pub struct AllowAnyAnonymousOrAuthenticatedClient { /* private fields */ }Expand description
A ClientCertVerifier that will allow both anonymous and authenticated
clients, without any name checking.
Client authentication will be requested during the TLS handshake. If the
client offers a certificate then this acts like
AllowAnyAuthenticatedClient, otherwise this acts like NoClientAuth.
Implementations
sourceimpl AllowAnyAnonymousOrAuthenticatedClient
impl AllowAnyAnonymousOrAuthenticatedClient
sourcepub fn new(roots: RootCertStore) -> Arc<dyn ClientCertVerifier>
pub fn new(roots: RootCertStore) -> Arc<dyn ClientCertVerifier>
Construct a new AllowAnyAnonymousOrAuthenticatedClient.
roots is the list of trust anchors to use for certificate validation.
Trait Implementations
sourceimpl ClientCertVerifier for AllowAnyAnonymousOrAuthenticatedClient
impl ClientCertVerifier for AllowAnyAnonymousOrAuthenticatedClient
sourcefn offer_client_auth(&self) -> bool
fn offer_client_auth(&self) -> bool
Returns
true to enable the server to request a client certificate and
false to skip requesting a client certificate. Defaults to true. Read moresourcefn client_auth_mandatory(&self, _sni: Option<&DNSName>) -> Option<bool>
fn client_auth_mandatory(&self, _sni: Option<&DNSName>) -> Option<bool>
Return
Some(true) to require a client certificate and Some(false) to make
client authentication optional. Return None to abort the connection.
Defaults to Some(self.offer_client_auth()). Read moresourcefn client_auth_root_subjects(
&self,
sni: Option<&DNSName>
) -> Option<DistinguishedNames>
fn client_auth_root_subjects(
&self,
sni: Option<&DNSName>
) -> Option<DistinguishedNames>
Returns the subject names of the client authentication trust anchors to
share with the client when requesting client authentication. Read more
sourcefn verify_client_cert(
&self,
presented_certs: &[Certificate],
sni: Option<&DNSName>
) -> Result<ClientCertVerified, TLSError>
fn verify_client_cert(
&self,
presented_certs: &[Certificate],
sni: Option<&DNSName>
) -> Result<ClientCertVerified, TLSError>
Verify a certificate chain.
presented_certs is the certificate chain from the client. Read moresourcefn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, TLSError>
fn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, TLSError>
Verify a signature allegedly by the given server certificate. Read more
sourcefn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, TLSError>
fn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, TLSError>
Verify a signature allegedly by the given server certificate. Read more
sourcefn supported_verify_schemes(&self) -> Vec<SignatureScheme>
fn supported_verify_schemes(&self) -> Vec<SignatureScheme>
Return the list of SignatureSchemes that this verifier will handle,
in
verify_tls12_signature and verify_tls13_signature calls. Read moreAuto Trait Implementations
impl RefUnwindSafe for AllowAnyAnonymousOrAuthenticatedClient
impl Send for AllowAnyAnonymousOrAuthenticatedClient
impl Sync for AllowAnyAnonymousOrAuthenticatedClient
impl Unpin for AllowAnyAnonymousOrAuthenticatedClient
impl UnwindSafe for AllowAnyAnonymousOrAuthenticatedClient
Blanket Implementations
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
const: unstablefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more