Skip to main content

RefreshableClientCertVerifier

rustls_crl_refresh

Struct RefreshableClientCertVerifier

pub struct RefreshableClientCertVerifier { /* private fields */ }

Expand description

Listener-side wrapper that defers to a WebPkiClientVerifier rebuilt only when the cached CRL snapshot’s Arc identity changes, against the latest CRL bytes pulled from the cache.

Implementations§

impl RefreshableClientCertVerifier

pub fn new( cache: Arc<CrlCache>, sources: Vec<CrlSourceId>, cas: Arc<RootCertStore>, allow_unauthenticated: bool, ) -> Arc<Self>

Trait Implementations§

impl ClientCertVerifier for RefreshableClientCertVerifier

fn offer_client_auth(&self) -> bool

Returns true to enable the server to request a client certificate and false to skip requesting a client certificate. Defaults to true.

fn client_auth_mandatory(&self) -> bool

Return true to require a client certificate and false to make client authentication optional. Defaults to self.offer_client_auth().

fn root_hint_subjects(&self) -> &[DistinguishedName]

Returns the DistinguishedName subjects that the server will hint to clients to identify acceptable authentication trust anchors. Read more

fn verify_client_cert( &self, end_entity: &CertificateDer<'_>, intermediates: &[CertificateDer<'_>], now: UnixTime, ) -> Result<ClientCertVerified, Error>

Verify the end-entity certificate end_entity is valid, acceptable, and chains to at least one of the trust anchors trusted by this verifier. Read more

fn verify_tls12_signature( &self, message: &[u8], cert: &CertificateDer<'_>, dss: &DigitallySignedStruct, ) -> Result<HandshakeSignatureValid, Error>

Verify a signature allegedly by the given client certificate. Read more

fn verify_tls13_signature( &self, message: &[u8], cert: &CertificateDer<'_>, dss: &DigitallySignedStruct, ) -> Result<HandshakeSignatureValid, Error>

Verify a signature allegedly by the given client certificate. Read more

fn supported_verify_schemes(&self) -> Vec<SignatureScheme>

Return the list of SignatureSchemes that this verifier will handle, in verify_tls12_signature and verify_tls13_signature calls. Read more

fn requires_raw_public_keys(&self) -> bool

Returns whether this verifier requires raw public keys as defined in RFC 7250.

impl Debug for RefreshableClientCertVerifier

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

impl !Freeze for RefreshableClientCertVerifier

impl !RefUnwindSafe for RefreshableClientCertVerifier

impl Send for RefreshableClientCertVerifier

impl Sync for RefreshableClientCertVerifier

impl Unpin for RefreshableClientCertVerifier

impl UnsafeUnpin for RefreshableClientCertVerifier

impl !UnwindSafe for RefreshableClientCertVerifier

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more