tokio-rustls

Asynchronous TLS/SSL streams for Tokio using Rustls.

Basic Structure of a Client

```rust use std::sync::Arc; use tokio::net::TcpStream; use tokiorustls::rustls::{ClientConfig, OwnedTrustAnchor, RootCertStore, ServerName}; use tokiorustls::TlsConnector;

// ...

let mut rootcertstore = RootCertStore::empty(); rootcertstore.addservertrustanchors(webpkiroots::TLSSERVERROOTS.0.iter().map(|ta| { OwnedTrustAnchor::fromsubjectspkinameconstraints( ta.subject, ta.spki, ta.nameconstraints, ) })); let config = ClientConfig::builder() .withsafedefaults() .withrootcertificates(rootcertstore) .withnoclientauth(); let connector = TlsConnector::from(Arc::new(config)); let dnsname = ServerName::try_from("www.rust-lang.org").unwrap();

let stream = TcpStream::connect(&addr).await?; let mut stream = connector.connect(dnsname, stream).await?;

// ... ```

Client Example Program

See examples/client. You can run it with:

sh cd examples/client cargo run -- hsts.badssl.com

Server Example Program

See examples/server. You can run it with:

sh cd examples/server cargo run -- 127.0.0.1:8000 --cert mycert.der --key mykey.der

License & Origin

This project is licensed under either of

• Apache License, Version 2.0, (LICENSE-APACHE or https://www.apache.org/licenses/LICENSE-2.0)
• MIT license (LICENSE-MIT or https://opensource.org/licenses/MIT)

at your option.

This started as a fork of tokio-tls.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in tokio-rustls by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.