Module openssl::ssl

source · [−]

Expand description

SSL/TLS support.

SslConnector and SslAcceptor should be used in most cases - they handle configuration of the OpenSSL primitives for you.

Examples

To connect as a client to a remote server:

use openssl::ssl::{SslMethod, SslConnector};
use std::io::{Read, Write};
use std::net::TcpStream;

let connector = SslConnector::builder(SslMethod::tls()).unwrap().build();

let stream = TcpStream::connect("google.com:443").unwrap();
let mut stream = connector.connect("google.com", stream).unwrap();

stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap();
let mut res = vec![];
stream.read_to_end(&mut res).unwrap();
println!("{}", String::from_utf8_lossy(&res));

To accept connections as a server from remote clients:

use openssl::ssl::{SslMethod, SslAcceptor, SslStream, SslFiletype};
use std::net::{TcpListener, TcpStream};
use std::sync::Arc;
use std::thread;


let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
acceptor.set_private_key_file("key.pem", SslFiletype::PEM).unwrap();
acceptor.set_certificate_chain_file("certs.pem").unwrap();
acceptor.check_private_key().unwrap();
let acceptor = Arc::new(acceptor.build());

let listener = TcpListener::bind("0.0.0.0:8443").unwrap();

fn handle_client(stream: SslStream<TcpStream>) {
    // ...
}

for stream in listener.incoming() {
    match stream {
        Ok(stream) => {
            let acceptor = acceptor.clone();
            thread::spawn(move || {
                let stream = acceptor.accept(stream).unwrap();
                handle_client(stream);
            });
        }
        Err(e) => { /* connection failed */ }
    }
}

Structs

An error returned from an ALPN selection callback.

Information about the state of a cipher.

A stack of selected ciphers, and a stack of selected signalling cipher suites

ClientHelloResponse

The result of a client hello callback.

ConnectConfiguration

A type which allows for configuration of a client-side TLS session before connection.

An SSL error.

An error code returned from SSL functions.

ExtensionContext

Which messages and under which conditions an extension should be added or expected.

MidHandshakeSslStream

An SSL stream midway through the handshake process.

An identifier of a session name type.

The shutdown state of a session.

An error returned from the SNI callback.

The state of an SSL/TLS session.

A type which wraps server-side streams in a TLS session.

SslAcceptorBuilder

A builder for SslAcceptors.

An SSL/TLS alert.

Information about a cipher.

Reference to an SslCipher.

A type which wraps client-side streams in a TLS session.

SslConnectorBuilder

A builder for SslConnectors.

A context object for TLS streams.

SslContextBuilder

A builder for SslContexts.

Reference to SslContext

An identifier of the format of a certificate or key file.

A type specifying the kind of protocol an SslContext will speak.

Options controlling the behavior of an SslContext.

Options controlling the behavior of an SslContext.

Reference to an Ssl.

An encoded SSL session.

SslSessionCacheMode

Options controlling the behavior of session caching.

Reference to SslSession.

A TLS session over a stream.

SslStreamBuilderDeprecated

A partially constructed SslStream, useful for unusual handshakes.

Options controlling the behavior of certificate verification.

An SSL/TLS protocol version.

An identifier of a certificate status type.

Enums

An error or intermediate state after a TLS handshake attempt.

The result of a shutdown request.

Functions

Returns the OpenSSL name of a cipher corresponding to an RFC-standard cipher name.

select_next_proto

A standard implementation of protocol selection for Application Layer Protocol Negotiation (ALPN).