Struct openssl::ssl::Ssl

pub struct Ssl(_);

Methods

impl Ssl

pub fn new_ex_index<T>() -> Result<Index<Ssl, T>, ErrorStack> where
    T: 'static + Sync + Send, 

Returns a new extra data index.

Each invocation of this function is guaranteed to return a distinct index.

impl Ssl

pub fn new(ctx: &SslContext) -> Result<Ssl, ErrorStack>

pub fn connect<S>(self, stream: S) -> Result<SslStream<S>, HandshakeError<S>> where
    S: Read + Write, 

Creates an SSL/TLS client operating over the provided stream.

Warning

OpenSSL's default configuration is insecure. It is highly recommended to use SslConnector rather than Ssl directly, as it manages that configuration.

pub fn accept<S>(self, stream: S) -> Result<SslStream<S>, HandshakeError<S>> where
    S: Read + Write, 

Creates an SSL/TLS server operating over the provided stream.

Warning

OpenSSL's default configuration is insecure. It is highly recommended to use SslAcceptor rather than Ssl directly, as it manages that configuration.

Methods from Deref<Target = SslRef>

pub fn set_verify(&mut self, mode: SslVerifyMode)

Sets the verification mode to be used during the handshake process.

Use set_verify_callback to additionally add a callback.

pub fn set_verify_callback<F>(&mut self, mode: SslVerifyMode, verify: F) where
    F: Fn(bool, &X509StoreContextRef) -> bool + Any + 'static + Sync + Send, 

Sets the certificate verification callback to be used during the handshake process.

The callback is provided with a boolean indicating if the preveification process was successful, and an object providing access to the certificate chain. It should return true if the certificate chain is valid and false otherwise.

pub fn set_tmp_dh(&mut self, dh: &DhRef) -> Result<(), ErrorStack>

pub fn set_tmp_dh_callback<F>(&mut self, callback: F) where
    F: Fn(&mut SslRef, bool, u32) -> Result<Dh, ErrorStack> + Any + 'static + Sync + Send, 

pub fn set_tmp_ecdh(&mut self, key: &EcKeyRef) -> Result<(), ErrorStack>

pub fn current_cipher(&self) -> Option<&SslCipherRef>

pub fn state_string(&self) -> &'static str

pub fn state_string_long(&self) -> &'static str

pub fn set_hostname(&mut self, hostname: &str) -> Result<(), ErrorStack>

Sets the host name to be used with SNI (Server Name Indication).

pub fn peer_certificate(&self) -> Option<X509>

Returns the certificate of the peer, if present.

pub fn peer_cert_chain(&self) -> Option<&StackRef<X509>>

Returns the certificate chain of the peer, if present.

On the client side, the chain includes the leaf certificate, but on the server side it does not. Fun!

pub fn certificate(&self) -> Option<&X509Ref>

Returns the certificate associated with this Ssl, if present.

pub fn private_key(&self) -> Option<&PKeyRef>

Returns the private key associated with this Ssl, if present.

pub fn version(&self) -> &'static str

Returns the name of the protocol used for the connection, e.g. "TLSv1.2", "SSLv3", etc.

pub fn selected_npn_protocol(&self) -> Option<&[u8]>

Returns the protocol selected by performing Next Protocol Negotiation, if any.

The protocol's name is returned is an opaque sequence of bytes. It is up to the client to interpret it.

pub fn pending(&self) -> usize

Returns the number of bytes remaining in the currently processed TLS record.

pub fn compression(&self) -> Option<&str>

Returns the compression currently in use.

The result will be either None, indicating no compression is in use, or a string with the compression name.

pub fn servername(&self) -> Option<&str>

Returns the server's name for the current connection

pub fn set_ssl_context(&mut self, ctx: &SslContextRef) -> Result<(), ErrorStack>

Changes the context corresponding to the current connection.

pub fn ssl_context(&self) -> &SslContextRef

Returns the context corresponding to the current connection

pub fn verify_result(&self) -> Option<X509VerifyError>

Returns the result of X509 certificate verification.

pub fn session(&self) -> Option<&SslSessionRef>

Returns the SSL session.

pub unsafe fn set_session(
    &mut self,
    session: &SslSessionRef
) -> Result<(), ErrorStack>

Sets the session to be used.

Safety

The caller of this method is responsible for ensuring that the session is associated with the same SslContext as this Ssl.

pub fn session_reused(&self) -> bool

Determines if the session provided to set_session was successfully reused.

pub fn set_status_type(&mut self, type_: StatusType) -> Result<(), ErrorStack>

Sets the status response a client wishes the server to reply with.

pub fn ocsp_status(&self) -> Option<&[u8]>

Returns the server's OCSP response, if present.

pub fn set_ocsp_status(&mut self, response: &[u8]) -> Result<(), ErrorStack>

Sets the OCSP response to be returned to the client.

pub fn is_server(&self) -> bool

Determines if this Ssl is configured for server-side or client-side use.

pub fn set_ex_data<T>(&mut self, index: Index<Ssl, T>, data: T)

Sets the extra data at the specified index.

pub fn ex_data<T>(&self, index: Index<Ssl, T>) -> Option<&T>

Returns a reference to the extra data at the specified index.

Trait Implementations

impl ForeignType for Ssl

type CType = SSL

The raw C type.

type Ref = SslRef

The type representing a reference to this type.

unsafe fn from_ptr(ptr: *mut SSL) -> Ssl

Constructs an instance of this type from its raw type.

fn as_ptr(&self) -> *mut SSL

Returns a raw pointer to the wrapped value.

impl Drop for Ssl

fn drop(&mut self)

Executes the destructor for this type.

impl Deref for Ssl

type Target = SslRef

The resulting type after dereferencing.

fn deref(&self) -> &SslRef

Dereferences the value.

impl DerefMut for Ssl

fn deref_mut(&mut self) -> &mut SslRef

Mutably dereferences the value.

impl Sync for Ssl

impl Send for Ssl

impl Debug for Ssl

fn fmt(&self, fmt: &mut Formatter) -> Result

Formats the value using the given formatter.