Struct openssl::ssl::SslOptions
source · pub struct SslOptions(/* private fields */);
Expand description
Options controlling the behavior of an SslContext
.
Implementations§
source§impl SslOptions
impl SslOptions
sourcepub const DONT_INSERT_EMPTY_FRAGMENTS: Self = _
pub const DONT_INSERT_EMPTY_FRAGMENTS: Self = _
Disables a countermeasure against an SSLv3/TLSv1.0 vulnerability affecting CBC ciphers.
sourcepub const ALL: Self = _
pub const ALL: Self = _
A “reasonable default” set of options which enables compatibility flags.
sourcepub const NO_QUERY_MTU: Self = _
pub const NO_QUERY_MTU: Self = _
Do not query the MTU.
Only affects DTLS connections.
sourcepub const COOKIE_EXCHANGE: Self = _
pub const COOKIE_EXCHANGE: Self = _
Enables Cookie Exchange as described in RFC 4347 Section 4.2.1.
Only affects DTLS connections.
sourcepub const NO_SESSION_RESUMPTION_ON_RENEGOTIATION: Self = _
pub const NO_SESSION_RESUMPTION_ON_RENEGOTIATION: Self = _
Always start a new session when performing a renegotiation on the server side.
sourcepub const NO_COMPRESSION: Self = _
pub const NO_COMPRESSION: Self = _
Disables the use of TLS compression.
sourcepub const ALLOW_UNSAFE_LEGACY_RENEGOTIATION: Self = _
pub const ALLOW_UNSAFE_LEGACY_RENEGOTIATION: Self = _
Allow legacy insecure renegotiation with servers or clients that do not support secure renegotiation.
sourcepub const SINGLE_ECDH_USE: Self = _
pub const SINGLE_ECDH_USE: Self = _
Creates a new key for each session when using ECDHE.
This is always enabled in OpenSSL 1.1.0.
sourcepub const SINGLE_DH_USE: Self = _
pub const SINGLE_DH_USE: Self = _
Creates a new key for each session when using DHE.
This is always enabled in OpenSSL 1.1.0.
sourcepub const CIPHER_SERVER_PREFERENCE: Self = _
pub const CIPHER_SERVER_PREFERENCE: Self = _
Use the server’s preferences rather than the client’s when selecting a cipher.
This has no effect on the client side.
sourcepub const TLS_ROLLBACK_BUG: Self = _
pub const TLS_ROLLBACK_BUG: Self = _
Disables version rollback attach detection.
sourcepub const NO_TLSV1_1: Self = _
pub const NO_TLSV1_1: Self = _
Disables the use of TLSv1.1.
sourcepub const NO_TLSV1_2: Self = _
pub const NO_TLSV1_2: Self = _
Disables the use of TLSv1.2.
sourcepub const NO_TLSV1_3: Self = _
pub const NO_TLSV1_3: Self = _
Disables the use of TLSv1.3.
Requires OpenSSL 1.1.1 or LibreSSL 3.4.0 or newer.
sourcepub const NO_DTLSV1: Self = _
pub const NO_DTLSV1: Self = _
Disables the use of DTLSv1.0
Requires OpenSSL 1.0.2 or LibreSSL 3.3.2 or newer.
sourcepub const NO_DTLSV1_2: Self = _
pub const NO_DTLSV1_2: Self = _
Disables the use of DTLSv1.2.
Requires OpenSSL 1.0.2 or LibreSSL 3.3.2 or newer.
sourcepub const NO_SSL_MASK: Self = _
pub const NO_SSL_MASK: Self = _
Disables the use of all (D)TLS protocol versions.
This can be used as a mask when whitelisting protocol versions.
Requires OpenSSL 1.0.2 or newer.
§Examples
Only support TLSv1.2:
use openssl::ssl::SslOptions;
let options = SslOptions::NO_SSL_MASK & !SslOptions::NO_TLSV1_2;
sourcepub const NO_RENEGOTIATION: Self = _
pub const NO_RENEGOTIATION: Self = _
Disallow all renegotiation in TLSv1.2 and earlier.
Requires OpenSSL 1.1.0h or newer.
sourcepub const ENABLE_MIDDLEBOX_COMPAT: Self = _
pub const ENABLE_MIDDLEBOX_COMPAT: Self = _
Enable TLSv1.3 Compatibility mode.
Requires OpenSSL 1.1.1 or newer. This is on by default in 1.1.1, but a future version may have this disabled by default.
sourcepub const PRIORITIZE_CHACHA: Self = _
pub const PRIORITIZE_CHACHA: Self = _
Prioritize ChaCha ciphers when preferred by clients.
Temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers.
Requires enable SslOptions::CIPHER_SERVER_PREFERENCE
.
Requires OpenSSL 1.1.1 or newer.
source§impl SslOptions
impl SslOptions
sourcepub const fn bits(&self) -> u64
pub const fn bits(&self) -> u64
Get the underlying bits value.
The returned value is exactly the bits set in this flags value.
sourcepub const fn from_bits(bits: u64) -> Option<Self>
pub const fn from_bits(bits: u64) -> Option<Self>
Convert from a bits value.
