Module openssl::ssl
[−]
[src]
SSL/TLS support.
SslConnector and SslAcceptor should be used in most cases - they handle
configuration of the OpenSSL primitives for you.
Examples
To connect as a client to a remote server:
use openssl::ssl::{SslMethod, SslConnectorBuilder}; use std::io::{Read, Write}; use std::net::TcpStream; let connector = SslConnectorBuilder::new(SslMethod::tls()).unwrap().build(); let stream = TcpStream::connect("google.com:443").unwrap(); let mut stream = connector.connect("google.com", stream).unwrap(); stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap(); let mut res = vec![]; stream.read_to_end(&mut res).unwrap(); println!("{}", String::from_utf8_lossy(&res));
To accept connections as a server from remote clients:
use openssl::pkcs12::Pkcs12; use openssl::ssl::{SslMethod, SslAcceptorBuilder, SslStream}; use std::fs::File; use std::io::{Read, Write}; use std::net::{TcpListener, TcpStream}; use std::sync::Arc; use std::thread; // In this example we retrieve our keypair and certificate chain from a PKCS #12 archive, // but but they can also be retrieved from, for example, individual PEM- or DER-formatted // files. See the documentation for the `PKey` and `X509` types for more details. let mut file = File::open("identity.pfx").unwrap(); let mut pkcs12 = vec![]; file.read_to_end(&mut pkcs12).unwrap(); let pkcs12 = Pkcs12::from_der(&pkcs12).unwrap(); let identity = pkcs12.parse("password123").unwrap(); let acceptor = SslAcceptorBuilder::mozilla_intermediate(SslMethod::tls(), &identity.pkey, &identity.cert, &identity.chain) .unwrap() .build(); let acceptor = Arc::new(acceptor); let listener = TcpListener::bind("0.0.0.0:8443").unwrap(); fn handle_client(stream: SslStream<TcpStream>) { // ... } for stream in listener.incoming() { match stream { Ok(stream) => { let acceptor = acceptor.clone(); thread::spawn(move || { let stream = acceptor.accept(stream).unwrap(); handle_client(stream); }); } Err(e) => { /* connection failed */ } } }
Structs
| CipherBits | |
| MidHandshakeSslStream |
An SSL stream midway through the handshake process. |
| Ssl | |
| SslAcceptor |
A type which wraps server-side streams in a TLS session. |
| SslAcceptorBuilder |
A builder for |
| SslCipher | |
| SslCipherRef | |
| SslConnector |
A type which wraps client-side streams in a TLS session. |
| SslConnectorBuilder |
A builder for |
| SslContext | |
| SslContextBuilder |
A builder for |
| SslContextRef | |
| SslMethod | |
| SslMode | |
| SslOption | |
| SslRef | |
| SslStream |
A stream wrapper which handles SSL encryption for an underlying stream. |
| SslVerifyMode |
Enums
| Error |
An SSL error. |
| HandshakeError |
An error or intermediate state after a TLS handshake attempt. |
| ShutdownResult |
The result of a shutdown request. |
| SniError |
An error returned from an SNI callback. |