pub struct SendTraffic(/* private fields */);Expand description
The send-side of a connection, after a successful handshake.
You can use this object to send data to the peer.
Implementations§
Source§impl SendTraffic
impl SendTraffic
Sourcepub fn write(&mut self, application_data: OutboundPlain<'_>) -> Vec<Vec<u8>>
pub fn write(&mut self, application_data: OutboundPlain<'_>) -> Vec<Vec<u8>>
Write application data to the peer.
The TLS data to send to the peer is returned. This data should then be communicated to the peer, in order.
Sourcepub fn close(self) -> Vec<Vec<u8>>
pub fn close(self) -> Vec<Vec<u8>>
Conclude sending traffic by sending a close_notify alert.
The alert is written into a Vec which is returned along with any pending data. This data should then be communicated to the peer.
This is the final possible operation with a SendTraffic.
Sourcepub fn take_data(&mut self) -> Vec<Vec<u8>>
pub fn take_data(&mut self) -> Vec<Vec<u8>>
Obtain any pending data to write to the peer.
Any such pending data will be output with any call to SendTraffic::write()
so there is no need to call this function if you have recently written data
using this.
The TLS data to send to the peer is returned. This data should then be communicated to the peer.
This is useful to handle a ReceiveTrafficState::FlushSender event, but
where you don’t have any plaintext to send.
Sourcepub fn refresh_traffic_keys(&mut self) -> Result<(), Error>
pub fn refresh_traffic_keys(&mut self) -> Result<(), Error>
Sends a TLS1.3 key_update message to refresh a connection’s keys.
The main reason to call this manually is to roll keys when it is known a connection will be idle for a long period.
rustls implicitly and automatically refreshes traffic keys when needed according to the selected cipher suite’s cryptographic constraints. There is therefore no need to call this manually to avoid cryptographic keys “wearing out”.
This call refreshes our encryption keys. Once the peer receives the message, it refreshes its encryption and decryption keys and sends a response. Once we receive that response, we refresh our decryption keys to match. At the end of this process, keys in both directions have been refreshed.
Note that this process does not happen synchronously: this call just
arranges that the key_update message will be included in the next
write() output.
This returns an error if a version prior to TLS1.3 is negotiated.
§Usage advice
Note that other implementations (including rustls) may enforce limits on
the number of key_update messages allowed on a given connection to prevent
denial of service. Therefore, this should be called sparingly.