be set to the full UTF-8 encoded path of the key, prefixed with the string "file://" and ending with a terminating NUL byte. When using PKCS#12 format private keys and the blob scheme, this property should be set to the PKCS#12 data and the #NMSetting8021x:private-key-password property must be set to password used to decrypt the PKCS#12 certificate and key. When using PKCS#12 files and the path scheme, this property should be set to the full UTF-8 encoded path of the key, prefixed with the string "file://" and ending with a terminating NUL byte, and as with the blob scheme the "private-key-password" property must be set to the password used to decode the PKCS#12 private key and certificate.

Setting this property directly is discouraged; use the nm_setting_802_1x_set_private_key() function instead.

WARNING: #NMSetting8021x:private-key is not a "secret" property, and thus unencrypted private key data using the BLOB scheme may be readable by unprivileged users. Private keys should always be encrypted with a private key password to prevent unauthorized access to unencrypted private key data.

private_key_password: string

The password used to decrypt the private key specified in the #NMSetting8021x:private-key property when the private key either uses the path scheme, or if the private key is a PKCS#12 format key. Setting this property directly is not generally necessary except when returning secrets to NetworkManager; it is generally set automatically when setting the private key by the nm_setting_802_1x_set_private_key() function.

private_key_password_flags: NM.SettingSecretFlags

Flags indicating how to handle the #NMSetting8021x:private-key-password property.

subject_match: string

Substring to be matched against the subject of the certificate presented by the authentication server. When unset, no verification of the authentication server certificate's subject is performed. This property provides little security, if any, and its use is deprecated in favor of NMSetting8021x:domain-suffix-match.

system_ca_certs: boolean

When %TRUE, overrides the #NMSetting8021x:ca-path and #NMSetting8021x:phase2-ca-path properties using the system CA directory specified at configure time with the --system-ca-path switch. The certificates in this directory are added to the verification chain in addition to any certificates specified by the #NMSetting8021x:ca-cert and #NMSetting8021x:phase2-ca-cert properties. If the path provided with --system-ca-path is rather a file name (bundle of trusted CA certificates), it overrides #NMSetting8021x:ca-cert and #NMSetting8021x:phase2-ca-cert properties instead (sets ca_cert/ca_cert2 options for wpa_supplicant).

name: string

Methods

  • add_altsubject_match(altsubject_match: string): boolean
  • Adds an allowed alternate subject name match. Until at least one match is added, the altSubjectName of the remote authentication server is not verified.

    Parameters

    • altsubject_match: string

      the altSubjectName to allow for this connection

    Returns boolean

  • add_eap_method(eap: string): boolean
  • Adds an allowed EAP method. The setting is not valid until at least one EAP method has been added. See #NMSetting8021x:eap property for a list of allowed EAP methods.

    Parameters

    • eap: string

      the name of the EAP method to allow for this connection

    Returns boolean

  • add_phase2_altsubject_match(phase2_altsubject_match: string): boolean
  • Adds an allowed alternate subject name match for "phase 2". Until at least one match is added, the altSubjectName of the "phase 2" remote authentication server is not verified.

    Parameters

    • phase2_altsubject_match: string

      the "phase 2" altSubjectName to allow for this connection

    Returns boolean

  • Creates a binding between source_property on source and target_property on target.

    Whenever the source_property is changed the target_property is updated using the same value. For instance:

      g_object_bind_property (action, "active", widget, "sensitive", 0);
    

    Will result in the "sensitive" property of the widget #GObject instance to be updated with the same value of the "active" property of the action #GObject instance.

    If flags contains %G_BINDING_BIDIRECTIONAL then the binding will be mutual: if target_property on target changes then the source_property on source will be updated as well.

    The binding will automatically be removed when either the source or the target instances are finalized. To remove the binding without affecting the source and the target you can just call g_object_unref() on the returned #GBinding instance.

    Removing the binding by calling g_object_unref() on it must only be done if the binding, source and target are only used from a single thread and it is clear that both source and target outlive the binding. Especially it is not safe to rely on this if the binding, source or target can be finalized from different threads. Keep another reference to the binding and use g_binding_unbind() instead to be on the safe side.

    A #GObject can have multiple bindings.

    Parameters

    • source_property: string

      the property on source to bind

    • target: GObject.Object

      the target #GObject

    • target_property: string

      the property on target to bind

    • flags: BindingFlags

      flags to pass to #GBinding

    Returns Binding

  • Creates a binding between source_property on source and target_property on target, allowing you to set the transformation functions to be used by the binding.

    This function is the language bindings friendly version of g_object_bind_property_full(), using #GClosures instead of function pointers.

    Parameters

    • source_property: string

      the property on source to bind

    • target: GObject.Object

      the target #GObject

    • target_property: string

      the property on target to bind

    • flags: BindingFlags

      flags to pass to #GBinding

    • transform_to: TClosure<any, any>

      a #GClosure wrapping the transformation function from the source to the target, or %NULL to use the default

    • transform_from: TClosure<any, any>

      a #GClosure wrapping the transformation function from the target to the source, or %NULL to use the default

    Returns Binding

  • clear_altsubject_matches(): void
  • clear_eap_methods(): void
  • clear_phase2_altsubject_matches(): void
  • Compares two #NMSetting objects for similarity, with comparison behavior modified by a set of flags. See the documentation for #NMSettingCompareFlags for a description of each flag's behavior.

