Expand description
TLS/SSL support for MySQL connections.
This module implements the TLS handshake for MySQL connections using rustls.
§MySQL TLS Handshake Flow
- Server sends initial handshake with
CLIENT_SSLcapability - If SSL is requested, client sends short SSL request packet:
- 4 bytes: capability flags (with
CLIENT_SSL) - 4 bytes: max packet size
- 1 byte: character set
- 23 bytes: reserved (zeros)
- 4 bytes: capability flags (with
- Client performs TLS handshake
- Client sends full handshake response over TLS
- Server sends auth result over TLS
§Feature Flag
TLS support requires the tls feature to be enabled:
[dependencies]
sqlmodel-mysql = { version = "0.1", features = ["tls"] }§Example
ⓘ
use sqlmodel_mysql::{MySqlConfig, SslMode, TlsConfig};
let config = MySqlConfig::new()
.host("db.example.com")
.ssl_mode(SslMode::VerifyCa)
.tls_config(TlsConfig::new()
.ca_cert("/etc/ssl/certs/ca.pem"));
// Connection will use TLS after initial handshake
let conn = MySqlConnection::connect(config)?;Structs§
- TlsStream
- TLS connection wrapper when
tlsfeature is disabled.
Functions§
- build_
ssl_ request_ packet - Build an SSL request packet.
- server_
supports_ ssl - Check if the server supports SSL/TLS.
- validate_
ssl_ mode - Validate SSL mode against server capabilities.
- validate_
tls_ config - Validate TLS configuration for the given SSL mode.