pub struct AllowAnyAnonymousOrAuthenticatedClient { /* private fields */ }
Expand description
A ClientCertVerifier
that will allow both anonymous and authenticated
clients, without any name checking.
Client authentication will be requested during the TLS handshake. If the
client offers a certificate then this acts like
AllowAnyAuthenticatedClient
, otherwise this acts like NoClientAuth
.
Implementations
sourceimpl AllowAnyAnonymousOrAuthenticatedClient
impl AllowAnyAnonymousOrAuthenticatedClient
sourcepub fn new(roots: RootCertStore) -> Arc<dyn ClientCertVerifier>
pub fn new(roots: RootCertStore) -> Arc<dyn ClientCertVerifier>
Construct a new AllowAnyAnonymousOrAuthenticatedClient
.
roots
is the list of trust anchors to use for certificate validation.
Trait Implementations
sourceimpl ClientCertVerifier for AllowAnyAnonymousOrAuthenticatedClient
impl ClientCertVerifier for AllowAnyAnonymousOrAuthenticatedClient
sourcefn offer_client_auth(&self) -> bool
fn offer_client_auth(&self) -> bool
Returns true
to enable the server to request a client certificate and
false
to skip requesting a client certificate. Defaults to true
. Read more
sourcefn client_auth_mandatory(&self) -> Option<bool>
fn client_auth_mandatory(&self) -> Option<bool>
Return Some(true)
to require a client certificate and Some(false)
to make
client authentication optional. Return None
to abort the connection.
Defaults to Some(self.offer_client_auth())
. Read more
sourcefn client_auth_root_subjects(&self) -> Option<DistinguishedNames>
fn client_auth_root_subjects(&self) -> Option<DistinguishedNames>
Returns the subject names of the client authentication trust anchors to share with the client when requesting client authentication. Read more
sourcefn verify_client_cert(
&self,
end_entity: &Certificate,
intermediates: &[Certificate],
now: SystemTime
) -> Result<ClientCertVerified, Error>
fn verify_client_cert(
&self,
end_entity: &Certificate,
intermediates: &[Certificate],
now: SystemTime
) -> Result<ClientCertVerified, Error>
Verify the end-entity certificate end_entity
is valid for the
and chains to at least one of the trust anchors in roots
. Read more
sourcefn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
sourcefn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
sourcefn supported_verify_schemes(&self) -> Vec<SignatureScheme>
fn supported_verify_schemes(&self) -> Vec<SignatureScheme>
Return the list of SignatureSchemes that this verifier will handle,
in verify_tls12_signature
and verify_tls13_signature
calls. Read more
Auto Trait Implementations
impl RefUnwindSafe for AllowAnyAnonymousOrAuthenticatedClient
impl Send for AllowAnyAnonymousOrAuthenticatedClient
impl Sync for AllowAnyAnonymousOrAuthenticatedClient
impl Unpin for AllowAnyAnonymousOrAuthenticatedClient
impl UnwindSafe for AllowAnyAnonymousOrAuthenticatedClient
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more