pub trait Endpoint {
// Required method
fn connect_unverified<'life0, 'async_trait, U>(
endpoint: &'life0 Self,
url: U,
client_key_pair: Option<KeyPair>
) -> Pin<Box<dyn Future<Output = Result<Connecting, Connect>> + Send + 'async_trait>>
where 'life0: 'async_trait,
U: 'async_trait + AsRef<str> + Send,
Self: 'async_trait;
}
Expand description
Security-sensitive features for Endpoint
.
Required Methods§
fn connect_unverified<'life0, 'async_trait, U>(
endpoint: &'life0 Self,
url: U,
client_key_pair: Option<KeyPair>
) -> Pin<Box<dyn Future<Output = Result<Connecting, Connect>> + Send + 'async_trait>>
fn connect_unverified<'life0, 'async_trait, U>( endpoint: &'life0 Self, url: U, client_key_pair: Option<KeyPair> ) -> Pin<Box<dyn Future<Output = Result<Connecting, Connect>> + Send + 'async_trait>>
Establishes a new Connection
to a server without
verifying the servers Certificate
. The servers
CertificateChain
can still be manually
insepcted through
Connection::peer_identity
.
See connect
for more information on host name
resolution.
Notes
A client certificate KeyPair
set with
Builder::set_client_key_pair
will be ignored, use client_key_pair
to add a client certificate to this connection.
Safety
Connecting to a server without verifying the Certificate
provides no
way for the client to authenticate the servers identity.
This is primarily used to enable connections to unknown user-hosted
servers, e.g. multiplayer.
There are many ways to prevent the need for this feature in certain situations:
- during testing, a temporary certificate can be created
- use Let’s Encrypt to get a free certificate if a domain is present
- provide a middle-man service that helps connect clients with servers by automatically communicating the servers public key
- share a public key over third-party communication channels beforehand as a last resort
Errors
error::Connect::ParseUrl
if the URL couldn’t be parsederror::Connect::Port
if the URL didn’t contain a porterror::Connect::ParseDomain
if the domain couldn’t be parsederror::Connect::TrustDns
if the URL couldn’t be resolved to an IP address withtrust-dns
error::Connect::StdDns
if the URL couldn’t be resolved to an IP address withToSocketAddrs
error::Connect::NoIp
if no IP address was found for that domain
Examples
use fabruic::{dangerous, Endpoint};
let endpoint = Endpoint::new_client()?;
let connecting =
dangerous::Endpoint::connect_unverified(&endpoint, "quic://localhost:443", None).await?;
Object Safety§
This trait is not object safe.