Struct openssl::ssl::SslConnector

pub struct SslConnector(_);

A type which wraps client-side streams in a TLS session.

OpenSSL's default configuration is highly insecure. This connector manages the OpenSSL structures, configuring cipher suites, session options, hostname verification, and more.

OpenSSL's built in hostname verification is used when linking against OpenSSL 1.0.2 or 1.1.0, and a custom implementation is used when linking against OpenSSL 1.0.1.

Methods

impl SslConnector

fn connect<S>(&self,
              domain: &str,
              stream: S)
              -> Result<SslStream<S>, HandshakeError<S>> where S: Read + Write

Initiates a client-side TLS session on a stream.

The domain is used for SNI and hostname verification.

fn danger_connect_without_providing_domain_for_certificate_verification_and_server_name_indication<S>(&self,
                                                                                                      stream: S)
                                                                                                      -> Result<SslStream<S>, HandshakeError<S>> where S: Read + Write

Initiates a client-side TLS session on a stream without performing hostname verification.

The verification configuration of the connector's SslContext is not overridden.

Warning

You should think very carefully before you use this method. If hostname verification is not used, any valid certificate for any site will be trusted for use from any other. This introduces a significant vulnerability to man-in-the-middle attacks.

Trait Implementations

impl Clone for SslConnector

fn clone(&self) -> SslConnector

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.