Struct rustls::ClientSession

pub struct ClientSession { /* private fields */ }

This represents a single TLS client session.

Implementations

impl ClientSession

pub fn new(config: &Arc<ClientConfig>, hostname: DNSNameRef<'_>) -> ClientSession

Make a new ClientSession. config controls how we behave in the TLS protocol, hostname is the hostname of who we want to talk to.

pub fn early_data(&mut self) -> Option<WriteEarlyData<'_>>

Returns an io::Write implementor you can write bytes to to send TLS1.3 early data (a.k.a. “0-RTT data”) to the server.

This returns None in many circumstances when the capability to send early data is not available, including but not limited to:

• The server hasn’t been talked to previously.
• The server does not support resumption.
• The server does not support early data.
• The resumption data for the server has expired.

The server specifies a maximum amount of early data. You can learn this limit through the returned object, and writes through it will process only this many bytes.

The server can choose not to accept any sent early data – in this case the data is lost but the connection continues. You can tell this happened using is_early_data_accepted.

pub fn is_early_data_accepted(&self) -> bool

Returns True if the server signalled it will process early data.

If you sent early data and this returns false at the end of the handshake then the server will not process the data. This is not an error, but you may wish to resend the data.

Trait Implementations

impl Debug for ClientSession

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Read for ClientSession

fn read(&mut self, buf: &mut [u8]) -> Result<usize>

Obtain plaintext data received from the peer over this TLS connection.

If the peer closes the TLS session cleanly, this fails with an error of kind ErrorKind::ConnectionAborted once all the pending data has been read. No further data can be received on that connection, so the underlying TCP connection should closed too.

Note that support close notify varies in peer TLS libraries: many do not support it and uncleanly close the TCP connection (this might be vulnerable to truncation attacks depending on the application protocol). This means applications using rustls must both handle ErrorKind::ConnectionAborted from this function, and unexpected closure of the underlying TCP connection.

fn read_vectored(&mut self, bufs: &mut [IoSliceMut<'_>]) -> Result<usize, Error>

Like read, except that it reads into a slice of buffers.

fn is_read_vectored(&self) -> bool

Determines if this Reader has an efficient read_vectored implementation.

fn read_to_end(&mut self, buf: &mut Vec<u8, Global>) -> Result<usize, Error>

Read all bytes until EOF in this source, placing them into buf.

fn read_to_string(&mut self, buf: &mut String) -> Result<usize, Error>

Read all bytes until EOF in this source, appending them to buf.

fn read_exact(&mut self, buf: &mut [u8]) -> Result<(), Error>

Read the exact number of bytes required to fill buf.

fn read_buf(&mut self, buf: BorrowedCursor<'_>) -> Result<(), Error>

Pull some bytes from this source into the specified buffer.

fn read_buf_exact(&mut self, cursor: BorrowedCursor<'_>) -> Result<(), Error>

Read the exact number of bytes required to fill cursor.

fn by_ref(&mut self) -> &mut Self

Creates a “by reference” adaptor for this instance of Read.

fn bytes(self) -> Bytes<Self>

Transforms this Read instance to an [Iterator] over its bytes.

fn chain<R>(self, next: R) -> Chain<Self, R>where
    R: Read,

Creates an adapter which will chain this stream with another.

fn take(self, limit: u64) -> Take<Self>

Creates an adapter which will read at most limit bytes from it.

impl Session for ClientSession

fn write_tls(&mut self, wr: &mut dyn Write) -> Result<usize>

Writes TLS messages to wr.

fn read_tls(&mut self, rd: &mut dyn Read) -> Result<usize>

Read TLS content from rd. This method does internal buffering, so rd can supply TLS messages in arbitrary- sized chunks (like a socket or pipe might).

fn process_new_packets(&mut self) -> Result<(), TLSError>

Processes any new packets read by a previous call to read_tls. Errors from this function relate to TLS protocol errors, and are fatal to the session. Future calls after an error will do no new work and will return the same error.

fn wants_read(&self) -> bool

Returns true if the caller should call read_tls as soon as possible.

fn wants_write(&self) -> bool

Returns true if the caller should call write_tls as soon as possible.

fn is_handshaking(&self) -> bool

Returns true if the session is currently perform the TLS handshake. During this time plaintext written to the session is buffered in memory.

fn set_buffer_limit(&mut self, len: usize)

Sets a limit on the internal buffers used to buffer unsent plaintext (prior to completing the TLS handshake) and unsent TLS records.

fn send_close_notify(&mut self)

Queues a close_notify fatal alert to be sent in the next write_tls call. This informs the peer that the connection is being closed.

fn get_peer_certificates(&self) -> Option<Vec<Certificate>>

Retrieves the certificate chain used by the peer to authenticate.

fn get_alpn_protocol(&self) -> Option<&[u8]>

Retrieves the protocol agreed with the peer via ALPN.

fn get_protocol_version(&self) -> Option<ProtocolVersion>

Retrieves the protocol version agreed with the peer.

fn export_keying_material(
    &self,
    output: &mut [u8],
    label: &[u8],
    context: Option<&[u8]>
) -> Result<(), TLSError>

Derives key material from the agreed session secrets.

fn get_negotiated_ciphersuite(&self) -> Option<&'static SupportedCipherSuite>

Retrieves the ciphersuite agreed with the peer.

fn complete_io<T>(&mut self, io: &mut T) -> Result<(usize, usize), Error>where
    Self: Sized,
    T: Read + Write,

This function uses io to complete any outstanding IO for this session.

impl Write for ClientSession

fn write(&mut self, buf: &[u8]) -> Result<usize>

Send the plaintext buf to the peer, encrypting and authenticating it. Once this function succeeds you should call write_tls which will output the corresponding TLS records.

This function buffers plaintext sent before the TLS handshake completes, and sends it as soon as it can. This buffer is of unlimited size so writing much data before it can be sent will cause excess memory usage.

fn write_vectored(&mut self, bufs: &[IoSlice<'_>]) -> Result<usize>

Like write, except that it writes from a slice of buffers.

fn flush(&mut self) -> Result<()>

Flush this output stream, ensuring that all intermediately buffered contents reach their destination.

fn is_write_vectored(&self) -> bool

Determines if this Writer has an efficient write_vectored implementation.

fn write_all(&mut self, buf: &[u8]) -> Result<(), Error>

Attempts to write an entire buffer into this writer.

fn write_all_vectored(&mut self, bufs: &mut [IoSlice<'_>]) -> Result<(), Error>

Attempts to write multiple buffers into this writer.

fn write_fmt(&mut self, fmt: Arguments<'_>) -> Result<(), Error>

Writes a formatted string into this writer, returning any error encountered.

fn by_ref(&mut self) -> &mut Self

Creates a “by reference” adapter for this instance of Write.