Struct TlsClientConfig
pub struct TlsClientConfig(/* private fields */);boring only.Expand description
A backend agnostic builder for the common TLS configs.
It holds a set of fine grained config extensions (e.g. TlsAlpn, TlsServerVerify)
and exposes typed setters for the settings both TLS backends support.
Backend crates add setters for their backend-specific pieces via extension
traits (RustlsClientConfigExt or BoringServerConfigExt).
Implementations§
§impl TlsClientConfig
impl TlsClientConfig
pub fn new() -> TlsClientConfig
pub fn new() -> TlsClientConfig
Create an empty config.
pub fn default_http() -> TlsClientConfig
pub fn default_http() -> TlsClientConfig
Create a default TlsClientConfig that enables:
- ALPN: H2, http1.1
- Keylogger:
KeyLogIntent::Environment
pub fn write_to(&self, extensions: &Extensions)
pub fn write_to(&self, extensions: &Extensions)
Transfer this config’s pieces onto extensions (appending, so they
override existing entries of the same type — newest-wins). Use this to
transfer the tls config to e.g. request extensions
pub fn with_alpn(
self,
protocols: SmallVec<[ApplicationProtocol; 2]>,
) -> TlsClientConfig
pub fn with_alpn( self, protocols: SmallVec<[ApplicationProtocol; 2]>, ) -> TlsClientConfig
Set the ALPN protocols to offer.
pub fn set_alpn(
&mut self,
protocols: SmallVec<[ApplicationProtocol; 2]>,
) -> &mut TlsClientConfig
pub fn set_alpn( &mut self, protocols: SmallVec<[ApplicationProtocol; 2]>, ) -> &mut TlsClientConfig
Set the ALPN protocols to offer.
pub fn with_alpn_http_auto(self) -> TlsClientConfig
pub fn with_alpn_http_auto(self) -> TlsClientConfig
Offer HTTP/2 and HTTP/1.1 via ALPN.
pub fn set_alpn_http_auto(&mut self) -> &mut TlsClientConfig
pub fn set_alpn_http_auto(&mut self) -> &mut TlsClientConfig
Offer HTTP/2 and HTTP/1.1 via ALPN.
pub fn with_alpn_http_1(self) -> TlsClientConfig
pub fn with_alpn_http_1(self) -> TlsClientConfig
Offer HTTP/1.1 only via ALPN.
pub fn set_alpn_http_1(&mut self) -> &mut TlsClientConfig
pub fn set_alpn_http_1(&mut self) -> &mut TlsClientConfig
Offer HTTP/1.1 only via ALPN.
pub fn with_alpn_http_2(self) -> TlsClientConfig
pub fn with_alpn_http_2(self) -> TlsClientConfig
Offer HTTP/2 only via ALPN.
pub fn set_alpn_http_2(&mut self) -> &mut TlsClientConfig
pub fn set_alpn_http_2(&mut self) -> &mut TlsClientConfig
Offer HTTP/2 only via ALPN.
pub fn with_server_name(self, server_name: Host) -> TlsClientConfig
pub fn with_server_name(self, server_name: Host) -> TlsClientConfig
Set the client SNI (server name) to send.
Overrides the SNI the connector would otherwise derive: the transport
authority host, or for a tunnel connector, the TlsTunnel sni
pub fn set_server_name(&mut self, server_name: Host) -> &mut TlsClientConfig
pub fn set_server_name(&mut self, server_name: Host) -> &mut TlsClientConfig
Set the client SNI (server name) to send.
Overrides the SNI the connector would otherwise derive: the transport
authority host, or for a tunnel connector, the TlsTunnel sni
pub fn with_server_verify(self, mode: ServerVerifyMode) -> TlsClientConfig
pub fn with_server_verify(self, mode: ServerVerifyMode) -> TlsClientConfig
Set how the server certificate is verified.
pub fn set_server_verify(
&mut self,
mode: ServerVerifyMode,
) -> &mut TlsClientConfig
pub fn set_server_verify( &mut self, mode: ServerVerifyMode, ) -> &mut TlsClientConfig
Set how the server certificate is verified.
