Struct openssl::ssl::Ssl
[−]
pub struct Ssl(_);
The state of an SSL/TLS session.
Ssl
objects are created from an SslContext
, which provides configuration defaults.
These defaults can be overridden on a per-Ssl
basis, however.
Methods
impl Ssl
[src]
fn new_ex_index<T>() -> Result<Index<Ssl, T>, ErrorStack> where
T: 'static + Sync + Send,
[src]
T: 'static + Sync + Send,
Returns a new extra data index.
Each invocation of this function is guaranteed to return a distinct index. These can be used to store data in the context that can be retrieved later by callbacks, for example.
This corresponds to SSL_get_ex_new_index
.
impl Ssl
[src]
fn new(ctx: &SslContext) -> Result<Ssl, ErrorStack>
[src]
Creates a new Ssl
.
This corresponds to SSL_new
.
fn connect<S>(self, stream: S) -> Result<SslStream<S>, HandshakeError<S>> where
S: Read + Write,
[src]
S: Read + Write,
Initiates a client-side TLS handshake.
This corresponds to SSL_connect
.
Warning
OpenSSL's default configuration is insecure. It is highly recommended to use
SslConnector
rather than Ssl
directly, as it manages that configuration.
fn accept<S>(self, stream: S) -> Result<SslStream<S>, HandshakeError<S>> where
S: Read + Write,
[src]
S: Read + Write,
Initiates a server-side TLS handshake.
This corresponds to SSL_accept
.
Warning
OpenSSL's default configuration is insecure. It is highly recommended to use
SslAcceptor
rather than Ssl
directly, as it manages that configuration.
Methods from Deref<Target = SslRef>
fn set_verify(&mut self, mode: SslVerifyMode)
[src]
Like SslContextBuilder::set_verify
.
This corresponds to SSL_set_verify
.
fn set_verify_callback<F>(&mut self, mode: SslVerifyMode, verify: F) where
F: Fn(bool, &X509StoreContextRef) -> bool + Any + 'static + Sync + Send,
[src]
F: Fn(bool, &X509StoreContextRef) -> bool + Any + 'static + Sync + Send,
Like SslContextBuilder::set_verify_callback
.
This corresponds to SSL_set_verify
.
fn set_tmp_dh(&mut self, dh: &DhRef) -> Result<(), ErrorStack>
[src]
Like SslContextBuilder::set_tmp_dh
.
This corresponds to SSL_set_tmp_dh
.
fn set_tmp_dh_callback<F>(&mut self, callback: F) where
F: Fn(&mut SslRef, bool, u32) -> Result<Dh, ErrorStack> + Any + 'static + Sync + Send,
[src]
F: Fn(&mut SslRef, bool, u32) -> Result<Dh, ErrorStack> + Any + 'static + Sync + Send,
Like SslContextBuilder::set_tmp_dh_callback
.
This corresponds to SSL_set_tmp_dh_callback
.
fn set_tmp_ecdh(&mut self, key: &EcKeyRef) -> Result<(), ErrorStack>
[src]
Like SslContextBuilder::set_tmp_ecdh
.
This corresponds to SSL_set_tmp_ecdh
.
fn current_cipher(&self) -> Option<&SslCipherRef>
[src]
Returns the current cipher if the session is active.
This corresponds to SSL_get_current_cipher
.
fn state_string(&self) -> &'static str
[src]
Returns a short string describing the state of the session.
This corresponds to SSL_state_string
.
fn state_string_long(&self) -> &'static str
[src]
Returns a longer string describing the state of the session.
This corresponds to SSL_state_string_long
.
fn set_hostname(&mut self, hostname: &str) -> Result<(), ErrorStack>
[src]
Sets the host name to be sent to the server for Server Name Indication (SNI).
It has no effect for a server-side connection.
This corresponds to SSL_set_tlsext_host_name
.
fn peer_certificate(&self) -> Option<X509>
[src]
Returns the peer's certificate, if present.
This corresponds to SSL_get_peer_certificate
.
fn peer_cert_chain(&self) -> Option<&StackRef<X509>>
[src]
Returns the certificate chain of the peer, if present.
On the client side, the chain includes the leaf certificate, but on the server side it does not. Fun!
This corresponds to SSL_get_peer_cert_chain
.
fn certificate(&self) -> Option<&X509Ref>
[src]
Like SslContext::certificate
.
This corresponds to SSL_get_certificate
.
fn private_key(&self) -> Option<&PKeyRef>
[src]
Like SslContext::private_key
.
This corresponds to SSL_get_privatekey
.
fn version(&self) -> &'static str
[src]
Returns a string describing the protocol version of the session.
