11 releases (7 breaking)
0.8.1 | Jun 29, 2024 |
---|---|
0.7.0 | Apr 4, 2024 |
0.6.0 | Jan 24, 2024 |
0.4.0 | Apr 27, 2023 |
0.1.0 | Jun 7, 2021 |
#1330 in HTTP server
1,553 downloads per month
Used in 8 crates
(7 directly)
78KB
1.5K
SLoC
Welcome to Trillium!
📖 Guide 📖
The guide provides an architectural overview and lay of the land connecting the trillium crates.
📑 Rustdocs 📑
The rustdocs represent the best way to learn about any of trillium's individual crates and the specific interfaces.
Legal:
Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
lib.rs
:
This crate provides rustls trait implementations for trillium client (RustlsConnector
) and
server (RustlsAcceptor
).
Cargo Features
This crate's default features should be appropriate for most users. To pare down on dependencies or customize trillium-rustls' usage of rustls, opt out of default features and reenable the appropriate features for your use case.
server
and client
features
This crate offers a server
feature and a client
feature. Opting out of default features allows
you to avoid building any dependencies for the unused other component. By default, both server
and
client
features are enabled.
Cryptographic backend selection
Rustls supports pluggable cryptographic backends as well as a process-default cryptographic cryptographic backend. There are two built-in feature-enabled cryptographic backends and other community provided cryptographic backends.
⚠️ There are three cryptographic backend cargo features, and they behave differently than the rustls features. Please read the following section.⚠️
trillium-rustls
tries to avoid runtime panics where possible, so compiling this crate without a
valid cryptographic backend will result in a compile time error. To opt into rustls's default
process-default behavior, enable custom-crypto-provider
as described below. Enabling multiple
crypto providers will select exactly one of them at compile time in the following order:
aws-lc-rs
This is the default cryptographic backend in concordance with rustls' default. This backend will be
selected if the feature is enabled. If either of the other two cryptographic backends are selected,
trillium-rustls will log an error but use aws-lc-rs
.
ring
If this feature is enabled, this backend will be selected even if custom-crypto-provider
is also
enabled.
custom-crypto-provider
In order to use a crypto provider other than the above two options, enable the
custom-crypto-provider
feature and either configure a
trillium_rustls::rustls::ClientConfig
or
trillium_rustls::rustls::ServerConfig
yourself to convert the equivalent
trillium-rustls
type, or install a custom process-default crypto provider with
trillium_rustls::rustls::crypto::CryptoProvider::install_default
prior to executing trillium-rustls code.
Client verifier
This crate offers a platform-verifier
feature for client usage that builds a ClientConfig with the
selected cryptographic backend and uses
rustls-platform-verifier
. This feature is enabled by
default. If you disable the feature, webpki_roots
will be used.
Dependencies
~15–38MB
~880K SLoC