Struct schannel::tls_stream::Builder
source · pub struct Builder { /* private fields */ }
Expand description
A builder type for TlsStream
s.
Implementations§
source§impl Builder
impl Builder
sourcepub fn domain(&mut self, domain: &str) -> &mut Builder
pub fn domain(&mut self, domain: &str) -> &mut Builder
Sets the domain associated with connections created with this Builder
.
The domain will be used for Server Name Indication as well as certificate validation.
sourcepub fn use_sni(&mut self, use_sni: bool) -> &mut Builder
pub fn use_sni(&mut self, use_sni: bool) -> &mut Builder
Determines if Server Name Indication (SNI) will be used.
Defaults to true
.
sourcepub fn accept_invalid_hostnames(
&mut self,
accept_invalid_hostnames: bool
) -> &mut Builder
pub fn accept_invalid_hostnames( &mut self, accept_invalid_hostnames: bool ) -> &mut Builder
Determines if the server’s hostname will be checked during certificate verification.
Defaults to false
.
sourcepub fn verify_callback<F>(&mut self, callback: F) -> &mut Builderwhere
F: Fn(CertValidationResult) -> Result<()> + 'static + Sync + Send,
pub fn verify_callback<F>(&mut self, callback: F) -> &mut Builderwhere F: Fn(CertValidationResult) -> Result<()> + 'static + Sync + Send,
Set a verification callback to be used for connections created with this Builder
.
The callback is provided with an io::Result indicating if the (pre)validation was successful. The Ok() variant indicates a successful validation while the Err() variant contains the errorcode returned from the internal verification process. The validated certificate, is accessible through the second argument of the closure.
sourcepub fn cert_store(&mut self, cert_store: CertStore) -> &mut Builder
pub fn cert_store(&mut self, cert_store: CertStore) -> &mut Builder
Specifies a custom certificate store which is later used when validating a server’s certificate.
This option is only used for client connections and is used to construct the certificate chain which the server’s certificate is validated against.
Note that adding certificates here means that they are implicitly trusted.
sourcepub fn request_application_protocols(&mut self, alpns: &[&[u8]]) -> &mut Builder
pub fn request_application_protocols(&mut self, alpns: &[&[u8]]) -> &mut Builder
Requests one of a set of application protocols using alpn
sourcepub fn connect<S>(
&mut self,
cred: SchannelCred,
stream: S
) -> Result<TlsStream<S>, HandshakeError<S>>where
S: Read + Write,
pub fn connect<S>( &mut self, cred: SchannelCred, stream: S ) -> Result<TlsStream<S>, HandshakeError<S>>where S: Read + Write,
Initialize a new TLS session where the stream provided will be connecting to a remote TLS server.
If the stream provided is a blocking stream then the entire handshake
will be performed if possible, but if the stream is in nonblocking mode
then a HandshakeError::Interrupted
variant may be returned. This
type can then be extracted to later call
MidHandshakeTlsStream::handshake
when data becomes available.
sourcepub fn accept<S>(
&mut self,
cred: SchannelCred,
stream: S
) -> Result<TlsStream<S>, HandshakeError<S>>where
S: Read + Write,
pub fn accept<S>( &mut self, cred: SchannelCred, stream: S ) -> Result<TlsStream<S>, HandshakeError<S>>where S: Read + Write,
Initialize a new TLS session where the stream provided will be accepting a connection.
This method will tweak the protocol for “who talks first” and also currently disables validation of the client that’s connecting to us.
If the stream provided is a blocking stream then the entire handshake
will be performed if possible, but if the stream is in nonblocking mode
then a HandshakeError::Interrupted
variant may be returned. This
type can then be extracted to later call
MidHandshakeTlsStream::handshake
when data becomes available.