    Parameters

    Returns boolean

  • connect(sigName: "notify::altsubject-matches", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::anonymous-identity", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::auth-timeout", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::ca-cert", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::ca-cert-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::ca-cert-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::ca-path", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::client-cert", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::client-cert-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::client-cert-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::domain-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::domain-suffix-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::eap", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::identity", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::optional", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::pac-file", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::password-raw", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::password-raw-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase1-auth-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase1-fast-provisioning", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase1-peaplabel", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase1-peapver", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-altsubject-matches", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-auth", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-autheap", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-ca-cert", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-ca-cert-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-ca-cert-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-ca-path", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-client-cert", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-client-cert-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-client-cert-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-domain-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-domain-suffix-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-private-key", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-private-key-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-private-key-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::phase2-subject-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::pin", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::pin-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::private-key", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::private-key-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::private-key-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::subject-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::system-ca-certs", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: "notify::name", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect(sigName: string, callback: ((...args: any[]) => void)): number
  • connect_after(sigName: "notify::altsubject-matches", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::anonymous-identity", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::auth-timeout", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::ca-cert", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::ca-cert-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::ca-cert-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::ca-path", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::client-cert", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::client-cert-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::client-cert-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::domain-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::domain-suffix-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::eap", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::identity", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::optional", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::pac-file", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::password-raw", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::password-raw-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase1-auth-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase1-fast-provisioning", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase1-peaplabel", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase1-peapver", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-altsubject-matches", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-auth", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-autheap", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-ca-cert", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-ca-cert-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-ca-cert-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-ca-path", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-client-cert", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-client-cert-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-client-cert-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-domain-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-domain-suffix-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-private-key", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-private-key-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-private-key-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::phase2-subject-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::pin", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::pin-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::private-key", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::private-key-password", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::private-key-password-flags", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::subject-match", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::system-ca-certs", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: "notify::name", callback: (($obj: NM.Setting8021x, pspec: ParamSpec) => void)): number
  • connect_after(sigName: string, callback: ((...args: any[]) => void)): number
  • Compares two #NMSetting objects for similarity, with comparison behavior modified by a set of flags. See the documentation for #NMSettingCompareFlags for a description of each flag's behavior. If the settings differ, the keys of each setting that differ from the other are added to results, mapped to one or more #NMSettingDiffResult values.

    Parameters

    • b: NM.Setting

      a second #NMSetting to compare with the first

    • flags: NM.SettingCompareFlags

      compare flags, e.g. %NM_SETTING_COMPARE_FLAG_EXACT

    • invert_results: boolean

      this parameter is used internally by libnm and should be set to %FALSE. If %TRUE inverts the meaning of the #NMSettingDiffResult.

    • results: HashTable<string | number | symbol, string | number | boolean>

      if the settings differ, on return a hash table mapping the differing keys to one or more %NMSettingDiffResult values OR-ed together. If the settings do not differ, any hash table passed in is unmodified. If no hash table is passed in and the settings differ, a new one is created and returned.

    Returns [boolean, HashTable<string | number | symbol, string | number | boolean>]

