Struct webrtc_dtls::config::Config

source · 
pub struct Config {
Show 18 fields
    pub certificates: Vec<Certificate>,
    pub cipher_suites: Vec<CipherSuiteId>,
    pub signature_schemes: Vec<SignatureScheme>,
    pub srtp_protection_profiles: Vec<SrtpProtectionProfile>,
    pub client_auth: ClientAuthType,
    pub extended_master_secret: ExtendedMasterSecretType,
    pub flight_interval: Duration,
    pub psk: Option<Arc<dyn Fn(&[u8]) -> Result<Vec<u8>, Error> + Send + Sync>>,
    pub psk_identity_hint: Option<Vec<u8>>,
    pub insecure_skip_verify: bool,
    pub insecure_hashes: bool,
    pub insecure_verification: bool,
    pub verify_peer_certificate: Option<Arc<dyn Fn(&[Vec<u8>], &[CertificateDer<'static>]) -> Result<(), Error> + Send + Sync>>,
    pub roots_cas: RootCertStore,
    pub client_cas: RootCertStore,
    pub server_name: String,
    pub mtu: usize,
    pub replay_protection_window: usize,

}
Expand description

Config is used to configure a DTLS client or server. After a Config is passed to a DTLS function it must not be modified.

Fields§

§certificates: Vec<Certificate>

certificates contains certificate chain to present to the other side of the connection. Server MUST set this if psk is non-nil client SHOULD sets this so CertificateRequests can be handled if psk is non-nil

§cipher_suites: Vec<CipherSuiteId>

cipher_suites is a list of supported cipher suites. If cipher_suites is nil, a default list is used

§signature_schemes: Vec<SignatureScheme>

signature_schemes contains the signature and hash schemes that the peer requests to verify.

§srtp_protection_profiles: Vec<SrtpProtectionProfile>

srtp_protection_profiles are the supported protection profiles Clients will send this via use_srtp and assert that the server properly responds Servers will assert that clients send one of these profiles and will respond as needed

§client_auth: ClientAuthType

client_auth determines the server’s policy for TLS Client Authentication. The default is NoClientCert.

§extended_master_secret: ExtendedMasterSecretType

extended_master_secret determines if the “Extended Master Secret” extension should be disabled, requested, or required (default requested).

§flight_interval: Duration

flight_interval controls how often we send outbound handshake messages defaults to time.Second

§psk: Option<Arc<dyn Fn(&[u8]) -> Result<Vec<u8>, Error> + Send + Sync>>

psk sets the pre-shared key used by this DTLS connection If psk is non-nil only psk cipher_suites will be used

§psk_identity_hint: Option<Vec<u8>>§insecure_skip_verify: bool

insecure_skip_verify controls whether a client verifies the server’s certificate chain and host name. If insecure_skip_verify is true, TLS accepts any certificate presented by the server and any host name in that certificate. In this mode, TLS is susceptible to man-in-the-middle attacks. This should be used only for testing.

§insecure_hashes: bool

insecure_hashes allows the use of hashing algorithms that are known to be vulnerable.

§insecure_verification: bool

insecure_verification allows the use of verification algorithms that are known to be vulnerable or deprecated

§verify_peer_certificate: Option<Arc<dyn Fn(&[Vec<u8>], &[CertificateDer<'static>]) -> Result<(), Error> + Send + Sync>>

VerifyPeerCertificate, if not nil, is called after normal certificate verification by either a client or server. It receives the certificate provided by the peer and also a flag that tells if normal verification has succeeded. If it returns a non-nil error, the handshake is aborted and that error results.

If normal verification fails then the handshake will abort before considering this callback. If normal verification is disabled by setting insecure_skip_verify, or (for a server) when client_auth is RequestClientCert or RequireAnyClientCert, then this callback will be considered but the verifiedChains will always be nil.

§roots_cas: RootCertStore

roots_cas defines the set of root certificate authorities that one peer uses when verifying the other peer’s certificates. If RootCAs is nil, TLS uses the host’s root CA set. Used by Client to verify server’s certificate

§client_cas: RootCertStore

client_cas defines the set of root certificate authorities that servers use if required to verify a client certificate by the policy in client_auth. Used by Server to verify client’s certificate

§server_name: String

server_name is used to verify the hostname on the returned certificates unless insecure_skip_verify is given.

§mtu: usize

mtu is the length at which handshake messages will be fragmented to fit within the maximum transmission unit (default is 1200 bytes)

§replay_protection_window: usize

replay_protection_window is the size of the replay attack protection window. Duplication of the sequence number is checked in this window size. Packet with sequence number older than this value compared to the latest accepted packet will be discarded. (default is 64)

Trait Implementations§

source§

impl Clone for Config

source§

fn clone(&self) -> Config

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Default for Config

source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl Freeze for Config

§

impl !RefUnwindSafe for Config

§

impl Send for Config

§

impl Sync for Config

§

impl Unpin for Config

§

impl !UnwindSafe for Config

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

source§

fn implicit( self, class: Class, constructed: bool, tag: u32 ) -> TaggedParser<'a, Implicit, Self, E>

source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

source§

fn implicit( self, class: Class, constructed: bool, tag: u32 ) -> TaggedParser<'a, Implicit, Self, E>

source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V