Enum rustls::Connection

source · 
pub enum Connection {
    Client(ClientConnection),
    Server(ServerConnection),
}
Expand description

A client or server connection.

Variants§

§

Client(ClientConnection)

A client connection

§

Server(ServerConnection)

A server connection

Implementations§

source§

impl Connection

source

pub fn read_tls(&mut self, rd: &mut dyn Read) -> Result<usize, Error>

Read TLS content from rd.

See ConnectionCommon::read_tls() for more information.

source

pub fn write_tls(&mut self, wr: &mut dyn Write) -> Result<usize, Error>

Writes TLS messages to wr.

See ConnectionCommon::write_tls() for more information.

source

pub fn reader(&mut self) -> Reader<'_>

Returns an object that allows reading plaintext.

source

pub fn writer(&mut self) -> Writer<'_>

Returns an object that allows writing plaintext.

source

pub fn process_new_packets(&mut self) -> Result<IoState, Error>

Processes any new packets read by a previous call to Connection::read_tls.

See ConnectionCommon::process_new_packets() for more information.

source

pub fn export_keying_material<T: AsMut<[u8]>>( &self, output: T, label: &[u8], context: Option<&[u8]>, ) -> Result<T, Error>

Derives key material from the agreed connection secrets.

See ConnectionCommon::export_keying_material() for more information.

source

pub fn complete_io<T>(&mut self, io: &mut T) -> Result<(usize, usize), Error>
where Self: Sized, T: Read + Write,

This function uses io to complete any outstanding IO for this connection.

See ConnectionCommon::complete_io() for more information.

source

pub fn dangerous_extract_secrets(self) -> Result<ExtractedSecrets, Error>

Extract secrets, so they can be used when configuring kTLS, for example. Should be used with care as it exposes secret key material.

source

pub fn set_buffer_limit(&mut self, limit: Option<usize>)

Sets a limit on the internal buffers

See ConnectionCommon::set_buffer_limit() for more information.

source

pub fn refresh_traffic_keys(&mut self) -> Result<(), Error>

Sends a TLS1.3 key_update message to refresh a connection’s keys

See ConnectionCommon::refresh_traffic_keys() for more information.

Methods from Deref<Target = CommonState>§

source

pub fn wants_write(&self) -> bool

Returns true if the caller should call Connection::write_tls as soon as possible.

source

pub fn is_handshaking(&self) -> bool

Returns true if the connection is currently performing the TLS handshake.

During this time plaintext written to the connection is buffered in memory. After Connection::process_new_packets() has been called, this might start to return false while the final handshake packets still need to be extracted from the connection’s buffers.

source

pub fn peer_certificates(&self) -> Option<&[CertificateDer<'static>]>

Retrieves the certificate chain or the raw public key used by the peer to authenticate.

The order of the certificate chain is as it appears in the TLS protocol: the first certificate relates to the peer, the second certifies the first, the third certifies the second, and so on.

When using raw public keys, the first and only element is the raw public key.

This is made available for both full and resumed handshakes.

For clients, this is the certificate chain or the raw public key of the server.

For servers, this is the certificate chain or the raw public key of the client, if client authentication was completed.

The return value is None until this value is available.

Note: the return type of the ‘certificate’, when using raw public keys is CertificateDer<'static> even though this should technically be a SubjectPublicKeyInfoDer<'static>. This choice simplifies the API and ensures backwards compatibility.

source

pub fn alpn_protocol(&self) -> Option<&[u8]>

Retrieves the protocol agreed with the peer via ALPN.

A return value of None after handshake completion means no protocol was agreed (because no protocols were offered or accepted by the peer).

source

pub fn negotiated_cipher_suite(&self) -> Option<SupportedCipherSuite>

Retrieves the ciphersuite agreed with the peer.

This returns None until the ciphersuite is agreed.

source

pub fn negotiated_key_exchange_group( &self, ) -> Option<&'static dyn SupportedKxGroup>

Retrieves the key exchange group agreed with the peer.

This function may return None depending on the state of the connection, the type of handshake, and the protocol version.

If CommonState::is_handshaking() is true this function will return None. Similarly, if the CommonState::handshake_kind() is HandshakeKind::Resumed and the CommonState::protocol_version() is TLS 1.2, then no key exchange will have occurred and this function will return None.

source

pub fn protocol_version(&self) -> Option<ProtocolVersion>

Retrieves the protocol version agreed with the peer.

This returns None until the version is agreed.

source

pub fn handshake_kind(&self) -> Option<HandshakeKind>

Which kind of handshake was performed.

This tells you whether the handshake was a resumption or not.

This will return None before it is known which sort of handshake occurred.

source

pub fn send_close_notify(&mut self)

Queues a close_notify warning alert to be sent in the next Connection::write_tls call. This informs the peer that the connection is being closed.

Does nothing if any close_notify or fatal alert was already sent.

source

pub fn wants_read(&self) -> bool

Returns true if the caller should call Connection::read_tls as soon as possible.

If there is pending plaintext data to read with Connection::reader, this returns false. If your application respects this mechanism, only one full TLS message will be buffered by rustls.

Trait Implementations§

source§

impl Debug for Connection

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Deref for Connection

source§

type Target = CommonState

The resulting type after dereferencing.
source§

fn deref(&self) -> &Self::Target

Dereferences the value.
source§

impl DerefMut for Connection

source§

fn deref_mut(&mut self) -> &mut Self::Target

Mutably dereferences the value.
source§

impl From<ClientConnection> for Connection

source§

fn from(conn: ClientConnection) -> Self

Converts to this type from the input type.
source§

impl From<ServerConnection> for Connection

source§

fn from(conn: ServerConnection) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

source§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.