  • disconnect(id: number): void
  • emit(sigName: "notify::altsubject-matches", ...args: any[]): void
  • emit(sigName: "notify::anonymous-identity", ...args: any[]): void
  • emit(sigName: "notify::auth-timeout", ...args: any[]): void
  • emit(sigName: "notify::ca-cert", ...args: any[]): void
  • emit(sigName: "notify::ca-cert-password", ...args: any[]): void
  • emit(sigName: "notify::ca-cert-password-flags", ...args: any[]): void
  • emit(sigName: "notify::ca-path", ...args: any[]): void
  • emit(sigName: "notify::client-cert", ...args: any[]): void
  • emit(sigName: "notify::client-cert-password", ...args: any[]): void
  • emit(sigName: "notify::client-cert-password-flags", ...args: any[]): void
  • emit(sigName: "notify::domain-match", ...args: any[]): void
  • emit(sigName: "notify::domain-suffix-match", ...args: any[]): void
  • emit(sigName: "notify::eap", ...args: any[]): void
  • emit(sigName: "notify::identity", ...args: any[]): void
  • emit(sigName: "notify::optional", ...args: any[]): void
  • emit(sigName: "notify::pac-file", ...args: any[]): void
  • emit(sigName: "notify::password", ...args: any[]): void
  • emit(sigName: "notify::password-flags", ...args: any[]): void
  • emit(sigName: "notify::password-raw", ...args: any[]): void
  • emit(sigName: "notify::password-raw-flags", ...args: any[]): void
  • emit(sigName: "notify::phase1-auth-flags", ...args: any[]): void
  • emit(sigName: "notify::phase1-fast-provisioning", ...args: any[]): void
  • emit(sigName: "notify::phase1-peaplabel", ...args: any[]): void
  • emit(sigName: "notify::phase1-peapver", ...args: any[]): void
  • emit(sigName: "notify::phase2-altsubject-matches", ...args: any[]): void
  • emit(sigName: "notify::phase2-auth", ...args: any[]): void
  • emit(sigName: "notify::phase2-autheap", ...args: any[]): void
  • emit(sigName: "notify::phase2-ca-cert", ...args: any[]): void
  • emit(sigName: "notify::phase2-ca-cert-password", ...args: any[]): void
  • emit(sigName: "notify::phase2-ca-cert-password-flags", ...args: any[]): void
  • emit(sigName: "notify::phase2-ca-path", ...args: any[]): void
  • emit(sigName: "notify::phase2-client-cert", ...args: any[]): void
  • emit(sigName: "notify::phase2-client-cert-password", ...args: any[]): void
  • emit(sigName: "notify::phase2-client-cert-password-flags", ...args: any[]): void
  • emit(sigName: "notify::phase2-domain-match", ...args: any[]): void
  • emit(sigName: "notify::phase2-domain-suffix-match", ...args: any[]): void
  • emit(sigName: "notify::phase2-private-key", ...args: any[]): void
  • emit(sigName: "notify::phase2-private-key-password", ...args: any[]): void
  • emit(sigName: "notify::phase2-private-key-password-flags", ...args: any[]): void
  • emit(sigName: "notify::phase2-subject-match", ...args: any[]): void
  • emit(sigName: "notify::pin", ...args: any[]): void
  • emit(sigName: "notify::pin-flags", ...args: any[]): void
  • emit(sigName: "notify::private-key", ...args: any[]): void
  • emit(sigName: "notify::private-key-password", ...args: any[]): void
  • emit(sigName: "notify::private-key-password-flags", ...args: any[]): void
  • emit(sigName: "notify::subject-match", ...args: any[]): void
  • emit(sigName: "notify::system-ca-certs", ...args: any[]): void
  • emit(sigName: "notify::name", ...args: any[]): void
  • emit(sigName: string, ...args: any[]): void
  • force_floating(): void
  • This function is intended for #GObject implementations to re-enforce a [floating][floating-ref] object reference. Doing this is seldom required: all #GInitiallyUnowneds are created with a floating reference which usually just needs to be sunken by calling g_object_ref_sink().

    Returns void

  • freeze_notify(): void
  • Increases the freeze count on object. If the freeze count is non-zero, the emission of "notify" signals on object is stopped. The signals are queued until the freeze count is decreased to zero. Duplicate notifications are squashed so that at most one #GObject::notify signal is emitted for each property modified while the object is frozen.

    This is necessary for accessors that modify multiple properties to prevent premature notification while the object is still being modified.

    Returns void

  • get_altsubject_match(i: number): string
  • Returns the altSubjectName match at index i.

    Parameters

    • i: number

      the zero-based index of the array of altSubjectName matches

    Returns string

  • get_anonymous_identity(): string
  • Returns the anonymous identifier used by some EAP methods (like TTLS) to authenticate the user in the outer unencrypted "phase 1" authentication. The inner "phase 2" authentication will use the #NMSetting8021x:identity in a secure form, if applicable for that EAP method.

    Returns string

  • get_auth_timeout(): number
  • get_ca_cert_blob(): Bytes
  • Returns the CA certificate blob if the CA certificate is stored using the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. Not all EAP methods use a CA certificate (LEAP for example), and those that can take advantage of the CA certificate allow it to be unset. Note that lack of a CA certificate reduces security by allowing man-in-the-middle attacks, because the identity of the network cannot be confirmed by the client.

    Returns Bytes

  • get_ca_cert_password(): string
  • get_ca_cert_path(): string
  • Returns the CA certificate path if the CA certificate is stored using the %NM_SETTING_802_1X_CK_SCHEME_PATH scheme. Not all EAP methods use a CA certificate (LEAP for example), and those that can take advantage of the CA certificate allow it to be unset. Note that lack of a CA certificate reduces security by allowing man-in-the-middle attacks, because the identity of the network cannot be confirmed by the client.

    Returns string

  • Returns the scheme used to store the CA certificate. If the returned scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_ca_cert_blob(); if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_ca_cert_path(); if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use nm_setting_802_1x_get_ca_cert_uri().

    Returns NM.Setting8021xCKScheme

  • get_ca_cert_uri(): string
  • Returns the CA certificate URI analogously to nm_setting_802_1x_get_ca_cert_blob() and nm_setting_802_1x_get_ca_cert_path().

    Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC 7512), but may be extended to other schemes in future (such as 'file' URIs for local files and 'data' URIs for inline certificate data).

    Returns string

  • get_ca_path(): string
  • Returns the path of the CA certificate directory if previously set. Systems will often have a directory that contains multiple individual CA certificates which the supplicant can then add to the verification chain. This may be used in addition to the #NMSetting8021x:ca-cert property to add more CA certificates for verifying the network to client.

    Returns string

  • get_client_cert_blob(): Bytes
  • Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    Returns Bytes

  • get_client_cert_password(): string
  • get_client_cert_path(): string
  • Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    Returns string

  • Returns the scheme used to store the client certificate. If the returned scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_client_cert_blob(); if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_client_cert_path(); if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use nm_setting_802_1x_get_client_cert_uri().

    Returns NM.Setting8021xCKScheme

  • get_client_cert_uri(): string
  • Returns the client certificate URI analogously to nm_setting_802_1x_get_client_cert_blob() and nm_setting_802_1x_get_client_cert_path().

    Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC 7512), but may be extended to other schemes in future (such as 'file' URIs for local files and 'data' URIs for inline certificate data).

    Returns string

  • get_data(key?: string): object
  • Gets a named field from the objects table of associations (see g_object_set_data()).

    Parameters

    • Optional key: string

      name of the key for that association

    Returns object

  • get_dbus_property_type(property_name: string): VariantType
  • get_domain_match(): string
  • get_domain_suffix_match(): string
  • get_eap_method(i: number): string
  • Returns the name of the allowed EAP method at index i.

    Parameters

    • i: number

      the index of the EAP method name to return

    Returns string

  • get_identity(): string
  • Returns the identifier used by some EAP methods (like TLS) to authenticate the user. Often this is a username or login name.

    Returns string

  • get_name(): string
  • get_num_altsubject_matches(): number
  • Returns the number of entries in the #NMSetting8021x:altsubject-matches property of this setting.

    Returns number

  • get_num_eap_methods(): number
  • Returns the number of eap methods allowed for use when connecting to the network. Generally only one EAP method is used. Use the functions nm_setting_802_1x_get_eap_method(), nm_setting_802_1x_add_eap_method(), and nm_setting_802_1x_remove_eap_method() for adding, removing, and retrieving allowed EAP methods.

    Returns number

  • get_num_phase2_altsubject_matches(): number
  • Returns the number of entries in the #NMSetting8021x:phase2-altsubject-matches property of this setting.

    Returns number

  • get_optional(): boolean
  • get_pac_file(): string
  • get_password(): string
  • get_password_raw(): Bytes
  • get_phase1_fast_provisioning(): string
  • get_phase1_peaplabel(): string
  • get_phase1_peapver(): string
  • get_phase2_altsubject_match(i: number): string
  • Returns the "phase 2" altSubjectName match at index i.

    Parameters

    • i: number

      the zero-based index of the array of "phase 2" altSubjectName matches

    Returns string

  • get_phase2_auth(): string
  • get_phase2_autheap(): string
  • get_phase2_ca_cert_blob(): Bytes
  • Returns the "phase 2" CA certificate blob if the CA certificate is stored using the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme. Not all EAP methods use a CA certificate (LEAP for example), and those that can take advantage of the CA certificate allow it to be unset. Note that lack of a CA certificate reduces security by allowing man-in-the-middle attacks, because the identity of the network cannot be confirmed by the client.

    Returns Bytes

  • get_phase2_ca_cert_password(): string
  • get_phase2_ca_cert_path(): string
  • Returns the "phase 2" CA certificate path if the CA certificate is stored using the %NM_SETTING_802_1X_CK_SCHEME_PATH scheme. Not all EAP methods use a CA certificate (LEAP for example), and those that can take advantage of the CA certificate allow it to be unset. Note that lack of a CA certificate reduces security by allowing man-in-the-middle attacks, because the identity of the network cannot be confirmed by the client.

    Returns string

  • Returns the scheme used to store the "phase 2" CA certificate. If the returned scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_ca_cert_blob(); if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_ca_cert_path(); if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use nm_setting_802_1x_get_ca_cert_uri().

    Returns NM.Setting8021xCKScheme

  • get_phase2_ca_cert_uri(): string
  • Returns the "phase 2" CA certificate URI analogously to nm_setting_802_1x_get_phase2_ca_cert_blob() and nm_setting_802_1x_get_phase2_ca_cert_path().

    Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC 7512), but may be extended to other schemes in future (such as 'file' URIs for local files and 'data' URIs for inline certificate data).

    Returns string

  • get_phase2_ca_path(): string
  • Returns the path of the "phase 2" CA certificate directory if previously set. Systems will often have a directory that contains multiple individual CA certificates which the supplicant can then add to the verification chain. This may be used in addition to the #NMSetting8021x:phase2-ca-cert property to add more CA certificates for verifying the network to client.

    Returns string

  • get_phase2_client_cert_blob(): Bytes
  • Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    Returns Bytes

  • get_phase2_client_cert_password(): string
  • get_phase2_client_cert_path(): string
  • Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    Returns string

  • Returns the scheme used to store the "phase 2" client certificate. If the returned scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_client_cert_blob(); if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_client_cert_path(); if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use nm_setting_802_1x_get_client_cert_uri().

    Returns NM.Setting8021xCKScheme

  • get_phase2_client_cert_uri(): string
  • Returns the "phase 2" client certificate URI analogously to nm_setting_802_1x_get_phase2_ca_cert_blob() and nm_setting_802_1x_get_phase2_ca_cert_path().

    Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC 7512), but may be extended to other schemes in future (such as 'file' URIs for local files and 'data' URIs for inline certificate data).

    Returns string

  • get_phase2_domain_match(): string
  • get_phase2_domain_suffix_match(): string
  • get_phase2_private_key_blob(): Bytes
  • Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    WARNING: the phase2 private key property is not a "secret" property, and thus unencrypted private key data may be readable by unprivileged users. Private keys should always be encrypted with a private key password.

