Trait rustls::Session [] [src]

pub trait Session: Read + Write + Send {
    fn read_tls(&mut self, rd: &mut Read) -> Result<usize, Error>;

    fn write_tls(&mut self, wr: &mut Write) -> Result<usize, Error>;

    fn process_new_packets(&mut self) -> Result<(), TLSError>;

    fn wants_read(&self) -> bool;

    fn wants_write(&self) -> bool;

    fn is_handshaking(&self) -> bool;

    fn set_buffer_limit(&mut self, limit: usize);

    fn send_close_notify(&mut self);

    fn get_peer_certificates(&self) -> Option<Vec<Certificate>>;

    fn get_alpn_protocol(&self) -> Option<String>;

    fn get_protocol_version(&self) -> Option<ProtocolVersion>;

    fn complete_io<T>(&mut self, io: &mut T) -> Result<(usize, usize), Error>
    where
        Self: Sized,
        T: Read + Write,
    { ... }
}

Generalises ClientSession and ServerSession

Required Methods

Read TLS content from rd. This method does internal buffering, so rd can supply TLS messages in arbitrary- sized chunks (like a socket or pipe might).

You should call process_new_packets each time a call to this function succeeds.

The returned error only relates to IO on rd. TLS-level errors are emitted from process_new_packets.

This function returns Ok(0) when the underlying rd does so. This typically happens when a socket is cleanly closed, or a file is at EOF.

Writes TLS messages to wr.

Processes any new packets read by a previous call to read_tls. Errors from this function relate to TLS protocol errors, and are fatal to the session. Future calls after an error will do no new work and will return the same error.

Success from this function can mean new plaintext is available: obtain it using read.

Returns true if the caller should call read_tls as soon as possible.

Returns true if the caller should call write_tls as soon as possible.

Returns true if the session is currently perform the TLS handshake. During this time plaintext written to the session is buffered in memory.

Sets a limit on the internal buffers used to buffer unsent plaintext (prior to completing the TLS handshake) and unsent TLS records.

By default, there is no limit. The limit can be set at any time, even if the current buffer use is higher.

Queues a close_notify fatal alert to be sent in the next write_tls call. This informs the peer that the connection is being closed.

Retrieves the certificate chain used by the peer to authenticate.

For clients, this is the certificate chain of the server.

For servers, this is the certificate chain of the client, if client authentication was completed.

The return value is None until this value is available.

Retrieves the protocol agreed with the peer via ALPN.

A return value of None after handshake completion means no protocol was agreed (because no protocols were offered or accepted by the peer).

Retrieves the protocol version agreed with the peer.

This returns None until the version is agreed.

Provided Methods

This function uses io to complete any outstanding IO for this session.

This is a convenience function which solely uses other parts of the public API.

What this means depends on the session state:

  • If the session is_handshaking(), then IO is performed until the handshake is complete.
  • Otherwise, if wants_write is true, write_tls is invoked until it is all written.
  • Otherwise, if wants_read is true, read_tls is invoked once.

The return value is the number of bytes read from and written to io, respectively.

This function will block if io blocks.

Errors from TLS record handling (ie, from process_new_packets()) are wrapped in an io::ErrorKind::InvalidData-kind error.

Implementors