pub struct Builder(_);
Implementations§
source§impl Builder
impl Builder
pub fn new() -> Self
pub fn set_alert_behavior(
&mut self,
value: AlertBehavior
) -> Result<&mut Self, Error>
pub fn set_security_policy(
&mut self,
policy: &Policy
) -> Result<&mut Self, Error>
sourcepub fn set_application_protocol_preference<P: IntoIterator<Item = I>, I: AsRef<[u8]>>(
&mut self,
protocols: P
) -> Result<&mut Self, Error>
pub fn set_application_protocol_preference<P: IntoIterator<Item = I>, I: AsRef<[u8]>>(
&mut self,
protocols: P
) -> Result<&mut Self, Error>
sets the application protocol preferences on an s2n_config object.
protocols is a list in order of preference, with most preferred protocol first, and of length protocol_count. When acting as a client the protocol list is included in the Client Hello message as the ALPN extension. As a server, the list is used to negotiate a mutual application protocol with the client. After the negotiation for the connection has completed, the agreed upon protocol can be retrieved with s2n_get_application_protocol
pub fn append_application_protocol_preference(
&mut self,
protocol: &[u8]
) -> Result<&mut Self, Error>
sourcepub unsafe fn disable_x509_verification(&mut self) -> Result<&mut Self, Error>
pub unsafe fn disable_x509_verification(&mut self) -> Result<&mut Self, Error>
Turns off x509 verification
Safety
This functionality will weaken the security of the connections. As such, it should only be used in development environments where obtaining a valid certificate would not be possible.
pub fn add_dhparams(&mut self, pem: &[u8]) -> Result<&mut Self, Error>
pub fn load_pem(
&mut self,
certificate: &[u8],
private_key: &[u8]
) -> Result<&mut Self, Error>
pub fn trust_pem(&mut self, certificate: &[u8]) -> Result<&mut Self, Error>
pub fn trust_location(
&mut self,
file: Option<&Path>,
dir: Option<&Path>
) -> Result<&mut Self, Error>
pub fn wipe_trust_store(&mut self) -> Result<&mut Self, Error>
sourcepub fn set_client_auth_type(
&mut self,
auth_type: ClientAuthType
) -> Result<&mut Self, Error>
pub fn set_client_auth_type(
&mut self,
auth_type: ClientAuthType
) -> Result<&mut Self, Error>
Sets whether or not a client certificate should be required to complete the TLS connection.
See the Usage Guide for more details.
sourcepub fn enable_ocsp(&mut self) -> Result<&mut Self, Error>
pub fn enable_ocsp(&mut self) -> Result<&mut Self, Error>
Clients will request OCSP stapling from the server.
sourcepub fn set_ocsp_data(&mut self, data: &[u8]) -> Result<&mut Self, Error>
pub fn set_ocsp_data(&mut self, data: &[u8]) -> Result<&mut Self, Error>
Sets the OCSP data for the default certificate chain associated with the Config.
Servers will send the data in response to OCSP stapling requests from clients.
sourcepub fn set_verify_host_callback<T: 'static + VerifyHostNameCallback>(
&mut self,
handler: T
) -> Result<&mut Self, Error>
pub fn set_verify_host_callback<T: 'static + VerifyHostNameCallback>(
&mut self,
handler: T
) -> Result<&mut Self, Error>
Set a custom callback function which is run during client certificate validation during a mutual TLS handshake.
The callback may be called more than once during certificate validation as each SAN on the certificate will be checked.
sourcepub unsafe fn set_key_log_callback(
&mut self,
callback: s2n_key_log_fn,
context: *mut c_void
) -> Result<&mut Self, Error>
pub unsafe fn set_key_log_callback(
&mut self,
callback: s2n_key_log_fn,
context: *mut c_void
) -> Result<&mut Self, Error>
Safety
THIS SHOULD BE USED FOR DEBUGGING PURPOSES ONLY!
The context
pointer must live at least as long as the config
pub fn set_max_cert_chain_depth(
&mut self,
depth: u16
) -> Result<&mut Self, Error>
pub fn set_send_buffer_size(&mut self, size: u32) -> Result<&mut Self, Error>
sourcepub fn set_client_hello_callback<T: 'static + ClientHelloCallback>(
&mut self,
handler: T
) -> Result<&mut Self, Error>
pub fn set_client_hello_callback<T: 'static + ClientHelloCallback>(
&mut self,
handler: T
) -> Result<&mut Self, Error>
Set a custom callback function which is run after parsing the client hello.
sourcepub fn set_wall_clock<T: 'static + WallClock>(
&mut self,
handler: T
) -> Result<&mut Self, Error>
pub fn set_wall_clock<T: 'static + WallClock>(
&mut self,
handler: T
) -> Result<&mut Self, Error>
Set a callback function that will be used to get the system time.
The wall clock time is the best-guess at the real time, measured since the epoch. Unlike monotonic time, it CAN move backwards. It is used by s2n-tls for timestamps.
sourcepub fn set_monotonic_clock<T: 'static + MonotonicClock>(
&mut self,
handler: T
) -> Result<&mut Self, Error>
pub fn set_monotonic_clock<T: 'static + MonotonicClock>(
&mut self,
handler: T
) -> Result<&mut Self, Error>
Set a callback function that will be used to get the monotonic time.
The monotonic time is the time since an arbitrary, unspecified point. Unlike wall clock time, it MUST never move backwards. It is used by s2n-tls for timers.