Module openssl::ssl[][src]

SSL/TLS support.

SslConnector and SslAcceptor should be used in most cases - they handle configuration of the OpenSSL primitives for you.

Examples

To connect as a client to a remote server:

use openssl::ssl::{SslMethod, SslConnector};
use std::io::{Read, Write};
use std::net::TcpStream;

let connector = SslConnector::builder(SslMethod::tls()).unwrap().build();

let stream = TcpStream::connect("google.com:443").unwrap();
let mut stream = connector.connect("google.com", stream).unwrap();

stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap();
let mut res = vec![];
stream.read_to_end(&mut res).unwrap();
println!("{}", String::from_utf8_lossy(&res));

To accept connections as a server from remote clients:

use openssl::ssl::{SslMethod, SslAcceptor, SslStream, SslFiletype};
use std::net::{TcpListener, TcpStream};
use std::sync::Arc;
use std::thread;


let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
acceptor.set_private_key_file("key.pem", SslFiletype::PEM).unwrap();
acceptor.set_certificate_chain_file("certs.pem").unwrap();
acceptor.check_private_key().unwrap();
let acceptor = Arc::new(acceptor.build());

let listener = TcpListener::bind("0.0.0.0:8443").unwrap();

fn handle_client(stream: SslStream<TcpStream>) {
    // ...
}

for stream in listener.incoming() {
    match stream {
        Ok(stream) => {
            let acceptor = acceptor.clone();
            thread::spawn(move || {
                let stream = acceptor.accept(stream).unwrap();
                handle_client(stream);
            });
        }
        Err(e) => { /* connection failed */ }
    }
}

Structs

AlpnError

An error returned from an ALPN selection callback.

CipherBits

Information about the state of a cipher.

ClientHelloResponse

The result of a client hello callback.

ConnectConfiguration

A type which allows for configuration of a client-side TLS session before connection.

Error

An SSL error.

ErrorCode

An error code returned from SSL functions.

ExtensionContext

Which messages and under which conditions an extension should be added or expected.

MidHandshakeSslStream

An SSL stream midway through the handshake process.

NameType

An identifier of a session name type.

ShutdownState

The shutdown state of a session.

SniError

An error returned from the SNI callback.

Ssl

The state of an SSL/TLS session.

SslAcceptor

A type which wraps server-side streams in a TLS session.

SslAcceptorBuilder

A builder for SslAcceptors.

SslAlert

An SSL/TLS alert.

SslCipher

Information about a cipher.

SslCipherRef

Reference to an SslCipher.

SslConnector

A type which wraps client-side streams in a TLS session.

SslConnectorBuilder

A builder for SslConnectors.

SslContext

A context object for TLS streams.

SslContextBuilder

A builder for SslContexts.

SslContextRef

Reference to SslContext

SslFiletype

An identifier of the format of a certificate or key file.

SslMethod

A type specifying the kind of protocol an SslContext will speak.

SslMode

Options controlling the behavior of an SslContext.

SslOptions

Options controlling the behavior of an SslContext.

SslRef

Reference to an Ssl.

SslSession

An encoded SSL session.

SslSessionCacheMode

Options controlling the behavior of session caching.

SslSessionRef

Reference to SslSession.

SslStream

A TLS session over a stream.

SslStreamBuilderDeprecated

A partially constructed SslStream, useful for unusual handshakes.

SslVerifyMode

Options controling the behavior of certificate verification.

SslVersion

An SSL/TLS protocol version.

StatusType

An identifier of a certificate status type.

Enums

HandshakeError

An error or intermediate state after a TLS handshake attempt.

ShutdownResult

The result of a shutdown request.

Functions

cipher_name

Returns the OpenSSL name of a cipher corresponding to an RFC-standard cipher name.

select_next_proto

A standard implementation of protocol selection for Application Layer Protocol Negotiation (ALPN).