Struct openssl::ssl::SslOptions

pub struct SslOptions { /* fields omitted */ }

Options controlling the behavior of an SslContext.

Implementations

impl SslOptions

pub const DONT_INSERT_EMPTY_FRAGMENTS: SslOptions

Disables a countermeasure against an SSLv3/TLSv1.0 vulnerability affecting CBC ciphers.

pub const ALL: SslOptions

A “reasonable default” set of options which enables compatibility flags.

pub const NO_QUERY_MTU: SslOptions

Do not query the MTU.

Only affects DTLS connections.

pub const COOKIE_EXCHANGE: SslOptions

Enables Cookie Exchange as described in RFC 4347 Section 4.2.1.

Only affects DTLS connections.

pub const NO_TICKET: SslOptions

Disables the use of session tickets for session resumption.

pub const NO_SESSION_RESUMPTION_ON_RENEGOTIATION: SslOptions

Always start a new session when performing a renegotiation on the server side.

pub const NO_COMPRESSION: SslOptions

Disables the use of TLS compression.

pub const ALLOW_UNSAFE_LEGACY_RENEGOTIATION: SslOptions

Allow legacy insecure renegotiation with servers or clients that do not support secure renegotiation.

pub const SINGLE_ECDH_USE: SslOptions

Creates a new key for each session when using ECDHE.

This is always enabled in OpenSSL 1.1.0.

pub const SINGLE_DH_USE: SslOptions

Creates a new key for each session when using DHE.

This is always enabled in OpenSSL 1.1.0.

pub const CIPHER_SERVER_PREFERENCE: SslOptions

Use the server’s preferences rather than the client’s when selecting a cipher.

This has no effect on the client side.

pub const TLS_ROLLBACK_BUG: SslOptions

Disables version rollback attach detection.

pub const NO_SSLV2: SslOptions

Disables the use of SSLv2.

pub const NO_SSLV3: SslOptions

Disables the use of SSLv3.

pub const NO_TLSV1: SslOptions

Disables the use of TLSv1.0.

pub const NO_TLSV1_1: SslOptions

Disables the use of TLSv1.1.

pub const NO_TLSV1_2: SslOptions

Disables the use of TLSv1.2.

pub const NO_TLSV1_3: SslOptions

Disables the use of TLSv1.3.

Requires OpenSSL 1.1.1 or newer.

pub const NO_DTLSV1: SslOptions

Disables the use of DTLSv1.0

Requires OpenSSL 1.0.2 or newer.

pub const NO_DTLSV1_2: SslOptions

Disables the use of DTLSv1.2.

Requires OpenSSL 1.0.2, or newer.

pub const NO_SSL_MASK: SslOptions

Disables the use of all (D)TLS protocol versions.

This can be used as a mask when whitelisting protocol versions.

Requires OpenSSL 1.0.2 or newer.

Examples

Only support TLSv1.2:

use openssl::ssl::SslOptions;

let options = SslOptions::NO_SSL_MASK & !SslOptions::NO_TLSV1_2;

pub const ENABLE_MIDDLEBOX_COMPAT: SslOptions

Enable TLSv1.3 Compatibility mode.

Requires OpenSSL 1.1.1 or newer. This is on by default in 1.1.1, but a future version may have this disabled by default.

pub const fn empty() -> SslOptions

Returns an empty set of flags

pub const fn all() -> SslOptions

Returns the set containing all flags.

pub const fn bits(&self) -> c_ulong

Returns the raw value of the flags currently stored.

pub fn from_bits(bits: c_ulong) -> Option<SslOptions>

Convert from underlying bit representation, unless that representation contains bits that do not correspond to a flag.

pub const fn from_bits_truncate(bits: c_ulong) -> SslOptions

Convert from underlying bit representation, dropping any bits that do not correspond to flags.

pub const unsafe fn from_bits_unchecked(bits: c_ulong) -> SslOptions

Convert from underlying bit representation, preserving all bits (even those not corresponding to a defined flag).

pub const fn is_empty(&self) -> bool

Returns true if no flags are currently stored.

pub const fn is_all(&self) -> bool

Returns true if all flags are currently set.

pub const fn intersects(&self, other: SslOptions) -> bool

Returns true if there are flags common to both self and other.

pub const fn contains(&self, other: SslOptions) -> bool

Returns true all of the flags in other are contained within self.

pub fn insert(&mut self, other: SslOptions)

Inserts the specified flags in-place.

pub fn remove(&mut self, other: SslOptions)

Removes the specified flags in-place.

pub fn toggle(&mut self, other: SslOptions)

Toggles the specified flags in-place.

pub fn set(&mut self, other: SslOptions, value: bool)

Inserts or removes the specified flags depending on the passed value.

