Module openssl::ssl

source ·
Expand description

SSL/TLS support.

SslConnector and SslAcceptor should be used in most cases - they handle configuration of the OpenSSL primitives for you.

Examples

To connect as a client to a remote server:

use openssl::ssl::{SslMethod, SslConnector};
use std::io::{Read, Write};
use std::net::TcpStream;

let connector = SslConnector::builder(SslMethod::tls()).unwrap().build();

let stream = TcpStream::connect("google.com:443").unwrap();
let mut stream = connector.connect("google.com", stream).unwrap();

stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap();
let mut res = vec![];
stream.read_to_end(&mut res).unwrap();
println!("{}", String::from_utf8_lossy(&res));

To accept connections as a server from remote clients:

use openssl::ssl::{SslMethod, SslAcceptor, SslStream, SslFiletype};
use std::net::{TcpListener, TcpStream};
use std::sync::Arc;
use std::thread;


let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
acceptor.set_private_key_file("key.pem", SslFiletype::PEM).unwrap();
acceptor.set_certificate_chain_file("certs.pem").unwrap();
acceptor.check_private_key().unwrap();
let acceptor = Arc::new(acceptor.build());

let listener = TcpListener::bind("0.0.0.0:8443").unwrap();

fn handle_client(stream: SslStream<TcpStream>) {
    // ...
}

for stream in listener.incoming() {
    match stream {
        Ok(stream) => {
            let acceptor = acceptor.clone();
            thread::spawn(move || {
                let stream = acceptor.accept(stream).unwrap();
                handle_client(stream);
            });
        }
        Err(e) => { /* connection failed */ }
    }
}

Structs

AlpnError
An error returned from an ALPN selection callback.
CipherBits
Information about the state of a cipher.
ClientHelloResponse
The result of a client hello callback.
ConnectConfiguration
A type which allows for configuration of a client-side TLS session before connection.
Error
An SSL error.
ErrorCode
An error code returned from SSL functions.
ExtensionContext
Which messages and under which conditions an extension should be added or expected.
MidHandshakeSslStream
An SSL stream midway through the handshake process.
NameType
An identifier of a session name type.
ShutdownState
The shutdown state of a session.
SniError
An error returned from the SNI callback.
Ssl
The state of an SSL/TLS session.
SslAcceptor
A type which wraps server-side streams in a TLS session.
SslAcceptorBuilder
A builder for SslAcceptors.
SslAlert
An SSL/TLS alert.
SslCipher
Information about a cipher.
SslCipherRef
Reference to an SslCipher.
SslConnector
A type which wraps client-side streams in a TLS session.
SslConnectorBuilder
A builder for SslConnectors.
SslContext
A context object for TLS streams.
SslContextBuilder
A builder for SslContexts.
SslContextRef
Reference to SslContext
SslFiletype
An identifier of the format of a certificate or key file.
SslMethod
A type specifying the kind of protocol an SslContext will speak.
SslMode
Options controlling the behavior of an SslContext.
SslOptions
Options controlling the behavior of an SslContext.
SslRef
Reference to an Ssl.
SslSession
An encoded SSL session.
SslSessionCacheMode
Options controlling the behavior of session caching.
SslSessionRef
Reference to SslSession.
SslStream
A TLS session over a stream.
SslStreamBuilder
A partially constructed SslStream, useful for unusual handshakes.
SslVerifyMode
Options controling the behavior of certificate verification.
SslVersion
An SSL/TLS protocol version.
StatusType
An identifier of a certificate status type.

Enums

HandshakeError
An error or intermediate state after a TLS handshake attempt.
ShutdownResult
The result of a shutdown request.

Functions

select_next_proto
A standard implementation of protocol selection for Application Layer Protocol Negotiation (ALPN).