Struct trust_dns_proto::native_tls::tls_stream::TlsStreamBuilder
source · pub struct TlsStreamBuilder<S> { /* private fields */ }
Available on crate feature
dns-over-native-tls
only.Expand description
A builder for the TlsStream
Implementations§
source§impl<S: DnsTcpStream> TlsStreamBuilder<S>
impl<S: DnsTcpStream> TlsStreamBuilder<S>
sourcepub fn add_ca(&mut self, ca: Certificate)
pub fn add_ca(&mut self, ca: Certificate)
Add a custom trusted peer certificate or certificate authority.
If this is the ‘client’ then the ‘server’ must have it associated as it’s identity
, or have had the identity
signed by this certificate.
sourcepub fn bind_addr(&mut self, bind_addr: SocketAddr)
pub fn bind_addr(&mut self, bind_addr: SocketAddr)
Sets the address to connect from.
sourcepub fn build_with_future<F>(
self,
future: F,
name_server: SocketAddr,
dns_name: String
) -> (Pin<Box<dyn Future<Output = Result<TlsStream<S>, Error>> + Send>>, BufDnsStreamHandle)where
S: DnsTcpStream,
F: Future<Output = Result<S>> + Send + Unpin + 'static,
pub fn build_with_future<F>( self, future: F, name_server: SocketAddr, dns_name: String ) -> (Pin<Box<dyn Future<Output = Result<TlsStream<S>, Error>> + Send>>, BufDnsStreamHandle)where S: DnsTcpStream, F: Future<Output = Result<S>> + Send + Unpin + 'static,
Similar to build
, but with customized stream future.
Arguments
name_server
- IP and Port for the remote DNS resolverdns_name
- The DNS name, Public Key Info (SPKI) name, as associated to a certificate
source§impl<S: Connect> TlsStreamBuilder<S>
impl<S: Connect> TlsStreamBuilder<S>
sourcepub fn build(
self,
name_server: SocketAddr,
dns_name: String
) -> (Pin<Box<dyn Future<Output = Result<TlsStream<S>, Error>> + Send>>, BufDnsStreamHandle)
pub fn build( self, name_server: SocketAddr, dns_name: String ) -> (Pin<Box<dyn Future<Output = Result<TlsStream<S>, Error>> + Send>>, BufDnsStreamHandle)
Creates a new TlsStream to the specified name_server
RFC 7858, DNS over TLS, May 2016
3.2. TLS Handshake and Authentication
Once the DNS client succeeds in connecting via TCP on the well-known
port for DNS over TLS, it proceeds with the TLS handshake [RFC5246],
following the best practices specified in [BCP195].
The client will then authenticate the server, if required. This
document does not propose new ideas for authentication. Depending on
the privacy profile in use (Section 4), the DNS client may choose not
to require authentication of the server, or it may make use of a
trusted Subject Public Key Info (SPKI) Fingerprint pin set.
After TLS negotiation completes, the connection will be encrypted and
is now protected from eavesdropping.
Arguments
name_server
- IP and Port for the remote DNS resolverdns_name
- The DNS name, Public Key Info (SPKI) name, as associated to a certificate
Trait Implementations§
source§impl<S: Default> Default for TlsStreamBuilder<S>
impl<S: Default> Default for TlsStreamBuilder<S>
source§fn default() -> TlsStreamBuilder<S>
fn default() -> TlsStreamBuilder<S>
Returns the “default value” for a type. Read more
Auto Trait Implementations§
impl<S> RefUnwindSafe for TlsStreamBuilder<S>where S: RefUnwindSafe,
impl<S> Send for TlsStreamBuilder<S>where S: Send,
impl<S> Sync for TlsStreamBuilder<S>where S: Sync,
impl<S> Unpin for TlsStreamBuilder<S>where S: Unpin,
impl<S> UnwindSafe for TlsStreamBuilder<S>where S: UnwindSafe,
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more