This method will return None
if any unknown bits are set.
sourcepub const fn from_bits_truncate(bits: u64) -> Self
pub const fn from_bits_truncate(bits: u64) -> Self
Convert from a bits value, unsetting any unknown bits.
sourcepub const fn from_bits_retain(bits: u64) -> Self
pub const fn from_bits_retain(bits: u64) -> Self
Convert from a bits value exactly.
sourcepub fn from_name(name: &str) -> Option<Self>
pub fn from_name(name: &str) -> Option<Self>
Get a flags value with the bits of a flag with the given name set.
This method will return None
if name
is empty or doesn’t
correspond to any named flag.
sourcepub const fn intersects(&self, other: Self) -> bool
pub const fn intersects(&self, other: Self) -> bool
Whether any set bits in a source flags value are also set in a target flags value.
sourcepub const fn contains(&self, other: Self) -> bool
pub const fn contains(&self, other: Self) -> bool
Whether all set bits in a source flags value are also set in a target flags value.
sourcepub fn remove(&mut self, other: Self)
pub fn remove(&mut self, other: Self)
The intersection of a source flags value with the complement of a target flags value (&!
).
This method is not equivalent to self & !other
when other
has unknown bits set.
remove
won’t truncate other
, but the !
operator will.
sourcepub fn toggle(&mut self, other: Self)
pub fn toggle(&mut self, other: Self)
The bitwise exclusive-or (^
) of the bits in two flags values.
sourcepub fn set(&mut self, other: Self, value: bool)
pub fn set(&mut self, other: Self, value: bool)
Call insert
when value
is true
or remove
when value
is false
.
sourcepub const fn intersection(self, other: Self) -> Self
pub const fn intersection(self, other: Self) -> Self
The bitwise and (&
) of the bits in two flags values.
sourcepub const fn union(self, other: Self) -> Self
pub const fn union(self, other: Self) -> Self
The bitwise or (|
) of the bits in two flags values.
sourcepub const fn difference(self, other: Self) -> Self
pub const fn difference(self, other: Self) -> Self
The intersection of a source flags value with the complement of a target flags value (&!
).
This method is not equivalent to self & !other
when other
has unknown bits set.
difference
won’t truncate other
, but the !
operator will.
sourcepub const fn symmetric_difference(self, other: Self) -> Self
pub const fn symmetric_difference(self, other: Self) -> Self
The bitwise exclusive-or (^
) of the bits in two flags values.
sourcepub const fn complement(self) -> Self
pub const fn complement(self) -> Self
The bitwise negation (!
) of the bits in a flags value, truncating the result.
source§impl SslOptions
impl SslOptions
sourcepub const fn iter(&self) -> Iter<SslOptions>
pub const fn iter(&self) -> Iter<SslOptions>
Yield a set of contained flags values.
Each yielded flags value will correspond to a defined named flag. Any unknown bits will be yielded together as a final flags value.
sourcepub const fn iter_names(&self) -> IterNames<SslOptions>
pub const fn iter_names(&self) -> IterNames<SslOptions>
Yield a set of contained named flags values.
This method is like iter
, except only yields bits in contained named flags.
Any unknown bits, or bits not corresponding to a contained flag will not be yielded.
Trait Implementations§
source§impl Binary for SslOptions
impl Binary for SslOptions
source§impl BitAnd for SslOptions
impl BitAnd for SslOptions
source§impl BitAndAssign for SslOptions
impl BitAndAssign for SslOptions
source§fn bitand_assign(&mut self, other: Self)
fn bitand_assign(&mut self, other: Self)
The bitwise and (&
) of the bits in two flags values.
source§impl BitOr for SslOptions
impl BitOr for SslOptions
source§fn bitor(self, other: SslOptions) -> Self
fn bitor(self, other: SslOptions) -> Self
The bitwise or (|
) of the bits in two flags values.
§type Output = SslOptions
type Output = SslOptions
|
operator.source§impl BitOrAssign for SslOptions
impl BitOrAssign for SslOptions
source§fn bitor_assign(&mut self, other: Self)
fn bitor_assign(&mut self, other: Self)
The bitwise or (|
) of the bits in two flags values.
source§impl BitXor for SslOptions
impl BitXor for SslOptions
source§impl BitXorAssign for SslOptions
impl BitXorAssign for SslOptions
source§fn bitxor_assign(&mut self, other: Self)
fn bitxor_assign(&mut self, other: Self)
The bitwise exclusive-or (^
) of the bits in two flags values.
source§impl Clone for SslOptions
impl Clone for SslOptions
source§fn clone(&self) -> SslOptions
fn clone(&self) -> SslOptions
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for SslOptions
impl Debug for SslOptions
source§impl Extend<SslOptions> for SslOptions
impl Extend<SslOptions> for SslOptions
source§fn extend<T: IntoIterator<Item = Self>>(&mut self, iterator: T)
fn extend<T: IntoIterator<Item = Self>>(&mut self, iterator: T)
The bitwise or (|
) of the bits in each flags value.