    Returns Bytes

  • get_phase2_private_key_password(): string
  • get_phase2_private_key_path(): string
  • Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    Returns string

  • Returns the scheme used to store the "phase 2" private key. If the returned scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_client_cert_blob(); if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_client_cert_path(); if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use nm_setting_802_1x_get_client_cert_uri().

    Returns NM.Setting8021xCKScheme

  • get_phase2_private_key_uri(): string
  • Returns the "phase 2" private key URI analogously to nm_setting_802_1x_get_phase2_private_key_blob() and nm_setting_802_1x_get_phase2_private_key_path().

    Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC 7512), but may be extended to other schemes in future (such as 'file' URIs for local files and 'data' URIs for inline certificate data).

    Returns string

  • get_phase2_subject_match(): string
  • get_pin(): string
  • get_private_key_blob(): Bytes
  • Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    WARNING: the private key property is not a "secret" property, and thus unencrypted private key data may be readable by unprivileged users. Private keys should always be encrypted with a private key password.

    Returns Bytes

  • get_private_key_password(): string
  • get_private_key_path(): string
  • Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    Returns string

  • Returns the scheme used to store the private key. If the returned scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_client_cert_blob(); if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_client_cert_path(); if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use nm_setting_802_1x_get_client_cert_uri().

    Returns NM.Setting8021xCKScheme

  • get_private_key_uri(): string
  • Returns the private key URI analogously to nm_setting_802_1x_get_private_key_blob() and nm_setting_802_1x_get_private_key_path().

    Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC 7512), but may be extended to other schemes in future (such as 'file' URIs for local files and 'data' URIs for inline certificate data).

    Returns string

  • get_property(property_name?: string, value?: any): void
  • Gets a property of an object.

    The value can be:

    • an empty #GValue initialized by %G_VALUE_INIT, which will be automatically initialized with the expected type of the property (since GLib 2.60)
    • a #GValue initialized with the expected type of the property
    • a #GValue initialized with a type to which the expected type of the property can be transformed

    In general, a copy is made of the property contents and the caller is responsible for freeing the memory by calling g_value_unset().

    Note that g_object_get_property() is really intended for language bindings, g_object_get() is much more convenient for C programming.

    Parameters

    • Optional property_name: string

      the name of the property to get

    • Optional value: any

      return location for the property value

    Returns void

  • get_qdata(quark: number): object
  • get_subject_match(): string
  • get_system_ca_certs(): boolean
  • Sets the #NMSetting8021x:system-ca-certs property. The #NMSetting8021x:ca-path and #NMSetting8021x:phase2-ca-path properties are ignored if the #NMSetting8021x:system-ca-certs property is %TRUE, in which case a system-wide CA certificate directory specified at compile time (using the --system-ca-path configure option) is used in place of these properties.

    Returns boolean

  • getv(names: string[], values: any[]): void
  • Gets n_properties properties for an object. Obtained properties will be set to values. All properties must be valid. Warnings will be emitted and undefined behaviour may result if invalid properties are passed in.

    Parameters

    • names: string[]

      the names of each property to get

    • values: any[]

      the values of each property to get

    Returns void

  • is_floating(): boolean
  • notify(property_name: string): void
  • Emits a "notify" signal for the property property_name on object.

    When possible, eg. when signaling a property change from within the class that registered the property, you should use g_object_notify_by_pspec() instead.

    Note that emission of the notify signal may be blocked with g_object_freeze_notify(). In this case, the signal emissions are queued and will be emitted (in reverse order) when g_object_thaw_notify() is called.

    Parameters

    • property_name: string

      the name of a property installed on the class of object.

    Returns void

  • Emits a "notify" signal for the property specified by pspec on object.

    This function omits the property name lookup, hence it is faster than g_object_notify().

    One way to avoid using g_object_notify() from within the class that registered the properties, and using g_object_notify_by_pspec() instead, is to store the GParamSpec used with g_object_class_install_property() inside a static array, e.g.:

      enum
    {
    PROP_0,
    PROP_FOO,
    PROP_LAST
    };

    static GParamSpec *properties[PROP_LAST];

    static void
    my_object_class_init (MyObjectClass *klass)
    {
    properties[PROP_FOO] = g_param_spec_int ("foo", "Foo", "The foo",
    0, 100,
    50,
    G_PARAM_READWRITE);
    g_object_class_install_property (gobject_class,
    PROP_FOO,
    properties[PROP_FOO]);
    }

    and then notify a change on the "foo" property with:

      g_object_notify_by_pspec (self, properties[PROP_FOO]);
    

    Parameters

    • pspec: ParamSpec

      the #GParamSpec of a property installed on the class of object.

    Returns void

  • option_get_all_names(): string[]
  • option_get_boolean(opt_name: string): [boolean, boolean]
  • option_get_uint32(opt_name: string): [boolean, number]
  • option_set(opt_name: string, variant: GLib.Variant): void
  • If variant is %NULL, this clears the option if it is set. Otherwise, variant is set as the option. If variant is a floating reference, it will be consumed.

    Note that not all setting types support options. It is a bug setting a variant to a setting that doesn't support it. Currently, only #NMSettingEthtool supports it.

    Parameters

    • opt_name: string

      the option name to set

    • variant: GLib.Variant

      the variant to set.

