Struct openssl::ssl::SslOptions

pub struct SslOptions { /* fields omitted */ }

Options controlling the behavior of an SslContext.

Methods

impl SslOptions

pub const DONT_INSERT_EMPTY_FRAGMENTS: SslOptions

DONT_INSERT_EMPTY_FRAGMENTS: SslOptions = SslOptions{bits: ffi::SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS,}

Disables a countermeasure against an SSLv3/TLSv1.0 vulnerability affecting CBC ciphers.

pub const ALL: SslOptions

ALL: SslOptions = SslOptions{bits: ffi::SSL_OP_ALL,}

A "reasonable default" set of options which enables compatibility flags.

pub const NO_QUERY_MTU: SslOptions

NO_QUERY_MTU: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_QUERY_MTU,}

Do not query the MTU.

Only affects DTLS connections.

pub const COOKIE_EXCHANGE: SslOptions

COOKIE_EXCHANGE: SslOptions = SslOptions{bits: ffi::SSL_OP_COOKIE_EXCHANGE,}

Enables Cookie Exchange as described in RFC 4347 Section 4.2.1.

Only affects DTLS connections.

pub const NO_TICKET: SslOptions

NO_TICKET: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_TICKET,}

Disables the use of session tickets for session resumption.

pub const NO_SESSION_RESUMPTION_ON_RENEGOTIATION: SslOptions

NO_SESSION_RESUMPTION_ON_RENEGOTIATION: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION,}

Always start a new session when performing a renegotiation on the server side.

pub const NO_COMPRESSION: SslOptions

NO_COMPRESSION: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_COMPRESSION,}

Disables the use of TLS compression.

pub const ALLOW_UNSAFE_LEGACY_RENEGOTIATION: SslOptions

ALLOW_UNSAFE_LEGACY_RENEGOTIATION: SslOptions = SslOptions{bits: ffi::SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION,}

Allow legacy insecure renegotiation with servers or clients that do not support secure renegotiation.

pub const SINGLE_ECDH_USE: SslOptions

SINGLE_ECDH_USE: SslOptions = SslOptions{bits: ffi::SSL_OP_SINGLE_ECDH_USE,}

Creates a new key for each session when using ECDHE.

This is always enabled in OpenSSL 1.1.0.

pub const SINGLE_DH_USE: SslOptions

SINGLE_DH_USE: SslOptions = SslOptions{bits: ffi::SSL_OP_SINGLE_DH_USE,}

Creates a new key for each session when using DHE.

This is always enabled in OpenSSL 1.1.0.

pub const CIPHER_SERVER_PREFERENCE: SslOptions

CIPHER_SERVER_PREFERENCE: SslOptions = SslOptions{bits: ffi::SSL_OP_CIPHER_SERVER_PREFERENCE,}

Use the server's preferences rather than the client's when selecting a cipher.

This has no effect on the client side.

pub const TLS_ROLLBACK_BUG: SslOptions

TLS_ROLLBACK_BUG: SslOptions = SslOptions{bits: ffi::SSL_OP_TLS_ROLLBACK_BUG,}

Disables version rollback attach detection.

pub const NO_SSLV2: SslOptions

NO_SSLV2: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_SSLv2,}

Disables the use of SSLv2.

pub const NO_SSLV3: SslOptions

NO_SSLV3: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_SSLv3,}

Disables the use of SSLv3.

pub const NO_TLSV1: SslOptions

NO_TLSV1: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_TLSv1,}

Disables the use of TLSv1.0.

pub const NO_TLSV1_1: SslOptions

NO_TLSV1_1: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_TLSv1_1,}

Disables the use of TLSv1.1.

pub const NO_TLSV1_2: SslOptions

NO_TLSV1_2: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_TLSv1_2,}

Disables the use of TLSv1.2.

pub const NO_TLSV1_3: SslOptions

NO_TLSV1_3: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_TLSv1_3,}

Disables the use of TLSv1.3.

Requires OpenSSL 1.1.1 or newer.

pub const NO_DTLSV1: SslOptions

NO_DTLSV1: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_DTLSv1,}

Disables the use of DTLSv1.0

Requires OpenSSL 1.0.2 or newer.

pub const NO_DTLSV1_2: SslOptions

NO_DTLSV1_2: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_DTLSv1_2,}

Disables the use of DTLSv1.2.

Requires OpenSSL 1.0.2, or newer.

pub const NO_SSL_MASK: SslOptions

NO_SSL_MASK: SslOptions = SslOptions{bits: ffi::SSL_OP_NO_SSL_MASK,}

Disables the use of all (D)TLS protocol versions.

This can be used as a mask when whitelisting protocol versions.

Requires OpenSSL 1.0.2 or newer.