pub fn with_supported_versions(
self,
versions: Vec<ProtocolVersion>,
) -> TlsClientConfig
pub fn with_supported_versions( self, versions: Vec<ProtocolVersion>, ) -> TlsClientConfig
Set the supported protocol versions.
pub fn set_supported_versions(
&mut self,
versions: Vec<ProtocolVersion>,
) -> &mut TlsClientConfig
pub fn set_supported_versions( &mut self, versions: Vec<ProtocolVersion>, ) -> &mut TlsClientConfig
Set the supported protocol versions.
pub fn with_keylog(self, intent: KeyLogIntent) -> TlsClientConfig
pub fn with_keylog(self, intent: KeyLogIntent) -> TlsClientConfig
Set the keylog intent.
pub fn set_keylog(&mut self, intent: KeyLogIntent) -> &mut TlsClientConfig
pub fn set_keylog(&mut self, intent: KeyLogIntent) -> &mut TlsClientConfig
Set the keylog intent.
pub fn with_client_auth(self, client_auth: ClientAuth) -> TlsClientConfig
pub fn with_client_auth(self, client_auth: ClientAuth) -> TlsClientConfig
Set the client certificate authentication material (mTLS).
pub fn set_client_auth(
&mut self,
client_auth: ClientAuth,
) -> &mut TlsClientConfig
pub fn set_client_auth( &mut self, client_auth: ClientAuth, ) -> &mut TlsClientConfig
Set the client certificate authentication material (mTLS).
pub fn with_store_server_cert_chain(self, store: bool) -> TlsClientConfig
pub fn with_store_server_cert_chain(self, store: bool) -> TlsClientConfig
Set whether the peer certificate chain is captured.
pub fn set_store_server_cert_chain(
&mut self,
store: bool,
) -> &mut TlsClientConfig
pub fn set_store_server_cert_chain( &mut self, store: bool, ) -> &mut TlsClientConfig
Set whether the peer certificate chain is captured.
pub fn as_extensions(&self) -> &Extensions
Trait Implementations§
§impl BoringClientConfigExt for TlsClientConfig
impl BoringClientConfigExt for TlsClientConfig
§fn new_from_client_hello(hello: &ClientHello) -> TlsClientConfig
fn new_from_client_hello(hello: &ClientHello) -> TlsClientConfig
ClientHello§fn with_mimic_client_hello(self, hello: &ClientHello) -> TlsClientConfig
fn with_mimic_client_hello(self, hello: &ClientHello) -> TlsClientConfig
ClientHello onto this config.§fn set_mimic_client_hello(
&mut self,
hello: &ClientHello,
) -> &mut TlsClientConfig
fn set_mimic_client_hello( &mut self, hello: &ClientHello, ) -> &mut TlsClientConfig
ClientHello onto this config.§fn with_cipher_suites(self, suites: Vec<CipherSuite>) -> TlsClientConfig
fn with_cipher_suites(self, suites: Vec<CipherSuite>) -> TlsClientConfig
§fn set_cipher_suites(
&mut self,
suites: Vec<CipherSuite>,
) -> &mut TlsClientConfig
fn set_cipher_suites( &mut self, suites: Vec<CipherSuite>, ) -> &mut TlsClientConfig
§fn with_supported_groups(self, groups: Vec<SupportedGroup>) -> TlsClientConfig
fn with_supported_groups(self, groups: Vec<SupportedGroup>) -> TlsClientConfig
§fn set_supported_groups(
&mut self,
groups: Vec<SupportedGroup>,
) -> &mut TlsClientConfig
fn set_supported_groups( &mut self, groups: Vec<SupportedGroup>, ) -> &mut TlsClientConfig
§fn with_signature_schemes(
self,
schemes: Vec<SignatureScheme>,
) -> TlsClientConfig
fn with_signature_schemes( self, schemes: Vec<SignatureScheme>, ) -> TlsClientConfig
§fn set_signature_schemes(
&mut self,
schemes: Vec<SignatureScheme>,
) -> &mut TlsClientConfig
fn set_signature_schemes( &mut self, schemes: Vec<SignatureScheme>, ) -> &mut TlsClientConfig
§fn with_grease(self, enabled: bool) -> TlsClientConfig
fn with_grease(self, enabled: bool) -> TlsClientConfig
