Module openssl::ssl [−][src]
SSL/TLS support.
SslConnector and SslAcceptor should be used in most cases - they handle
configuration of the OpenSSL primitives for you.
Examples
To connect as a client to a remote server:
use openssl::ssl::{SslMethod, SslConnector}; use std::io::{Read, Write}; use std::net::TcpStream; let connector = SslConnector::builder(SslMethod::tls()).unwrap().build(); let stream = TcpStream::connect("google.com:443").unwrap(); let mut stream = connector.connect("google.com", stream).unwrap(); stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap(); let mut res = vec![]; stream.read_to_end(&mut res).unwrap(); println!("{}", String::from_utf8_lossy(&res));
To accept connections as a server from remote clients:
use openssl::ssl::{SslMethod, SslAcceptor, SslStream, SslFiletype}; use std::net::{TcpListener, TcpStream}; use std::sync::Arc; use std::thread; let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); acceptor.set_private_key_file("key.pem", SslFiletype::PEM).unwrap(); acceptor.set_certificate_chain_file("certs.pem").unwrap(); acceptor.check_private_key().unwrap(); let acceptor = Arc::new(acceptor.build()); let listener = TcpListener::bind("0.0.0.0:8443").unwrap(); fn handle_client(stream: SslStream<TcpStream>) { // ... } for stream in listener.incoming() { match stream { Ok(stream) => { let acceptor = acceptor.clone(); thread::spawn(move || { let stream = acceptor.accept(stream).unwrap(); handle_client(stream); }); } Err(e) => { /* connection failed */ } } }
Structs
| AlpnError |
An error returned from an ALPN selection callback. |
| CipherBits |
Information about the state of a cipher. |
| ConnectConfiguration |
A type which allows for configuration of a client-side TLS session before connection. |
| Error |
An SSL error. |
| ErrorCode |
An error code returned from SSL functions. |
| ExtensionContext |
Which messages and under which conditions an extension should be added or expected. |
| MidHandshakeSslStream |
An SSL stream midway through the handshake process. |
| NameType |
An identifier of a session name type. |
| SniError |
An error returned from the SNI callback. |
| Ssl |
The state of an SSL/TLS session. |
| SslAcceptor |
A type which wraps server-side streams in a TLS session. |
| SslAcceptorBuilder |
A builder for |
| SslAlert |
An SSL/TLS alert. |
| SslCipher |
Information about a cipher. |
| SslCipherRef |
Reference to an |
| SslConnector |
A type which wraps client-side streams in a TLS session. |
| SslConnectorBuilder |
A builder for |
| SslContext |
A context object for TLS streams. |
| SslContextBuilder |
A builder for |
| SslContextRef |
Reference to |
| SslFiletype |
An identifier of the format of a certificate or key file. |
| SslMethod |
A type specifying the kind of protocol an |
| SslMode |
Options controlling the behavior of an |
| SslOptions |
Options controlling the behavior of an |
| SslRef |
Reference to an |
| SslSession |
An encoded SSL session. |
| SslSessionCacheMode |
Options controlling the behavior of session caching. |
| SslSessionRef |
Reference to |
| SslStream |
A TLS session over a stream. |
| SslStreamBuilder |
A partially constructed |
| SslVerifyMode |
Options controling the behavior of certificate verification. |
| SslVersion |
An SSL/TLS protocol version. |
| StatusType |
An identifier of a certificate status type. |
Enums
| HandshakeError |
An error or intermediate state after a TLS handshake attempt. |
| ShutdownResult |
The result of a shutdown request. |
Functions
| get_new_idx⚠ | |
| get_new_ssl_idx⚠ | |
| select_next_proto |
A standard implementation of protocol selection for Application Layer Protocol Negotiation (ALPN). |