    Returns void

  • option_set_boolean(opt_name: string, value: boolean): void
  • option_set_uint32(opt_name: string, value: number): void
  • Increases the reference count of object.

    Since GLib 2.56, if GLIB_VERSION_MAX_ALLOWED is 2.56 or greater, the type of object will be propagated to the return type (using the GCC typeof() extension), so any casting the caller needs to do on the return type must be explicit.

    Returns GObject.Object

  • Increase the reference count of object, and possibly remove the [floating][floating-ref] reference, if object has a floating reference.

    In other words, if the object is floating, then this call "assumes ownership" of the floating reference, converting it to a normal reference by clearing the floating flag while leaving the reference count unchanged. If the object is not floating, then this call adds a new normal reference increasing the reference count by one.

    Since GLib 2.56, the type of object will be propagated to the return type under the same conditions as for g_object_ref().

    Returns GObject.Object

  • remove_altsubject_match(i: number): void
  • Removes the allowed altSubjectName at the specified index.

    Parameters

    • i: number

      the index of the altSubjectName match to remove

    Returns void

  • remove_altsubject_match_by_value(altsubject_match: string): boolean
  • Removes the allowed altSubjectName altsubject_match.

    Parameters

    • altsubject_match: string

      the altSubjectName to remove

    Returns boolean

  • remove_eap_method(i: number): void
  • Removes the allowed EAP method at the specified index.

    Parameters

    • i: number

      the index of the EAP method to remove

    Returns void

  • remove_eap_method_by_value(eap: string): boolean
  • Removes the allowed EAP method method.

    Parameters

    • eap: string

      the name of the EAP method to remove

    Returns boolean

  • remove_phase2_altsubject_match(i: number): void
  • Removes the allowed "phase 2" altSubjectName at the specified index.

    Parameters

    • i: number

      the index of the "phase 2" altSubjectName match to remove

    Returns void

  • remove_phase2_altsubject_match_by_value(phase2_altsubject_match: string): boolean
  • Removes the allowed "phase 2" altSubjectName phase2_altsubject_match.

    Parameters

    • phase2_altsubject_match: string

      the "phase 2" altSubjectName to remove

    Returns boolean

  • run_dispose(): void
  • Reads a certificate from disk and sets the #NMSetting8021x:ca-cert property with the raw certificate data if using the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme, or with the path to the certificate file if using the %NM_SETTING_802_1X_CK_SCHEME_PATH scheme.

    Parameters

    • value: string

      when scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH or %NM_SETTING_802_1X_CK_SCHEME_BLOB, pass the path of the CA certificate file (PEM or DER format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing %NULL with any scheme clears the CA certificate.

    • scheme: NM.Setting8021xCKScheme

      desired storage scheme for the certificate

    • out_format: NM.Setting8021xCKFormat

      on successful return, the type of the certificate added

    Returns boolean

  • Reads a certificate from disk and sets the #NMSetting8021x:client-cert property with the raw certificate data if using the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme, or with the path to the certificate file if using the %NM_SETTING_802_1X_CK_SCHEME_PATH scheme.

    Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    Parameters

    • value: string

      when scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH or %NM_SETTING_802_1X_CK_SCHEME_BLOB, pass the path of the client certificate file (PEM, DER, or PKCS#12 format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing %NULL with any scheme clears the client certificate.

    • scheme: NM.Setting8021xCKScheme

      desired storage scheme for the certificate

    • out_format: NM.Setting8021xCKFormat

      on successful return, the type of the certificate added

    Returns boolean

  • set_data(key: string, data?: object): void
  • Each object carries around a table of associations from strings to pointers. This function lets you set an association.

    If the object already had an association with that name, the old association will be destroyed.

    Internally, the key is converted to a #GQuark using g_quark_from_string(). This means a copy of key is kept permanently (even after object has been finalized) — so it is recommended to only use a small, bounded set of values for key in your program, to avoid the #GQuark storage growing unbounded.

    Parameters

    • key: string

      name of the key

    • Optional data: object

      data to associate with that key

    Returns void

  • Reads a certificate from disk and sets the #NMSetting8021x:phase2-ca-cert property with the raw certificate data if using the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme, or with the path to the certificate file if using the %NM_SETTING_802_1X_CK_SCHEME_PATH scheme.

    Parameters

    • value: string

      when scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH or %NM_SETTING_802_1X_CK_SCHEME_BLOB, pass the path of the "phase2" CA certificate file (PEM or DER format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing %NULL with any scheme clears the "phase2" CA certificate.

    • scheme: NM.Setting8021xCKScheme

      desired storage scheme for the certificate

    • out_format: NM.Setting8021xCKFormat

      on successful return, the type of the certificate added

    Returns boolean

  • Reads a certificate from disk and sets the #NMSetting8021x:phase2-client-cert property with the raw certificate data if using the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme, or with the path to the certificate file if using the %NM_SETTING_802_1X_CK_SCHEME_PATH scheme.

    Client certificates are used to identify the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    Parameters

    • value: string

      when scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH or %NM_SETTING_802_1X_CK_SCHEME_BLOB, pass the path of the "phase2" client certificate file (PEM, DER, or PKCS#12 format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing %NULL with any scheme clears the "phase2" client certificate.

