min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
boring2/tokio-boring/README.md

68 lines
2.1 KiB
Markdown
Raw Blame History

# tokio-boring
An implementation of SSL streams for Tokio built on top of the BoringSSL.
[Documentation](https://docs.rs/tokio-boring)
## Usage
First, add this to your `Cargo.toml`:
```toml
[dependencies]
tokio-boring = "1.0.0"
```
Then, use either `accept` or `connect` as appropriate.
```rust
use boring::ssl;
use tokio::net::TcpListener;
#[tokio::main]
async fn main() -> anyhow::Result<()> {
let listener = TcpListener::bind("127.0.0.1:8080").await?;
let (tcp_stream, _addr) = listener.accept().await?;
let server = ssl::SslMethod::tls_server();
let mut ssl_builder = boring2::ssl::SslAcceptor::mozilla_modern(server)?;
ssl_builder.set_default_verify_paths()?;
ssl_builder.set_verify(ssl::SslVerifyMode::PEER);
let acceptor = ssl_builder.build();
let _ssl_stream = tokio_boring::accept(&acceptor, tcp_stream).await?;
Ok(())
}
```
This library is an implementation of TLS streams using BoringSSL for
negotiating the connection. Each TLS stream implements the `Read` and
`Write` traits to interact and interoperate with the rest of the futures I/O
ecosystem. Client connections initiated from this crate verify hostnames
automatically and by default.
`tokio-boring` exports this ability through [`accept`] and [`connect`]. `accept` should
be used by servers, and `connect` by clients. These augment the functionality provided by the
[`boring`] crate, on which this crate is built. Configuration of TLS parameters is still
primarily done through the [`boring`] crate.
# License
This project is licensed under either of
* Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or
http://www.apache.org/licenses/LICENSE-2.0)
* MIT license ([LICENSE-MIT](LICENSE-MIT) or
http://opensource.org/licenses/MIT)
at your option.
### Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in Serde by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.
## Accolades
The project is based on a fork of [tokio-openssl](https://github.com/sfackler/tokio-openssl).
Reference in New Issue View Git Blame Copy Permalink