kmip_protocol/client/tls/
mod.rs

1//! TCP+TLS client "plugins" for various (a)sync TLS implementations.
2//!
3//! This module offers the following TCP+TLS "plugins" for use with the [Client] interface.
4//!
5//! Every "plugin" can be used by passing a [ConnectionSettings] instance to it:
6//!
7//! ```ignore
8//! let client = kmip_protocol::client::tls::<MODULE>::connect(&settings)?;
9//! ```
10//!
11//! This will cause a TCP+TLS connection to be established with the server defined by the settings, if possible.
12//!
13//! For more control you can supply your own `TcpStream` factory. For example you can use this to create a socket using
14//! the [socket2] crate which allows you to tune the behaviour of the operating system networking stack specific to
15//! your use case. To supply a `TcpStream` factory use this function instead:
16//!
17//! ```ignore
18//! let client = kmip_protocol::client::tls::<MODULE>::connect_with_tcpstream_factory(&settings, factory_func)?;
19//! ```
20//!
21//! The factory function must conform to this signature:
22//!
23//! ```ignore
24//! Fn(&SocketAddr, &ConnectionSettings) -> Result<TcpStream>
25//! ```
26//!
27//! Note: You do not need to use a factory function to set timeouts as these are already set by the `connect` functions.
28//! For `async` connections the initial connection timeout is implemented as an `async` timeout around the connection
29//! attempt. For `sync` cn
30//!
31//! [ConnectionSettings]: crate::client::ConnectionSettings
32//! [socket2]: https://crates.io/crates/socket2/
33//!
34//! # Enabling a plugin
35//!
36//! To use the plugin it must also be enabled using the correct set of Cargo feature flags. The table below shows the
37//! settings required to use each "plugin".
38//!
39//! | `<MODULE>`         |  Cargo.toml `kmip_protocol` Dependency Settings                       | Async Runtime | Crates.io                                         | Notes                                      |
40//! |--------------------|----------------------------------------------------------------------|---------------|---------------------------------------------------|--------------------------------------------|
41//! | `openssl`          | `features = ["tls-with-openssl"]`                                    | None          | [view](https://crates.io/crates/openssl)          | Synchronous, uses host O/S OpenSSL         |
42//! | `openssl`          | `features = ["tls-with-openssl-vendored"]`                           | None          | [view](https://crates.io/crates/openssl)          | Synchronous, uses compiled in OpenSSL      |
43//! | `rustls`           | `features = ["tls-with-rustls"]`                                     | None          | [view](https://crates.io/crates/rustls)           | Pure Rust, strict                          |
44//! | `tokio_native_tls` | `default-features = false, features = ["tls-with-tokio-native-tls"]` | [Tokio]       | [view](https://crates.io/crates/tokio-native-tls) | Uses host O/S specific native TLS          |
45//! | `tokio_rustls`     | `default-features = false, features = ["tls-with-tokio-rustls"]`     | [Tokio]       | [view](https://crates.io/crates/tokio-rustls)     | Powered by Rustls                          |
46//! | `async_tls`        | `default-features = false, features = ["tls-with-async-tls"]`        | [Async Std]   | [view](https://crates.io/crates/async-tls)        | Powered by Rustls                          |
47//!
48//! [Client]: crate::client::Client
49//! [Tokio]: https://crates.io/crates/tokio
50//! [Async Std]: https://crates.io/crates/async-std
51//!
52//! # Disabling default features
53//!
54//! To use a plugin that require an async runtime you must disable the default-features. This is because this
55//! crate uses the [Maybe-Async] procedural macro to support both sync and async implementations with minimal code
56//! duplication, but that also means that sync and async implementations cannot both be compiled at the same time.
57//!
58//! [Maybe-Async]: https://crates.io/crates/maybe-async
59//!
60//! # Using the async API
61//!
62//! The async API is identical to that of the sync API, you just have to call it from within a `sync` function and
63//! remember to call `.await` when invoking the API.
64//!
65//! Sync plugin usage:
66//!
67//! ```ignore
68//! fn some_function() -> ... {
69//!      let client = kmip_protocol::client::tls::rustls::connect(settings)?;
70//!      client.create_rsa_key_pair(2048, "pubkey".into(), "privkey".into())?;
71//! }
72//! ```
73//!
74//! Compare that with async plugin usage:
75//!
76//! ```ignore
77//! async fn some_function() -> ... {
78//!      let client = kmip_protocol::client::tls::tokio_rustls::connect(settings)?;
79//!      client.create_rsa_key_pair(2048, "pubkey".into(), "privkey".into()).await?;
80//! }
81//! ```
82
83#[doc(hidden)]
84pub mod common;
85
86#[cfg(feature = "tls-with-async-tls")]
87pub mod async_tls;
88
89#[cfg(any(feature = "tls-with-openssl", feature = "tls-with-openssl-vendored"))]
90pub mod openssl;
91
92#[cfg(feature = "tls-with-rustls")]
93pub mod rustls;
94
95#[cfg(feature = "tls-with-tokio-native-tls")]
96pub mod tokio_native_tls;
97
98#[cfg(feature = "tls-with-tokio-rustls")]
99pub mod tokio_rustls;