§fn set_grease(&mut self, enabled: bool) -> &mut TlsClientConfig
fn set_grease(&mut self, enabled: bool) -> &mut TlsClientConfig
§fn with_alps(
self,
protocols: Vec<ApplicationProtocol>,
new_codepoint: bool,
) -> TlsClientConfig
fn with_alps( self, protocols: Vec<ApplicationProtocol>, new_codepoint: bool, ) -> TlsClientConfig
§fn set_alps(
&mut self,
protocols: Vec<ApplicationProtocol>,
new_codepoint: bool,
) -> &mut TlsClientConfig
fn set_alps( &mut self, protocols: Vec<ApplicationProtocol>, new_codepoint: bool, ) -> &mut TlsClientConfig
§fn with_extension_order(self, order: Vec<ExtensionId>) -> TlsClientConfig
fn with_extension_order(self, order: Vec<ExtensionId>) -> TlsClientConfig
§fn set_extension_order(
&mut self,
order: Vec<ExtensionId>,
) -> &mut TlsClientConfig
fn set_extension_order( &mut self, order: Vec<ExtensionId>, ) -> &mut TlsClientConfig
§fn with_cert_compression(
self,
algorithms: Vec<CertificateCompressionAlgorithm>,
) -> TlsClientConfig
fn with_cert_compression( self, algorithms: Vec<CertificateCompressionAlgorithm>, ) -> TlsClientConfig
§fn set_cert_compression(
&mut self,
algorithms: Vec<CertificateCompressionAlgorithm>,
) -> &mut TlsClientConfig
fn set_cert_compression( &mut self, algorithms: Vec<CertificateCompressionAlgorithm>, ) -> &mut TlsClientConfig
§fn with_delegated_credentials(
self,
schemes: Vec<SignatureScheme>,
) -> TlsClientConfig
fn with_delegated_credentials( self, schemes: Vec<SignatureScheme>, ) -> TlsClientConfig
§fn set_delegated_credentials(
&mut self,
schemes: Vec<SignatureScheme>,
) -> &mut TlsClientConfig
fn set_delegated_credentials( &mut self, schemes: Vec<SignatureScheme>, ) -> &mut TlsClientConfig
§fn with_record_size_limit(self, limit: u16) -> TlsClientConfig
fn with_record_size_limit(self, limit: u16) -> TlsClientConfig
record_size_limit value.§fn set_record_size_limit(&mut self, limit: u16) -> &mut TlsClientConfig
fn set_record_size_limit(&mut self, limit: u16) -> &mut TlsClientConfig
record_size_limit value.§fn with_encrypted_client_hello(self, enabled: bool) -> TlsClientConfig
fn with_encrypted_client_hello(self, enabled: bool) -> TlsClientConfig
§fn set_encrypted_client_hello(&mut self, enabled: bool) -> &mut TlsClientConfig
fn set_encrypted_client_hello(&mut self, enabled: bool) -> &mut TlsClientConfig
§fn with_ocsp_stapling(self, enabled: bool) -> TlsClientConfig
fn with_ocsp_stapling(self, enabled: bool) -> TlsClientConfig
§fn set_ocsp_stapling(&mut self, enabled: bool) -> &mut TlsClientConfig
fn set_ocsp_stapling(&mut self, enabled: bool) -> &mut TlsClientConfig
§fn with_signed_cert_timestamps(self, enabled: bool) -> TlsClientConfig
fn with_signed_cert_timestamps(self, enabled: bool) -> TlsClientConfig
§fn set_signed_cert_timestamps(&mut self, enabled: bool) -> &mut TlsClientConfig
fn set_signed_cert_timestamps(&mut self, enabled: bool) -> &mut TlsClientConfig
§fn with_server_verify_cert_store(self, store: Arc<X509Store>) -> TlsClientConfig
fn with_server_verify_cert_store(self, store: Arc<X509Store>) -> TlsClientConfig
§fn set_server_verify_cert_store(
&mut self,
store: Arc<X509Store>,
) -> &mut TlsClientConfig
fn set_server_verify_cert_store( &mut self, store: Arc<X509Store>, ) -> &mut TlsClientConfig
§fn with_min_version(self, version: ProtocolVersion) -> TlsClientConfig
fn with_min_version(self, version: ProtocolVersion) -> TlsClientConfig
§fn set_min_version(&mut self, version: ProtocolVersion) -> &mut TlsClientConfig
