pub struct SslOptions { /* fields omitted */ }

Options controlling the behavior of an SslContext.


impl SslOptions[src]

pub const DONT_INSERT_EMPTY_FRAGMENTS: SslOptions[src]

Disables a countermeasure against an SSLv3/TLSv1.0 vulnerability affecting CBC ciphers.

pub const ALL: SslOptions[src]

A "reasonable default" set of options which enables compatibility flags.

pub const NO_QUERY_MTU: SslOptions[src]

Do not query the MTU.

Only affects DTLS connections.

pub const COOKIE_EXCHANGE: SslOptions[src]

Enables Cookie Exchange as described in RFC 4347 Section 4.2.1.

Only affects DTLS connections.

pub const NO_TICKET: SslOptions[src]

Disables the use of session tickets for session resumption.


Always start a new session when performing a renegotiation on the server side.

pub const NO_COMPRESSION: SslOptions[src]

Disables the use of TLS compression.


Allow legacy insecure renegotiation with servers or clients that do not support secure renegotiation.

pub const SINGLE_ECDH_USE: SslOptions[src]

Creates a new key for each session when using ECDHE.

This is always enabled in OpenSSL 1.1.0.

pub const SINGLE_DH_USE: SslOptions[src]

Creates a new key for each session when using DHE.

This is always enabled in OpenSSL 1.1.0.

pub const CIPHER_SERVER_PREFERENCE: SslOptions[src]

Use the server's preferences rather than the client's when selecting a cipher.

This has no effect on the client side.

pub const TLS_ROLLBACK_BUG: SslOptions[src]

Disables version rollback attach detection.

pub const NO_SSLV2: SslOptions[src]

Disables the use of SSLv2.

pub const NO_SSLV3: SslOptions[src]

Disables the use of SSLv3.

pub const NO_TLSV1: SslOptions[src]

Disables the use of TLSv1.0.

pub const NO_TLSV1_1: SslOptions[src]

Disables the use of TLSv1.1.

pub const NO_TLSV1_2: SslOptions[src]

Disables the use of TLSv1.2.

pub const NO_TLSV1_3: SslOptions[src]

Disables the use of TLSv1.3.

Requires OpenSSL 1.1.1 or newer.

pub const NO_DTLSV1: SslOptions[src]

Disables the use of DTLSv1.0

Requires OpenSSL 1.0.2 or newer.

pub const NO_DTLSV1_2: SslOptions[src]

Disables the use of DTLSv1.2.

Requires OpenSSL 1.0.2, or newer.

pub const NO_SSL_MASK: SslOptions[src]

Disables the use of all (D)TLS protocol versions.

This can be used as a mask when whitelisting protocol versions.

Requires OpenSSL 1.0.2 or newer.


Only support TLSv1.2:

use openssl::ssl::SslOptions;

let options = SslOptions::NO_SSL_MASK & !SslOptions::NO_TLSV1_2;

pub const ENABLE_MIDDLEBOX_COMPAT: SslOptions[src]

Enable TLSv1.3 Compatibility mode.

Requires OpenSSL 1.1.1 or newer. This is on by default in 1.1.1, but a future version may have this disabled by default.

pub const fn empty() -> SslOptions[src]

Returns an empty set of flags

pub const fn all() -> SslOptions[src]

Returns the set containing all flags.

pub const fn bits(&self) -> c_ulong[src]

Returns the raw value of the flags currently stored.

pub fn from_bits(bits: c_ulong) -> Option<SslOptions>[src]

Convert from underlying bit representation, unless that representation contains bits that do not correspond to a flag.

pub const fn from_bits_truncate(bits: c_ulong) -> SslOptions[src]

Convert from underlying bit representation, dropping any bits that do not correspond to flags.

pub const unsafe fn from_bits_unchecked(bits: c_ulong) -> SslOptions[src]

Convert from underlying bit representation, preserving all bits (even those not corresponding to a defined flag).

pub const fn is_empty(&self) -> bool[src]

Returns true if no flags are currently stored.

pub const fn is_all(&self) -> bool[src]

Returns true if all flags are currently set.

pub const fn intersects(&self, other: SslOptions) -> bool[src]

Returns true if there are flags common to both self and other.

pub const fn contains(&self, other: SslOptions) -> bool[src]

Returns true all of the flags in other are contained within self.

pub fn insert(&mut self, other: SslOptions)[src]

Inserts the specified flags in-place.

pub fn remove(&mut self, other: SslOptions)[src]

Removes the specified flags in-place.

pub fn toggle(&mut self, other: SslOptions)[src]

Toggles the specified flags in-place.

pub fn set(&mut self, other: SslOptions, value: bool)[src]

Inserts or removes the specified flags depending on the passed value.

