Function aggligator_util::net::tls_connect
source · pub async fn tls_connect(
cfg: Cfg,
target: Vec<String>,
default_port: u16,
domain: ServerName,
tls_client_cfg: Arc<ClientConfig>
) -> Result<Stream>tls only.Expand description
Builds a connection consisting of aggregated TCP links to the target, which are encrypted and authenticated using TLS.
cfg is the configuration and in most cases Cfg::default() should be used.
target specifies a set of IP addresses or hostnames of the target host.
If a hostname resolves to multiple IP addresses this is taken into account
automatically.
If an entry in target specifies no port number, default_port is used.
Links are established automatically from all available local network interfaces to all IP addresses of the target. If a link fails, it is reconnected automatically.
The identity of the server is verified using TLS against domain.
Each outgoing link is encrypted using TLS with the configuration specified
in tls_client_cfg.
Returns the connection stream.
Example
This example connects to the host agl.server.rs on port 5901.
Multiple links will be used if the local machine has multiple interfaces
that can all connect to agl.server.rs, or agl.server.rs has multiple interfaces
that are registered with their IP addresses in DNS.
use std::sync::Arc;
use aggligator::cfg::Cfg;
use aggligator_util::net::tls_connect;
use rustls::{ClientConfig, RootCertStore, ServerName};
#[tokio::main]
async fn main() -> std::io::Result<()> {
let server_name = "agl.server.rs";
// TODO: set server_name
let mut root_store = RootCertStore::empty();
// TODO: add certificates to the root_store
let tls_cfg = Arc::new(
ClientConfig::builder()
.with_safe_defaults()
.with_root_certificates(root_store)
.with_no_client_auth()
);
let stream = tls_connect(
Cfg::default(),
vec![server_name.to_string()],
5901,
ServerName::try_from(server_name).unwrap(),
tls_cfg,
).await?;
// use the connection
Ok(())
}