source§fn extend_one(&mut self, item: A)
fn extend_one(&mut self, item: A)
extend_one
)source§fn extend_reserve(&mut self, additional: usize)
fn extend_reserve(&mut self, additional: usize)
extend_one
)source§impl Flags for SslOptions
impl Flags for SslOptions
source§const FLAGS: &'static [Flag<SslOptions>] = _
const FLAGS: &'static [Flag<SslOptions>] = _
source§fn from_bits_retain(bits: u64) -> SslOptions
fn from_bits_retain(bits: u64) -> SslOptions
source§fn from_bits_truncate(bits: Self::Bits) -> Self
fn from_bits_truncate(bits: Self::Bits) -> Self
source§fn from_name(name: &str) -> Option<Self>
fn from_name(name: &str) -> Option<Self>
source§fn iter_names(&self) -> IterNames<Self>
fn iter_names(&self) -> IterNames<Self>
source§fn intersects(&self, other: Self) -> boolwhere
Self: Sized,
fn intersects(&self, other: Self) -> boolwhere
Self: Sized,
source§fn contains(&self, other: Self) -> boolwhere
Self: Sized,
fn contains(&self, other: Self) -> boolwhere
Self: Sized,
source§fn insert(&mut self, other: Self)where
Self: Sized,
fn insert(&mut self, other: Self)where
Self: Sized,
|
) of the bits in two flags values.source§fn remove(&mut self, other: Self)where
Self: Sized,
fn remove(&mut self, other: Self)where
Self: Sized,
&!
). Read moresource§fn toggle(&mut self, other: Self)where
Self: Sized,
fn toggle(&mut self, other: Self)where
Self: Sized,
^
) of the bits in two flags values.source§fn intersection(self, other: Self) -> Self
fn intersection(self, other: Self) -> Self
&
) of the bits in two flags values.source§fn difference(self, other: Self) -> Self
fn difference(self, other: Self) -> Self
&!
). Read moresource§fn symmetric_difference(self, other: Self) -> Self
fn symmetric_difference(self, other: Self) -> Self
^
) of the bits in two flags values.source§fn complement(self) -> Self
fn complement(self) -> Self
!
) of the bits in a flags value, truncating the result.source§impl FromIterator<SslOptions> for SslOptions
impl FromIterator<SslOptions> for SslOptions
source§fn from_iter<T: IntoIterator<Item = Self>>(iterator: T) -> Self
fn from_iter<T: IntoIterator<Item = Self>>(iterator: T) -> Self
The bitwise or (|
) of the bits in each flags value.
source§impl Hash for SslOptions
impl Hash for SslOptions
source§impl IntoIterator for SslOptions
impl IntoIterator for SslOptions
source§impl LowerHex for SslOptions
impl LowerHex for SslOptions
source§impl Not for SslOptions
impl Not for SslOptions
source§impl Octal for SslOptions
impl Octal for SslOptions
source§impl Ord for SslOptions
impl Ord for SslOptions
source§fn cmp(&self, other: &SslOptions) -> Ordering
fn cmp(&self, other: &SslOptions) -> Ordering
1.21.0 · source§fn max(self, other: Self) -> Selfwhere
Self: Sized,
fn max(self, other: Self) -> Selfwhere
Self: Sized,
source§impl PartialEq for SslOptions
impl PartialEq for SslOptions
source§impl PartialOrd for SslOptions
impl PartialOrd for SslOptions
source§impl PublicFlags for SslOptions
impl PublicFlags for SslOptions
source§impl Sub for SslOptions
impl Sub for SslOptions
source§fn sub(self, other: Self) -> Self
fn sub(self, other: Self) -> Self
The intersection of a source flags value with the complement of a target flags value (&!
).
This method is not equivalent to self & !other
when other
has unknown bits set.
difference
won’t truncate other
, but the !
operator will.
§type Output = SslOptions
type Output = SslOptions
-
operator.source§impl SubAssign for SslOptions
impl SubAssign for SslOptions
source§fn sub_assign(&mut self, other: Self)
fn sub_assign(&mut self, other: Self)
The intersection of a source flags value with the complement of a target flags value (&!
).
This method is not equivalent to self & !other
when other
has unknown bits set.
difference
won’t truncate other
, but the !
operator will.
source§impl UpperHex for SslOptions
impl UpperHex for SslOptions
impl Copy for SslOptions
impl Eq for SslOptions
impl StructuralPartialEq for SslOptions
Auto Trait Implementations§
impl Freeze for SslOptions
impl RefUnwindSafe for SslOptions
impl Send for SslOptions
impl Sync for SslOptions
impl Unpin for SslOptions
impl UnwindSafe for SslOptions
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
source§default unsafe fn clone_to_uninit(&self, dst: *mut T)
default unsafe fn clone_to_uninit(&self, dst: *mut T)
clone_to_uninit
)source§impl<T> CloneToUninit for Twhere
T: Copy,
impl<T> CloneToUninit for Twhere
T: Copy,
source§unsafe fn clone_to_uninit(&self, dst: *mut T)
unsafe fn clone_to_uninit(&self, dst: *mut T)
clone_to_uninit
)