Async TLS for the Tokio runtime
Go to file
Brian Picciano 3d462a1d97 Add into_inner method to StartHandshake
This allows for recovering the underlying raw connection, even though
it's had the ClientHello read off of it already.
2023-07-27 12:46:27 +02:00
.github/workflows Trigger CI run on push to main 2023-06-12 10:25:33 +01:00
examples Move tokio-rustls to top level 2023-05-31 17:09:52 +02:00
scripts Move tokio-rustls to top level 2023-05-31 17:09:52 +02:00
src Add into_inner method to StartHandshake 2023-07-27 12:46:27 +02:00
tests Merge branch 'master' for take_io() 2023-06-06 09:23:44 +02:00
.gitignore Auto-generate TLS server certificate for unix platform (#8) 2020-04-03 10:16:23 -04:00
Cargo.toml Update MSRV to 1.60 and test it 2023-06-12 10:25:33 +01:00
LICENSE-APACHE Move tokio-rustls to top level 2023-05-31 17:09:52 +02:00
LICENSE-MIT Move tokio-rustls to top level 2023-05-31 17:09:52 +02:00
README.md Update links in README 2023-05-31 17:09:52 +02:00

tokio-rustls

github actions crates license license docs.rs

Asynchronous TLS/SSL streams for Tokio using Rustls.

Basic Structure of a Client

use std::sync::Arc;
use tokio::net::TcpStream;
use tokio_rustls::rustls::{ClientConfig, OwnedTrustAnchor, RootCertStore, ServerName};
use tokio_rustls::TlsConnector;

// ...

let mut root_cert_store = RootCertStore::empty();
root_cert_store.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
    OwnedTrustAnchor::from_subject_spki_name_constraints(
        ta.subject,
        ta.spki,
        ta.name_constraints,
    )
}));
let config = ClientConfig::builder()
    .with_safe_defaults()
    .with_root_certificates(root_cert_store)
    .with_no_client_auth();
let connector = TlsConnector::from(Arc::new(config));
let dnsname = ServerName::try_from("www.rust-lang.org").unwrap();

let stream = TcpStream::connect(&addr).await?;
let mut stream = connector.connect(dnsname, stream).await?;

// ...

Client Example Program

See examples/client. You can run it with:

cd examples/client
cargo run -- hsts.badssl.com

Server Example Program

See examples/server. You can run it with:

cd examples/server
cargo run -- 127.0.0.1:8000 --cert mycert.der --key mykey.der

License & Origin

This project is licensed under either of

at your option.

This started as a fork of tokio-tls.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in tokio-rustls by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.