Struct openssl::ssl::SslContext
source · pub struct SslContext(_);
Expand description
A context object for TLS streams.
Applications commonly configure a single SslContext
that is shared by all of its
SslStreams
.
Implementations§
source§impl SslContext
impl SslContext
sourcepub fn builder(method: SslMethod) -> Result<SslContextBuilder, ErrorStack>
pub fn builder(method: SslMethod) -> Result<SslContextBuilder, ErrorStack>
Creates a new builder object for an SslContext
.
sourcepub fn new_ex_index<T>() -> Result<Index<SslContext, T>, ErrorStack>where
T: 'static + Sync + Send,
pub fn new_ex_index<T>() -> Result<Index<SslContext, T>, ErrorStack>where T: 'static + Sync + Send,
Returns a new extra data index.
Each invocation of this function is guaranteed to return a distinct index. These can be used to store data in the context that can be retrieved later by callbacks, for example.
This corresponds to SSL_CTX_get_ex_new_index
.
Methods from Deref<Target = SslContextRef>§
sourcepub fn certificate(&self) -> Option<&X509Ref>
pub fn certificate(&self) -> Option<&X509Ref>
Returns the certificate associated with this SslContext
, if present.
Requires OpenSSL 1.0.2 or LibreSSL 2.7.0 or newer.
This corresponds to SSL_CTX_get0_certificate
.
sourcepub fn private_key(&self) -> Option<&PKeyRef<Private>>
pub fn private_key(&self) -> Option<&PKeyRef<Private>>
Returns the private key associated with this SslContext
, if present.
Requires OpenSSL 1.0.2 or LibreSSL 3.4.0 or newer.
This corresponds to SSL_CTX_get0_privatekey
.
sourcepub fn cert_store(&self) -> &X509StoreRef
pub fn cert_store(&self) -> &X509StoreRef
Returns a shared reference to the certificate store used for verification.
This corresponds to SSL_CTX_get_cert_store
.
sourcepub fn extra_chain_certs(&self) -> &StackRef<X509>
pub fn extra_chain_certs(&self) -> &StackRef<X509>
Returns a shared reference to the stack of certificates making up the chain from the leaf.
This corresponds to SSL_CTX_get_extra_chain_certs
.
sourcepub fn ex_data<T>(&self, index: Index<SslContext, T>) -> Option<&T>
pub fn ex_data<T>(&self, index: Index<SslContext, T>) -> Option<&T>
Returns a reference to the extra data at the specified index.
This corresponds to SSL_CTX_get_ex_data
.
sourcepub fn max_early_data(&self) -> u32
pub fn max_early_data(&self) -> u32
Gets the maximum amount of early data that will be accepted on incoming connections.
Requires OpenSSL 1.1.1 or LibreSSL 3.4.0 or newer.
This corresponds to SSL_CTX_get_max_early_data
.
sourcepub unsafe fn add_session(&self, session: &SslSessionRef) -> bool
pub unsafe fn add_session(&self, session: &SslSessionRef) -> bool
Adds a session to the context’s cache.
Returns true
if the session was successfully added to the cache, and false
if it was already present.
Safety
The caller of this method is responsible for ensuring that the session has never been used with another
SslContext
than this one.
This corresponds to SSL_CTX_add_session
.
sourcepub unsafe fn remove_session(&self, session: &SslSessionRef) -> bool
pub unsafe fn remove_session(&self, session: &SslSessionRef) -> bool
Removes a session from the context’s cache and marks it as non-resumable.
Returns true
if the session was successfully found and removed, and false
otherwise.
Safety
The caller of this method is responsible for ensuring that the session has never been used with another
SslContext
than this one.
This corresponds to SSL_CTX_remove_session
.
sourcepub fn session_cache_size(&self) -> i64
pub fn session_cache_size(&self) -> i64
Returns the context’s session cache size limit.
A value of 0 means that the cache size is unbounded.
This corresponds to SSL_CTX_sess_get_cache_size
.
sourcepub fn verify_mode(&self) -> SslVerifyMode
pub fn verify_mode(&self) -> SslVerifyMode
Returns the verify mode that was set on this context from SslContextBuilder::set_verify
.
This corresponds to SSL_CTX_get_verify_mode
.
sourcepub fn num_tickets(&self) -> usize
pub fn num_tickets(&self) -> usize
Gets the number of TLS 1.3 session tickets that will be sent to a client after a full handshake.
Requires OpenSSL 1.1.1 or newer.
This corresponds to SSL_CTX_get_num_tickets
.