ntex_tls/
lib.rs

1//! An implementations of SSL streams for ntex ecosystem
2#![deny(rust_2018_idioms, unreachable_pub, missing_debug_implementations)]
3
4use std::sync::atomic::{AtomicUsize, Ordering};
5
6#[cfg(feature = "openssl")]
7pub mod openssl;
8
9#[cfg(feature = "rustls")]
10pub mod rustls;
11
12use ntex_util::services::Counter;
13
14/// Sets the maximum per-worker concurrent ssl connection establish process.
15///
16/// All listeners will stop accepting connections when this limit is
17/// reached. It can be used to limit the global SSL CPU usage.
18///
19/// By default max connections is set to a 256.
20pub fn max_concurrent_ssl_accept(num: usize) {
21    MAX_SSL_ACCEPT.store(num, Ordering::Relaxed);
22    MAX_SSL_ACCEPT_COUNTER.with(|counts| counts.set_capacity(num));
23}
24
25static MAX_SSL_ACCEPT: AtomicUsize = AtomicUsize::new(256);
26
27thread_local! {
28    static MAX_SSL_ACCEPT_COUNTER: Counter = Counter::new(MAX_SSL_ACCEPT.load(Ordering::Relaxed));
29}
30
31/// A TLS PSK identity.
32///
33/// Used in conjunction with [`ntex_io::Filter::query`]:
34#[derive(Clone, Debug, PartialEq, Eq, Hash)]
35pub struct PskIdentity(pub Vec<u8>);
36
37/// The TLS SNI server name (DNS).
38///
39/// Used in conjunction with [`ntex_io::Filter::query`]:
40#[derive(Clone, Debug, PartialEq, Eq, Hash)]
41pub struct Servername(pub String);