sqlx_core_oldapi/mysql/options/ssl_mode.rs
1use crate::error::Error;
2use std::str::FromStr;
3
4/// Options for controlling the desired security state of the connection to the MySQL server.
5///
6/// It is used by the [`ssl_mode`](super::MySqlConnectOptions::ssl_mode) method.
7#[derive(Debug, Clone, Copy)]
8pub enum MySqlSslMode {
9 /// Establish an unencrypted connection.
10 Disabled,
11
12 /// Establish an encrypted connection if the server supports encrypted connections, falling
13 /// back to an unencrypted connection if an encrypted connection cannot be established.
14 ///
15 /// This is the default if `ssl_mode` is not specified.
16 Preferred,
17
18 /// Establish an encrypted connection if the server supports encrypted connections.
19 /// The connection attempt fails if an encrypted connection cannot be established.
20 Required,
21
22 /// Like `Required`, but additionally verify the server Certificate Authority (CA)
23 /// certificate against the configured CA certificates. The connection attempt fails
24 /// if no valid matching CA certificates are found.
25 VerifyCa,
26
27 /// Like `VerifyCa`, but additionally perform host name identity verification by
28 /// checking the host name the client uses for connecting to the server against the
29 /// identity in the certificate that the server sends to the client.
30 VerifyIdentity,
31}
32
33impl Default for MySqlSslMode {
34 fn default() -> Self {
35 MySqlSslMode::Preferred
36 }
37}
38
39impl FromStr for MySqlSslMode {
40 type Err = Error;
41
42 fn from_str(s: &str) -> Result<Self, Error> {
43 Ok(match &*s.to_ascii_lowercase() {
44 "disabled" => MySqlSslMode::Disabled,
45 "preferred" => MySqlSslMode::Preferred,
46 "required" => MySqlSslMode::Required,
47 "verify_ca" => MySqlSslMode::VerifyCa,
48 "verify_identity" => MySqlSslMode::VerifyIdentity,
49
50 _ => {
51 return Err(Error::Configuration(
52 format!("unknown value {:?} for `ssl_mode`", s).into(),
53 ));
54 }
55 })
56 }
57}