Trait Implementations

impl Binary for SslOptions

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl BitAnd<SslOptions> for SslOptions

type Output = SslOptions

The resulting type after applying the & operator.

fn bitand(self, other: SslOptions) -> SslOptions

Returns the intersection between the two sets of flags.

impl BitAndAssign<SslOptions> for SslOptions

fn bitand_assign(&mut self, other: SslOptions)

Disables all flags disabled in the set.

impl BitOr<SslOptions> for SslOptions

type Output = SslOptions

The resulting type after applying the | operator.

fn bitor(self, other: SslOptions) -> SslOptions

Returns the union of the two sets of flags.

impl BitOrAssign<SslOptions> for SslOptions

fn bitor_assign(&mut self, other: SslOptions)

Adds the set of flags.

impl BitXor<SslOptions> for SslOptions

type Output = SslOptions

The resulting type after applying the ^ operator.

fn bitxor(self, other: SslOptions) -> SslOptions

Returns the left flags, but with all the right flags toggled.

impl BitXorAssign<SslOptions> for SslOptions

fn bitxor_assign(&mut self, other: SslOptions)

Toggles the set of flags.

impl Clone for SslOptions

fn clone(&self) -> SslOptions

Returns a copy of the value.

pub fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Copy for SslOptions

impl Debug for SslOptions

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Eq for SslOptions

impl Extend<SslOptions> for SslOptions

fn extend<T: IntoIterator<Item = SslOptions>>(&mut self, iterator: T)

Extends a collection with the contents of an iterator.

pub fn extend_one(&mut self, item: A)

🔬 This is a nightly-only experimental API. (extend_one)

Extends a collection with exactly one element.

pub fn extend_reserve(&mut self, additional: usize)

🔬 This is a nightly-only experimental API. (extend_one)

Reserves capacity in a collection for the given number of additional elements.

impl FromIterator<SslOptions> for SslOptions

fn from_iter<T: IntoIterator<Item = SslOptions>>(iterator: T) -> SslOptions

Creates a value from an iterator.

impl Hash for SslOptions

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

pub fn hash_slice<H>(data: &[Self], state: &mut H) where
    H: Hasher, 

Feeds a slice of this type into the given Hasher.

impl LowerHex for SslOptions

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Not for SslOptions

type Output = SslOptions

The resulting type after applying the ! operator.

fn not(self) -> SslOptions

Returns the complement of this set of flags.

impl Octal for SslOptions

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Ord for SslOptions

fn cmp(&self, other: &SslOptions) -> Ordering

This method returns an Ordering between self and other.

#[must_use]pub fn max(self, other: Self) -> Self

Compares and returns the maximum of two values.

#[must_use]pub fn min(self, other: Self) -> Self

Compares and returns the minimum of two values.

#[must_use]pub fn clamp(self, min: Self, max: Self) -> Self

Restrict a value to a certain interval.

impl PartialEq<SslOptions> for SslOptions

fn eq(&self, other: &SslOptions) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &SslOptions) -> bool

This method tests for !=.

impl PartialOrd<SslOptions> for SslOptions

fn partial_cmp(&self, other: &SslOptions) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

#[must_use]pub fn lt(&self, other: &Rhs) -> bool

This method tests less than (for self and other) and is used by the < operator.

#[must_use]pub fn le(&self, other: &Rhs) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator.

#[must_use]pub fn gt(&self, other: &Rhs) -> bool

This method tests greater than (for self and other) and is used by the > operator.

#[must_use]pub fn ge(&self, other: &Rhs) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator.

impl StructuralEq for SslOptions

impl StructuralPartialEq for SslOptions

impl Sub<SslOptions> for SslOptions

type Output = SslOptions

The resulting type after applying the - operator.

fn sub(self, other: SslOptions) -> SslOptions

Returns the set difference of the two sets of flags.

impl SubAssign<SslOptions> for SslOptions

fn sub_assign(&mut self, other: SslOptions)

Disables all flags enabled in the set.

impl UpperHex for SslOptions

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.