Lib.rs

Network programming | Cryptography
#tls #tls-client #tls-connector #secure #openssl #native #platform

native-tls

A wrapper over a platform's native TLS implementation

by Steven Fackler and 37 contributors

20 releases

Uses old Rust 2015

0.2.13 Jan 25, 2025
0.2.12 May 27, 2024
0.2.11 Nov 1, 2022
0.2.10 Mar 28, 2022
0.1.0 Nov 9, 2016

#28 in Cryptography

Download history 1103127/week @ 2024-10-29 1094222/week @ 2024-11-05 1115358/week @ 2024-11-12 1111403/week @ 2024-11-19 961287/week @ 2024-11-26 1157583/week @ 2024-12-03 1397371/week @ 2024-12-10 1008419/week @ 2024-12-17 531203/week @ 2024-12-24 728155/week @ 2024-12-31 1280998/week @ 2025-01-07 1286201/week @ 2025-01-14 1194568/week @ 2025-01-21 1298354/week @ 2025-01-28 1436128/week @ 2025-02-04 1414468/week @ 2025-02-11

5,517,593 downloads per month
Used in 4,624 crates (558 directly)

MIT/Apache

100KB
2.5K SLoC

rust-native-tls

Documentation

An abstraction over platform-specific TLS implementations.

Specifically, this crate uses SChannel on Windows (via the schannel crate), Secure Transport on macOS (via the security-framework crate), and OpenSSL (via the openssl crate) on all other platforms.

Installation

# Cargo.toml
[dependencies]
native-tls = "0.2"

Usage

An example client looks like:

extern crate native_tls;

use native_tls::TlsConnector;
use std::io::{Read, Write};
use std::net::TcpStream;

fn main() {
    let connector = TlsConnector::new().unwrap();

    let stream = TcpStream::connect("google.com:443").unwrap();
    let mut stream = connector.connect("google.com", stream).unwrap();

    stream.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap();
    let mut res = vec![];
    stream.read_to_end(&mut res).unwrap();
    println!("{}", String::from_utf8_lossy(&res));
}

To accept connections as a server from remote clients:

extern crate native_tls;

use native_tls::{Identity, TlsAcceptor, TlsStream};
use std::fs::File;
use std::io::{Read};
use std::net::{TcpListener, TcpStream};
use std::sync::Arc;
use std::thread;

fn main() {
    let mut file = File::open("identity.pfx").unwrap();
    let mut identity = vec![];
    file.read_to_end(&mut identity).unwrap();
    let identity = Identity::from_pkcs12(&identity, "hunter2").unwrap();

    let acceptor = TlsAcceptor::new(identity).unwrap();
    let acceptor = Arc::new(acceptor);

    let listener = TcpListener::bind("0.0.0.0:8443").unwrap();

    fn handle_client(stream: TlsStream<TcpStream>) {
        // ...
    }

    for stream in listener.incoming() {
        match stream {
            Ok(stream) => {
                let acceptor = acceptor.clone();
                thread::spawn(move || {
                    let stream = acceptor.accept(stream).unwrap();
                    handle_client(stream);
                });
            }
            Err(e) => { /* connection failed */ }
        }
    }
}

License

rust-native-tls is primarily distributed under the terms of both the MIT license and the Apache License (Version 2.0), with portions covered by various BSD-like licenses.

See LICENSE-APACHE, and LICENSE-MIT for details.

Dependencies

~0–9.5MB
~113K SLoC

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy