5 releases
Uses new Rust 2024
| 0.2.3 | Aug 11, 2025 |
|---|---|
| 0.2.2 | Aug 11, 2025 |
| 0.2.1 | Aug 11, 2025 |
| 0.2.0 | Aug 11, 2025 |
| 0.1.0 | Aug 1, 2025 |
#2 in #ktls
26 downloads per month
Used in tonic-tls
30KB
530 lines
openssl-ktls
Use openssl with kernel TLS offload, optionally with tokio.
This crate implements sync SslStream and async tokio SslStream that are ktls capable, extending the openssl crate.
Get started
Add to Cargo.toml
openssl-ktls = { version = "*", default-features = false, features = ["tokio", "vendored"]}
- feature
tokioenables tokio based async SslStream. - feature
vendoredenableds build openssl from source with ktls enabled. If your system openssl is already built with ktls enabled, you can skip this feature.
Examples
SslStream works the same way as openssl::ssl::SslStream.
let mut connector =
openssl::ssl::SslConnector::builder(openssl::ssl::SslMethod::tls()).unwrap();
let connector = connector.set_options(openssl_ktls::option::SSL_OP_ENABLE_KTLS)
.set_cipher_list(openssl_ktls::option::ECDHE_RSA_AES128_GCM_SHA256).unwrap()
.configure().unwrap();
let ssl = connector.into_ssl("localhost").unwrap();
let tcp_stream = tokio::net::TcpStream::connect("localhost:8080").await.unwrap();
let mut ssl_stream = openssl_ktls::TokioSslStream::new(tcp_stream, ssl).unwrap();
// read and write data on ssl_stream...
// check ktls is used.
let receive_enabled = ssl_s.ktls_recv_enabled();
let send_enabled = ssl_s.ktls_send_enabled();
License
This project is licensed under the MIT license.
Dependencies
~4–16MB
~181K SLoC