Examples

Only support TLSv1.2:

use openssl::ssl::SslOptions;

let options = SslOptions::NO_SSL_MASK & !SslOptions::NO_TLSV1_2;

pub const ENABLE_MIDDLEBOX_COMPAT: SslOptions

ENABLE_MIDDLEBOX_COMPAT: SslOptions = SslOptions{bits: ffi::SSL_OP_ENABLE_MIDDLEBOX_COMPAT,}

Enable TLSv1.3 Compatibility mode.

Requires OpenSSL 1.1.1 or newer. This is on by default in 1.1.1, but a future version may have this disabled by default.

pub fn empty() -> SslOptions

Returns an empty set of flags.

pub fn all() -> SslOptions

Returns the set containing all flags.

pub fn bits(&self) -> c_ulong

Returns the raw value of the flags currently stored.

pub fn from_bits(bits: c_ulong) -> Option<SslOptions>

Convert from underlying bit representation, unless that representation contains bits that do not correspond to a flag.

pub fn from_bits_truncate(bits: c_ulong) -> SslOptions

Convert from underlying bit representation, dropping any bits that do not correspond to flags.

pub fn is_empty(&self) -> bool

Returns true if no flags are currently stored.

pub fn is_all(&self) -> bool

Returns true if all flags are currently set.

pub fn intersects(&self, other: SslOptions) -> bool

Returns true if there are flags common to both self and other.

pub fn contains(&self, other: SslOptions) -> bool

Returns true all of the flags in other are contained within self.

pub fn insert(&mut self, other: SslOptions)

Inserts the specified flags in-place.

pub fn remove(&mut self, other: SslOptions)

Removes the specified flags in-place.

pub fn toggle(&mut self, other: SslOptions)

Toggles the specified flags in-place.

pub fn set(&mut self, other: SslOptions, value: bool)

Inserts or removes the specified flags depending on the passed value.

Trait Implementations

impl Copy for SslOptions

impl PartialEq for SslOptions

fn eq(&self, other: &SslOptions) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &SslOptions) -> bool

This method tests for !=.

impl Eq for SslOptions

impl Clone for SslOptions

fn clone(&self) -> SslOptions

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl PartialOrd for SslOptions

fn partial_cmp(&self, other: &SslOptions) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &SslOptions) -> bool

This method tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &SslOptions) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &SslOptions) -> bool

This method tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &SslOptions) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator.

impl Ord for SslOptions

fn cmp(&self, other: &SslOptions) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

Compares and returns the minimum of two values.

impl Hash for SslOptions

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given [Hasher].

fn hash_slice<H>(data: &[Self], state: &mut H) where     H: Hasher,

Feeds a slice of this type into the given [Hasher].

impl Debug for SslOptions

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Binary for SslOptions

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Octal for SslOptions

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl LowerHex for SslOptions

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl UpperHex for SslOptions

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl BitOr for SslOptions

type Output = SslOptions

The resulting type after applying the | operator.

fn bitor(self, other: SslOptions) -> SslOptions

Returns the union of the two sets of flags.

impl BitOrAssign for SslOptions

fn bitor_assign(&mut self, other: SslOptions)

Adds the set of flags.

impl BitXor for SslOptions

type Output = SslOptions

The resulting type after applying the ^ operator.

fn bitxor(self, other: SslOptions) -> SslOptions

Returns the left flags, but with all the right flags toggled.

impl BitXorAssign for SslOptions

fn bitxor_assign(&mut self, other: SslOptions)

Toggles the set of flags.

impl BitAnd for SslOptions

type Output = SslOptions

The resulting type after applying the & operator.

fn bitand(self, other: SslOptions) -> SslOptions

Returns the intersection between the two sets of flags.

impl BitAndAssign for SslOptions

fn bitand_assign(&mut self, other: SslOptions)

Disables all flags disabled in the set.

impl Sub for SslOptions

type Output = SslOptions

The resulting type after applying the - operator.

fn sub(self, other: SslOptions) -> SslOptions

Returns the set difference of the two sets of flags.

impl SubAssign for SslOptions

fn sub_assign(&mut self, other: SslOptions)

Disables all flags enabled in the set.

impl Not for SslOptions

type Output = SslOptions

The resulting type after applying the ! operator.

fn not(self) -> SslOptions

Returns the complement of this set of flags.

impl Extend<SslOptions> for SslOptions

fn extend<T: IntoIterator<Item = SslOptions>>(&mut self, iterator: T)

Extends a collection with the contents of an iterator.

impl FromIterator<SslOptions> for SslOptions

fn from_iter<T: IntoIterator<Item = SslOptions>>(iterator: T) -> SslOptions

Creates a value from an iterator.