Expand description
SSL/TLS support.
SslConnector and SslAcceptor should be used in most cases - they handle
configuration of the OpenSSL primitives for you.
§Examples
To connect as a client to a remote server:
use openssl::ssl::{SslMethod, SslConnector};
use std::io::{Read, Write};
use std::net::TcpStream;
let connector = SslConnector::builder(SslMethod::tls()).unwrap().build();
let stream = TcpStream::connect("google.com:443").unwrap();
let mut stream = connector.connect("google.com", stream).unwrap();
stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap();
let mut res = vec![];
stream.read_to_end(&mut res).unwrap();
println!("{}", String::from_utf8_lossy(&res));To accept connections as a server from remote clients:
use openssl::ssl::{SslMethod, SslAcceptor, SslStream, SslFiletype};
use std::net::{TcpListener, TcpStream};
use std::sync::Arc;
use std::thread;
let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
acceptor.set_private_key_file("key.pem", SslFiletype::PEM).unwrap();
acceptor.set_certificate_chain_file("certs.pem").unwrap();
acceptor.check_private_key().unwrap();
let acceptor = Arc::new(acceptor.build());
let listener = TcpListener::bind("0.0.0.0:8443").unwrap();
fn handle_client(stream: SslStream<TcpStream>) {
// ...
}
for stream in listener.incoming() {
match stream {
Ok(stream) => {
let acceptor = acceptor.clone();
thread::spawn(move || {
let stream = acceptor.accept(stream).unwrap();
handle_client(stream);
});
}
Err(e) => { /* connection failed */ }
}
}Structs§
- Alpn
Error - An error returned from an ALPN selection callback.
- Cipher
Bits - Information about the state of a cipher.
- Cipher
Lists - A stack of selected ciphers, and a stack of selected signalling cipher suites
- Client
Hello Response - The result of a client hello callback.
- Connect
Configuration - A type which allows for configuration of a client-side TLS session before connection.
- Error
- An SSL error.
- Error
Code - An error code returned from SSL functions.
- Extension
Context - Which messages and under which conditions an extension should be added or expected.
- MidHandshake
SslStream - An SSL stream midway through the handshake process.
- Name
Type - An identifier of a session name type.
- Shutdown
State - The shutdown state of a session.
- SniError
- An error returned from the SNI callback.
- Ssl
- The state of an SSL/TLS session.
- SslAcceptor
- A type which wraps server-side streams in a TLS session.
- SslAcceptor
Builder - A builder for
SslAcceptors. - SslAlert
- An SSL/TLS alert.
- SslCipher
- Information about a cipher.
- SslCipher
Ref - Reference to an
SslCipher. - SslConnector
- A type which wraps client-side streams in a TLS session.
- SslConnector
Builder - A builder for
SslConnectors. - SslContext
- A context object for TLS streams.
- SslContext
Builder - A builder for
SslContexts. - SslContext
Ref - Reference to
SslContext - SslFiletype
- An identifier of the format of a certificate or key file.
- SslMethod
- A type specifying the kind of protocol an
SslContextwill speak. - SslMode
- Options controlling the behavior of an
SslContext. - SslOptions
- Options controlling the behavior of an
SslContext. - SslRef
- Reference to an
Ssl. - SslSession
- An encoded SSL session.
- SslSession
Cache Mode - Options controlling the behavior of session caching.
- SslSession
Ref - Reference to
SslSession. - SslStream
- A TLS session over a stream.
- SslStream
Builder Deprecated - A partially constructed
SslStream, useful for unusual handshakes. - SslVerify
Mode - Options controlling the behavior of certificate verification.
- SslVersion
- An SSL/TLS protocol version.
- Status
Type - An identifier of a certificate status type.
Enums§
- Handshake
Error - An error or intermediate state after a TLS handshake attempt.
- Shutdown
Result - The result of a shutdown request.
Functions§
- cipher_
name - Returns the OpenSSL name of a cipher corresponding to an RFC-standard cipher name.
- select_
next_ proto - A standard implementation of protocol selection for Application Layer Protocol Negotiation (ALPN).