sqlx_postgres/options/
ssl_mode.rs

1use crate::error::Error;
2use std::str::FromStr;
3
4/// Options for controlling the level of protection provided for PostgreSQL SSL connections.
5///
6/// It is used by the [`ssl_mode`](super::PgConnectOptions::ssl_mode) method.
7#[derive(Debug, Clone, Copy, Default)]
8pub enum PgSslMode {
9    /// Only try a non-SSL connection.
10    Disable,
11
12    /// First try a non-SSL connection; if that fails, try an SSL connection.
13    Allow,
14
15    /// First try an SSL connection; if that fails, try a non-SSL connection.
16    ///
17    /// This is the default if no other mode is specified.
18    #[default]
19    Prefer,
20
21    /// Only try an SSL connection. If a root CA file is present, verify the connection
22    /// in the same way as if `VerifyCa` was specified.
23    Require,
24
25    /// Only try an SSL connection, and verify that the server certificate is issued by a
26    /// trusted certificate authority (CA).
27    VerifyCa,
28
29    /// Only try an SSL connection; verify that the server certificate is issued by a trusted
30    /// CA and that the requested server host name matches that in the certificate.
31    VerifyFull,
32}
33
34impl FromStr for PgSslMode {
35    type Err = Error;
36
37    fn from_str(s: &str) -> Result<Self, Error> {
38        Ok(match &*s.to_ascii_lowercase() {
39            "disable" => PgSslMode::Disable,
40            "allow" => PgSslMode::Allow,
41            "prefer" => PgSslMode::Prefer,
42            "require" => PgSslMode::Require,
43            "verify-ca" => PgSslMode::VerifyCa,
44            "verify-full" => PgSslMode::VerifyFull,
45
46            _ => {
47                return Err(Error::Configuration(
48                    format!("unknown value {s:?} for `ssl_mode`").into(),
49                ));
50            }
51        })
52    }
53}
sqlx_postgres/options/ssl_mode.rs

sqlx_postgres/options/
ssl_mode.rs