This corresponds to SSL_get_version
.
fn selected_npn_protocol(&self) -> Option<&[u8]>
[src]
Returns the protocol selected by performing Next Protocol Negotiation, if any.
The protocol's name is returned is an opaque sequence of bytes. It is up to the client to interpret it.
This corresponds to SSL_get0_next_proto_negotiated
.
fn selected_alpn_protocol(&self) -> Option<&[u8]>
[src]
Returns the protocol selected by performing ALPN, if any.
The protocol's name is returned is an opaque sequence of bytes. It is up to the client to interpret it.
Requires the v102
or v110
features and OpenSSL 1.0.2 or OpenSSL 1.1.0.
This corresponds to SSL_get0_alpn_selected
.
fn pending(&self) -> usize
[src]
Returns the number of bytes remaining in the currently processed TLS record.
If this is greater than 0, the next call to read
will not call down to the underlying
stream.
This corresponds to [SSL_pending]
.
fn compression(&self) -> Option<&str>
[src]
Returns the compression method currently in use.
This corresponds to SSL_get_current_compression
.
fn servername(&self) -> Option<&str>
[src]
Returns the servername sent by the client via Server Name Indication (SNI).
It is only useful on the server side.
This corresponds to SSL_get_servername
.
fn set_ssl_context(&mut self, ctx: &SslContextRef) -> Result<(), ErrorStack>
[src]
Changes the context corresponding to the current connection.
It is most commonly used in the Server Name Indication (SNI) callback.
This corresponds to SSL_set_SSL_CTX
.
fn ssl_context(&self) -> &SslContextRef
[src]
Returns the context corresponding to the current connection.
This corresponds to SSL_get_SSL_CTX
.
fn param_mut(&mut self) -> &mut X509VerifyParamRef
[src]
Returns a mutable reference to the X509 verification configuration.
Requires the v102
or v110
features and OpenSSL 1.0.2 or 1.1.0.
This corresponds to SSL_get0_param
.
fn verify_result(&self) -> Option<X509VerifyError>
[src]
Returns the certificate verification result.
This corresponds to SSL_get_verify_result
.
fn session(&self) -> Option<&SslSessionRef>
[src]
Returns a shared reference to the SSL session.
This corresponds to SSL_get_session
.
unsafe fn set_session(
&mut self,
session: &SslSessionRef
) -> Result<(), ErrorStack>
[src]
&mut self,
session: &SslSessionRef
) -> Result<(), ErrorStack>
Sets the session to be used.
This should be called before the handshake to attempt to reuse a previously established session. If the server is not willing to reuse the session, a new one will be transparently negotiated.
This corresponds to SSL_set_session
.
Safety
The caller of this method is responsible for ensuring that the session is associated
with the same SslContext
as this Ssl
.
fn session_reused(&self) -> bool
[src]
Determines if the session provided to set_session
was successfully reused.
This corresponds to SSL_session_reused
.
fn set_status_type(&mut self, type_: StatusType) -> Result<(), ErrorStack>
[src]
Sets the status response a client wishes the server to reply with.
This corresponds to SSL_set_tlsext_status_type
.
fn ocsp_status(&self) -> Option<&[u8]>
[src]
Returns the server's OCSP response, if present.
This corresponds to [SSL_get_tlsext_status_oscp_resp
].
fn set_ocsp_status(&mut self, response: &[u8]) -> Result<(), ErrorStack>
[src]
Sets the OCSP response to be returned to the client.
This corresponds to [SSL_set_tlsext_status_oscp_resp
].
fn is_server(&self) -> bool
[src]
Determines if this Ssl
is configured for server-side or client-side use.
This corresponds to SSL_is_server
.
fn set_ex_data<T>(&mut self, index: Index<Ssl, T>, data: T)
[src]
Sets the extra data at the specified index.
This can be used to provide data to callbacks registered with the context. Use the
Ssl::new_ex_index
method to create an Index
.
This corresponds to SSL_set_ex_data
.
fn ex_data<T>(&self, index: Index<Ssl, T>) -> Option<&T>
[src]
Returns a reference to the extra data at the specified index.
This corresponds to SSL_get_ex_data
.
Trait Implementations
impl ForeignType for Ssl
type CType = SSL
The raw C type.
type Ref = SslRef
The type representing a reference to this type.
unsafe fn from_ptr(ptr: *mut SSL) -> Ssl
Constructs an instance of this type from its raw type.
fn as_ptr(&self) -> *mut SSL
Returns a raw pointer to the wrapped value.
impl Drop for Ssl
impl Deref for Ssl
type Target = SslRef
The resulting type after dereferencing.
fn deref(&self) -> &SslRef
Dereferences the value.