[−][src]Module openssl::ssl

SSL/TLS support.

SslConnector and SslAcceptor should be used in most cases - they handle configuration of the OpenSSL primitives for you.

Examples

To connect as a client to a remote server:

use openssl::ssl::{SslMethod, SslConnector};
use std::io::{Read, Write};
use std::net::TcpStream;

let connector = SslConnector::builder(SslMethod::tls()).unwrap().build();

let stream = TcpStream::connect("google.com:443").unwrap();
let mut stream = connector.connect("google.com", stream).unwrap();

stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap();
let mut res = vec![];
stream.read_to_end(&mut res).unwrap();
println!("{}", String::from_utf8_lossy(&res));

To accept connections as a server from remote clients:

use openssl::ssl::{SslMethod, SslAcceptor, SslStream, SslFiletype};
use std::net::{TcpListener, TcpStream};
use std::sync::Arc;
use std::thread;


let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
acceptor.set_private_key_file("key.pem", SslFiletype::PEM).unwrap();
acceptor.set_certificate_chain_file("certs.pem").unwrap();
acceptor.check_private_key().unwrap();
let acceptor = Arc::new(acceptor.build());

let listener = TcpListener::bind("0.0.0.0:8443").unwrap();

fn handle_client(stream: SslStream<TcpStream>) {
    // ...
}

for stream in listener.incoming() {
    match stream {
        Ok(stream) => {
            let acceptor = acceptor.clone();
            thread::spawn(move || {
                let stream = acceptor.accept(stream).unwrap();
                handle_client(stream);
            });
        }
        Err(e) => { /* connection failed */ }
    }
}

Structs

CipherBits	Information about the state of a cipher.
ConnectConfiguration	A type which allows for configuration of a client-side TLS session before connection.
Error	An SSL error.
ErrorCode	An error code returned from SSL functions.
MidHandshakeSslStream	An SSL stream midway through the handshake process.
NameType	An identifier of a session name type.
ShutdownState	The shutdown state of a session.
SniError	An error returned from the SNI callback.
Ssl	The state of an SSL/TLS session.
SslAcceptor	A type which wraps server-side streams in a TLS session.
SslAcceptorBuilder	A builder for `SslAcceptor`s.
SslAlert	An SSL/TLS alert.
SslCipher	Information about a cipher.
SslCipherRef	Reference to an `SslCipher`.
SslConnector	A type which wraps client-side streams in a TLS session.
SslConnectorBuilder	A builder for `SslConnector`s.
SslContext	A context object for TLS streams.
SslContextBuilder	A builder for `SslContext`s.
SslContextRef	Reference to `SslContext`
SslFiletype	An identifier of the format of a certificate or key file.
SslMethod	A type specifying the kind of protocol an `SslContext` will speak.
SslMode	Options controlling the behavior of an `SslContext`.
SslOptions	Options controlling the behavior of an `SslContext`.
SslRef	Reference to an `Ssl`.
SslSession	An encoded SSL session.
SslSessionCacheMode	Options controlling the behavior of session caching.
SslSessionRef	Reference to `SslSession`.
SslStream	A TLS session over a stream.
SslStreamBuilder	A partially constructed `SslStream`, useful for unusual handshakes.
SslVerifyMode	Options controling the behavior of certificate verification.
SslVersion	An SSL/TLS protocol version.
StatusType	An identifier of a certificate status type.

Enums

HandshakeError	An error or intermediate state after a TLS handshake attempt.
ShutdownResult	The result of a shutdown request.

Functions

SSL_CTX_up_ref ^⚠
SSL_SESSION_get_master_key ^⚠
SSL_SESSION_up_ref ^⚠
SSL_is_server ^⚠
select_next_proto	A standard implementation of protocol selection for Application Layer Protocol Negotiation (ALPN).