Async TLS for the Tokio runtime
eccf90a534
The singular purpose of this crate should be to integrate Tokio and Rustls. Therefore, any feature that isn't about making Rustls work nicely with Tokio should be assumed a priori to be out of scope. In particular, it is out of scope for tokio-rustls to provide APIs to control SNI behavior. Instead, the application should configure Rustls's SNI behavior using Rustls's configuration APIs, and pass the configuration to tokio-rustls. Similarly, it is out of scope for tokio-rustls to provide APIs to control the certificate validation behavior. Instead, the application should configure certificate validation using Rustls's APIs. Perhaps there should be a crate that makes it convenient to do "dangerous" certificate validation, but IMO that shouldn't be tokio-rustls, but a different one. FWIW, the `danger` API was inherited from tokio-tls, and I'm working on making an analogous change there. |
||
---|---|---|
examples | ||
src | ||
tests | ||
.gitignore | ||
.gitjournal.toml | ||
.travis.yml | ||
appveyor.yml | ||
Cargo.toml | ||
LICENSE-APACHE | ||
LICENSE-MIT | ||
README.md |
tokio-rustls
Asynchronous TLS/SSL streams for Tokio using Rustls.
Basic Structure of a Client
use rustls::ClientConfig;
use tokio_rustls::ClientConfigExt;
// ...
let mut config = ClientConfig::new();
config.root_store.add_trust_anchors(&webpki_roots::ROOTS);
let config = Arc::new(config);
TcpStream::connect(&addr, &handle)
.and_then(|socket| config.connect_async("www.rust-lang.org", socket))
// ...
Client Example Program
See examples/client.rs. You can run it with:
cargo run --example client hsts.badssl.com
Currently on Windows the example client reads from stdin and writes to stdout using blocking I/O. Until this is fixed, do something this on Windows:
echo | cargo run --example client hsts.badssl.com
Server Example Program
See examples/server.rs. You can run it with:
cargo run --example server -- 127.0.0.1 --cert mycert.der --key mykey.der
License & Origin
tokio-rustls is primarily distributed under the terms of both the MIT license and the Apache License (Version 2.0), with portions covered by various BSD-like licenses.
This started as a fork of tokio-tls.