    • scheme: NM.Setting8021xCKScheme

      desired storage scheme for the certificate

    • out_format: NM.Setting8021xCKFormat

      on successful return, the type of the certificate added

    Returns boolean

  • Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    This function reads a private key from disk and sets the #NMSetting8021x:phase2-private-key property with the private key file data if using the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme, or with the path to the private key file if using the %NM_SETTING_802_1X_CK_SCHEME_PATH scheme.

    If password is given, this function attempts to decrypt the private key to verify that password is correct, and if it is, updates the #NMSetting8021x:phase2-private-key-password property with the given password. If the decryption is unsuccessful, %FALSE is returned, error is set, and no internal data is changed. If no password is given, the private key is assumed to be valid, no decryption is performed, and the password may be set at a later time.

    WARNING: the "phase2" private key property is not a "secret" property, and thus unencrypted private key data using the BLOB scheme may be readable by unprivileged users. Private keys should always be encrypted with a private key password to prevent unauthorized access to unencrypted private key data.

    Parameters

    • value: string

      when scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH or %NM_SETTING_802_1X_CK_SCHEME_BLOB, pass the path of the "phase2" private key file (PEM, DER, or PKCS#12 format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing %NULL with any scheme clears the private key.

    • password: string

      password used to decrypt the private key, or %NULL if the password is unknown. If the password is given but fails to decrypt the private key, an error is returned.

    • scheme: NM.Setting8021xCKScheme

      desired storage scheme for the private key

    • out_format: NM.Setting8021xCKFormat

      on successful return, the type of the private key added

    Returns boolean

  • Private keys are used to authenticate the connecting client to the network when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x authentication method.

    This function reads a private key from disk and sets the #NMSetting8021x:private-key property with the private key file data if using the %NM_SETTING_802_1X_CK_SCHEME_BLOB scheme, or with the path to the private key file if using the %NM_SETTING_802_1X_CK_SCHEME_PATH scheme.

    If password is given, this function attempts to decrypt the private key to verify that password is correct, and if it is, updates the #NMSetting8021x:private-key-password property with the given password. If the decryption is unsuccessful, %FALSE is returned, error is set, and no internal data is changed. If no password is given, the private key is assumed to be valid, no decryption is performed, and the password may be set at a later time.

    WARNING: the private key property is not a "secret" property, and thus unencrypted private key data using the BLOB scheme may be readable by unprivileged users. Private keys should always be encrypted with a private key password to prevent unauthorized access to unencrypted private key data.

    Parameters

    • value: string

      when scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH or %NM_SETTING_802_1X_CK_SCHEME_BLOB, pass the path of the private key file (PEM, DER, or PKCS#12 format). The path must be UTF-8 encoded; use g_filename_to_utf8() to convert if needed. Passing %NULL with any scheme clears the private key.

    • password: string

      password used to decrypt the private key, or %NULL if the password is unknown. If the password is given but fails to decrypt the private key, an error is returned.

    • scheme: NM.Setting8021xCKScheme

      desired storage scheme for the private key

    • out_format: NM.Setting8021xCKFormat

      on successful return, the type of the private key added

    Returns boolean

  • set_property(property_name: string, value?: any): void
  • steal_data(key?: string): object
  • Remove a specified datum from the object's data associations, without invoking the association's destroy handler.

    Parameters

    • Optional key: string

      name of the key

    Returns object

  • steal_qdata(quark: number): object
  • This function gets back user data pointers stored via g_object_set_qdata() and removes the data from object without invoking its destroy() function (if any was set). Usually, calling this function is only required to update user data pointers with a destroy notifier, for example:

    void
    object_add_to_user_list (GObject *object,
    const gchar *new_string)
    {
    // the quark, naming the object data
    GQuark quark_string_list = g_quark_from_static_string ("my-string-list");
    // retrieve the old string list
    GList *list = g_object_steal_qdata (object, quark_string_list);

    // prepend new string
    list = g_list_prepend (list, g_strdup (new_string));
    // this changed 'list', so we need to set it again
    g_object_set_qdata_full (object, quark_string_list, list, free_string_list);
    }
    static void
    free_string_list (gpointer data)
    {
    GList *node, *list = data;

    for (node = list; node; node = node->next)
    g_free (node->data);
    g_list_free (list);
    }

    Using g_object_get_qdata() in the above example, instead of g_object_steal_qdata() would have left the destroy function set, and thus the partial string list would have been freed upon g_object_set_qdata_full().

    Parameters

    • quark: number

      A #GQuark, naming the user data pointer

    Returns object

  • thaw_notify(): void
  • Reverts the effect of a previous call to g_object_freeze_notify(). The freeze count is decreased on object and when it reaches zero, queued "notify" signals are emitted.

    Duplicate notifications for each property are squashed so that at most one #GObject::notify signal is emitted for each property, in the reverse order in which they have been queued.

    It is an error to call this function when the freeze count is zero.

    Returns void

  • to_string(): string
  • Convert the setting (including secrets!) into a string. For debugging purposes ONLY, should NOT be used for serialization of the setting, or machine-parsed in any way. The output format is not guaranteed to be stable and may change at any time.

    Returns string

  • unref(): void
  • Decreases the reference count of object. When its reference count drops to 0, the object is finalized (i.e. its memory is freed).