fn set_min_version(&mut self, version: ProtocolVersion) -> &mut TlsClientConfig
§fn with_max_version(self, version: ProtocolVersion) -> TlsClientConfig
fn with_max_version(self, version: ProtocolVersion) -> TlsClientConfig
§fn set_max_version(&mut self, version: ProtocolVersion) -> &mut TlsClientConfig
fn set_max_version(&mut self, version: ProtocolVersion) -> &mut TlsClientConfig
§impl Clone for TlsClientConfig
impl Clone for TlsClientConfig
§fn clone(&self) -> TlsClientConfig
fn clone(&self) -> TlsClientConfig
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read more§impl Debug for TlsClientConfig
impl Debug for TlsClientConfig
§impl Default for TlsClientConfig
impl Default for TlsClientConfig
§fn default() -> TlsClientConfig
fn default() -> TlsClientConfig
§impl RamaFrom<&ClientHello, RamaTlsBoringCrateMarker> for TlsClientConfig
impl RamaFrom<&ClientHello, RamaTlsBoringCrateMarker> for TlsClientConfig
fn rama_from(hello: &ClientHello) -> TlsClientConfig
§impl RamaTryFrom<&TlsClientConfig, RamaTlsRustlsCrateMarker> for ClientConfig
impl RamaTryFrom<&TlsClientConfig, RamaTlsRustlsCrateMarker> for ClientConfig
type Error = Box<dyn Error + Send + Sync>
fn rama_try_from( value: &TlsClientConfig, ) -> Result<ClientConfig, <ClientConfig as RamaTryFrom<&TlsClientConfig, RamaTlsRustlsCrateMarker>>::Error>
§impl RamaTryFrom<TlsClientConfig, RamaTlsRustlsCrateMarker> for ClientConfig
impl RamaTryFrom<TlsClientConfig, RamaTlsRustlsCrateMarker> for ClientConfig
type Error = Box<dyn Error + Send + Sync>
fn rama_try_from( value: TlsClientConfig, ) -> Result<ClientConfig, <ClientConfig as RamaTryFrom<TlsClientConfig, RamaTlsRustlsCrateMarker>>::Error>
§impl RustlsClientConfigExt for TlsClientConfig
impl RustlsClientConfigExt for TlsClientConfig
§fn with_cert_verifier(
self,
verifier: Arc<dyn ServerCertVerifier>,
) -> TlsClientConfig
fn with_cert_verifier( self, verifier: Arc<dyn ServerCertVerifier>, ) -> TlsClientConfig
§fn set_cert_verifier(
&mut self,
verifier: Arc<dyn ServerCertVerifier>,
) -> &mut TlsClientConfig
fn set_cert_verifier( &mut self, verifier: Arc<dyn ServerCertVerifier>, ) -> &mut TlsClientConfig
§fn with_modify_rustls_config(
self,
modify: impl Fn(ClientConfig) -> Result<ClientConfig, Box<dyn Error + Send + Sync>> + Send + Sync + 'static,
) -> TlsClientConfig
fn with_modify_rustls_config( self, modify: impl Fn(ClientConfig) -> Result<ClientConfig, Box<dyn Error + Send + Sync>> + Send + Sync + 'static, ) -> TlsClientConfig
ClientConfig build: see ModifyRustlsClientConfig.§fn set_modify_rustls_config(
&mut self,
modify: impl Fn(ClientConfig) -> Result<ClientConfig, Box<dyn Error + Send + Sync>> + Send + Sync + 'static,
) -> &mut TlsClientConfig
fn set_modify_rustls_config( &mut self, modify: impl Fn(ClientConfig) -> Result<ClientConfig, Box<dyn Error + Send + Sync>> + Send + Sync + 'static, ) -> &mut TlsClientConfig
ClientConfig build: see ModifyRustlsClientConfig.§impl TryFrom<&TlsClientConfig> for TlsConnectorData
impl TryFrom<&TlsClientConfig> for TlsConnectorData
§fn try_from(
value: &TlsClientConfig,
) -> Result<TlsConnectorData, <TlsConnectorData as TryFrom<&TlsClientConfig>>::Error>
fn try_from( value: &TlsClientConfig, ) -> Result<TlsConnectorData, <TlsConnectorData as TryFrom<&TlsClientConfig>>::Error>
Build TlsConnectorData from a TlsClientConfig by gathering its
pieces (the same path the connector uses internally).
