From d905fd301d9a7984be1b16d956aaf6e38a0e8c1f Mon Sep 17 00:00:00 2001 From: Yuchen Wu Date: Mon, 14 Aug 2023 18:42:12 -0700 Subject: [PATCH] Provide into_ssl() for ConnectConfiguration Port from openssl-rs. --- boring/src/ssl/connector.rs | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/boring/src/ssl/connector.rs b/boring/src/ssl/connector.rs index 7be740d3..6bb58dab 100644 --- a/boring/src/ssl/connector.rs +++ b/boring/src/ssl/connector.rs @@ -8,6 +8,7 @@ use crate::ssl::{ SslOptions, SslRef, SslStream, SslVerifyMode, }; use crate::version; +use std::net::IpAddr; const FFDHE_2048: &str = " -----BEGIN DH PARAMETERS----- @@ -189,14 +190,11 @@ impl ConnectConfiguration { self.verify_hostname = verify_hostname; } - /// Initiates a client-side TLS session on a stream. + /// Returns an `Ssl` configured to connect to the provided domain. /// - /// The domain is used for SNI and hostname verification if enabled. - pub fn connect(mut self, domain: &str, stream: S) -> Result, HandshakeError> - where - S: Read + Write, - { - if self.sni { + /// The domain is used for SNI (if it is not an IP address) and hostname verification if enabled. + pub fn into_ssl(mut self, domain: &str) -> Result { + if self.sni && domain.parse::().is_err() { self.ssl.set_hostname(domain)?; } @@ -210,7 +208,17 @@ impl ConnectConfiguration { setup_verify_hostname(&mut self.ssl, domain)?; } - self.ssl.connect(stream) + Ok(self.ssl) + } + + /// Initiates a client-side TLS session on a stream. + /// + /// The domain is used for SNI (if it is not an IP address) and hostname verification if enabled. + pub fn connect(self, domain: &str, stream: S) -> Result, HandshakeError> + where + S: Read + Write, + { + self.into_ssl(domain)?.connect(stream) } }