    If the pointer to the #GObject may be reused in future (for example, if it is an instance variable of another object), it is recommended to clear the pointer to %NULL rather than retain a dangling pointer to a potentially invalid #GObject instance. Use g_clear_object() for this.

    Returns void

  • Validates the setting. Each setting's properties have allowed values, and some are dependent on other values (hence the need for connection). The returned #GError contains information about which property of the setting failed validation, and in what way that property failed validation.

    Parameters

    • connection: NM.Connection

      the #NMConnection that setting came from, or %NULL if setting is being verified in isolation.

    Returns boolean

  • Verifies the secrets in the setting. The returned #GError contains information about which secret of the setting failed validation, and in what way that secret failed validation. The secret validation is done separately from main setting validation, because in some cases connection failure is not desired just for the secrets.

    Parameters

    • connection: NM.Connection

      the #NMConnection that setting came from, or %NULL if setting is being verified in isolation.

    Returns boolean

  • vfunc_constructed(): void
  • vfunc_dispatch_properties_changed(n_pspecs: number, pspecs: ParamSpec): void
  • vfunc_dispose(): void
  • vfunc_finalize(): void
  • vfunc_get_property(property_id: number, value?: any, pspec?: ParamSpec): void
  • Emits a "notify" signal for the property property_name on object.

    When possible, eg. when signaling a property change from within the class that registered the property, you should use g_object_notify_by_pspec() instead.

    Note that emission of the notify signal may be blocked with g_object_freeze_notify(). In this case, the signal emissions are queued and will be emitted (in reverse order) when g_object_thaw_notify() is called.

    virtual

    Parameters

    Returns void

  • vfunc_set_property(property_id: number, value?: any, pspec?: ParamSpec): void
  • watch_closure(closure: TClosure<any, any>): void
  • This function essentially limits the life time of the closure to the life time of the object. That is, when the object is finalized, the closure is invalidated by calling g_closure_invalidate() on it, in order to prevent invocations of the closure with a finalized (nonexisting) object. Also, g_object_ref() and g_object_unref() are added as marshal guards to the closure, to ensure that an extra reference count is held on object during invocation of the closure. Usually, this function will be called on closures that use this object as closure data.

    Parameters

    • closure: TClosure<any, any>

      #GClosure to watch

    Returns void

  • Determines and verifies the blob type. When setting certificate properties of NMSetting8021x the blob must be not UNKNOWN (or NULL).

    Parameters

    • pdata: object

      the data pointer

    • length: number

      the length of the data

    Returns NM.Setting8021xCKScheme

  • compat_control(what: number, data: object): number
  • Find the #GParamSpec with the given name for an interface. Generally, the interface vtable passed in as g_iface will be the default vtable from g_type_default_interface_ref(), or, if you know the interface has already been loaded, g_type_default_interface_peek().

    Parameters

    • g_iface: TypeInterface

      any interface vtable for the interface, or the default vtable for the interface

    • property_name: string

      name of a property to look up.

    Returns ParamSpec

  • Add a property to an interface; this is only useful for interfaces that are added to GObject-derived types. Adding a property to an interface forces all objects classes with that interface to have a compatible property. The compatible property could be a newly created #GParamSpec, but normally g_object_class_override_property() will be used so that the object class only needs to provide an implementation and inherits the property description, default value, bounds, and so forth from the interface property.

    This function is meant to be called from the interface's default vtable initialization function (the class_init member of #GTypeInfo.) It must not be called after after class_init has been called for any object types implementing this interface.

    If pspec is a floating reference, it will be consumed.

    Parameters

    • g_iface: TypeInterface

      any interface vtable for the interface, or the default vtable for the interface.

    • pspec: ParamSpec

      the #GParamSpec for the new property

    Returns void

  • Lists the properties of an interface.Generally, the interface vtable passed in as g_iface will be the default vtable from g_type_default_interface_ref(), or, if you know the interface has already been loaded, g_type_default_interface_peek().

    Parameters

    • g_iface: TypeInterface

      any interface vtable for the interface, or the default vtable for the interface

    Returns ParamSpec[]

  • lookup_type(name: string): GType<unknown>
  • Creates a new instance of a #GObject subtype and sets its properties.

    Construction parameters (see %G_PARAM_CONSTRUCT, %G_PARAM_CONSTRUCT_ONLY) which are not explicitly specified are set to their default values.

    Parameters

    • object_type: GType<unknown>

      the type id of the #GObject subtype to instantiate

    • parameters: GObject.Parameter[]

      an array of #GParameter

    Returns GObject.Object

Legend

  • Module
  • Object literal
  • Variable
  • Function
  • Function with type parameter
  • Index signature
  • Type alias
  • Type alias with type parameter
  • Enumeration
  • Enumeration member
  • Property
  • Method
  • Interface
  • Interface with type parameter
  • Constructor
  • Property
  • Method
  • Index signature
  • Class
  • Class with type parameter
  • Constructor
  • Property
  • Method
  • Accessor
  • Index signature
  • Inherited constructor
  • Inherited property
  • Inherited method
  • Inherited accessor
  • Protected property
  • Protected method
  • Protected accessor
  • Private property
  • Private method
  • Private accessor
  • Static property
  • Static method