Auto Trait Implementations§
impl Freeze for TlsClientConfig
impl RefUnwindSafe for TlsClientConfig
impl Send for TlsClientConfig
impl Sync for TlsClientConfig
impl Unpin for TlsClientConfig
impl UnsafeUnpin for TlsClientConfig
impl UnwindSafe for TlsClientConfig
Blanket Implementations§
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
§impl<T> FutureExt for T
impl<T> FutureExt for T
§fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
§fn with_current_context(self) -> WithContext<Self> ⓘ
fn with_current_context(self) -> WithContext<Self> ⓘ
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
§fn in_current_span(self) -> Instrumented<Self> ⓘ
fn in_current_span(self) -> Instrumented<Self> ⓘ
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more§impl<T> IntoRequest<T> for T
impl<T> IntoRequest<T> for T
§fn into_request(self) -> Request<T>
fn into_request(self) -> Request<T>
T in a rama_grpc::Request§impl<T> Pointable for T
impl<T> Pointable for T
§impl<T> PolicyExt for Twhere
T: ?Sized,
impl<T> PolicyExt for Twhere
T: ?Sized,
§fn and<P, B, E>(self, other: P) -> And<T, P>
fn and<P, B, E>(self, other: P) -> And<T, P>
Policy that returns Action::Follow only if self and other return
Action::Follow. Read more§impl<T, U> RamaTryFrom<T> for Uwhere
U: TryFrom<T>,
impl<T, U> RamaTryFrom<T> for Uwhere
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
fn rama_try_from(value: T) -> Result<U, <U as RamaTryFrom<T>>::Error>
§impl<T, U, CrateMarker> RamaTryInto<U, CrateMarker> for Twhere
U: RamaTryFrom<T, CrateMarker>,
impl<T, U, CrateMarker> RamaTryInto<U, CrateMarker> for Twhere
U: RamaTryFrom<T, CrateMarker>,
type Error = <U as RamaTryFrom<T, CrateMarker>>::Error
fn rama_try_into(self) -> Result<U, <U as RamaTryFrom<T, CrateMarker>>::Error>
impl<T> Read<Exclusive, BecauseExclusive> for Twhere
T: ?Sized,
§impl<V, F> ValueFormatter<&V> for F
impl<V, F> ValueFormatter<&V> for F
§fn format_value(writer: impl ValueWriter, value: &&V)
fn format_value(writer: impl ValueWriter, value: &&V)
value to writer§impl<V, F> ValueFormatter<Arc<V>> for F
impl<V, F> ValueFormatter<Arc<V>> for F
§fn format_value(writer: impl ValueWriter, value: &Arc<V>)
fn format_value(writer: impl ValueWriter, value: &Arc<V>)
value to writer§impl<V, F> ValueFormatter<Box<V>> for F
impl<V, F> ValueFormatter<Box<V>> for F
§fn format_value(writer: impl ValueWriter, value: &Box<V>)
fn format_value(writer: impl ValueWriter, value: &Box<V>)
value to writer§impl<V, F> ValueFormatter<Cow<'_, V>> for F
impl<V, F> ValueFormatter<Cow<'_, V>> for F
§fn format_value(writer: impl ValueWriter, value: &Cow<'_, V>)
fn format_value(writer: impl ValueWriter, value: &Cow<'_, V>)
value to writer§impl<V, F> ValueFormatter<Option<V>> for Fwhere
F: ValueFormatter<V> + ?Sized,
impl<V, F> ValueFormatter<Option<V>> for Fwhere
F: ValueFormatter<V> + ?Sized,
§fn format_value(writer: impl ValueWriter, value: &Option<V>)
fn format_value(writer: impl ValueWriter, value: &Option<V>)
value to writer