sqlx_exasol/options/ssl_mode.rs
1use std::str::FromStr;
2
3use super::{error::ExaConfigError, PARAM_SSL_MODE};
4
5/// Options for controlling the desired security state of the connection to the Exasol server.
6///
7/// It is used by the `ssl_mode` method of [`crate::options::builder::ExaConnectOptionsBuilder`].
8#[derive(Debug, Clone, Copy, Default)]
9pub enum ExaSslMode {
10 /// Establish an unencrypted connection.
11 Disabled,
12
13 /// Establish an encrypted connection if the server supports encrypted connections, falling
14 /// back to an unencrypted connection if an encrypted connection cannot be established.
15 ///
16 /// This is the default if `ssl_mode` is not specified.
17 #[default]
18 Preferred,
19
20 /// Establish an encrypted connection if the server supports encrypted connections.
21 /// The connection attempt fails if an encrypted connection cannot be established.
22 Required,
23
24 /// Like `Required`, but additionally verify the server Certificate Authority (CA)
25 /// certificate against the configured CA certificates. The connection attempt fails
26 /// if no valid matching CA certificates are found.
27 VerifyCa,
28
29 /// Like `VerifyCa`, but additionally perform host name identity verification by
30 /// checking the host name the client uses for connecting to the server against the
31 /// identity in the certificate that the server sends to the client.
32 VerifyIdentity,
33}
34
35impl FromStr for ExaSslMode {
36 type Err = ExaConfigError;
37
38 fn from_str(s: &str) -> Result<Self, ExaConfigError> {
39 Ok(match &*s.to_ascii_lowercase() {
40 "disabled" => ExaSslMode::Disabled,
41 "preferred" => ExaSslMode::Preferred,
42 "required" => ExaSslMode::Required,
43 "verify_ca" => ExaSslMode::VerifyCa,
44 "verify_identity" => ExaSslMode::VerifyIdentity,
45
46 _ => {
47 return Err(ExaConfigError::InvalidParameter(PARAM_SSL_MODE));
48 }
49 })
50 }
51}