| /// This is the simplest possible client using rustls that does something useful: |
| /// it accepts the default configuration, loads some root certs, and then connects |
| /// to google.com and issues a basic HTTP request. The response is printed to stdout. |
| /// |
| /// It makes use of rustls::Stream to treat the underlying TLS session as a basic |
| /// bi-directional stream -- the underlying IO is performed transparently. |
| /// |
| /// Note that `unwrap()` is used to deal with networking errors; this is not something |
| /// that is sensible outside of example code. |
| use std::sync::Arc; |
| |
| use std::io::{stdout, Read, Write}; |
| use std::net::TcpStream; |
| |
| use rustls; |
| use webpki; |
| use webpki_roots; |
| |
| use rustls::Session; |
| |
| fn main() { |
| let mut config = rustls::ClientConfig::new(); |
| config |
| .root_store |
| .add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS); |
| |
| let dns_name = webpki::DNSNameRef::try_from_ascii_str("google.com").unwrap(); |
| let mut sess = rustls::ClientSession::new(&Arc::new(config), dns_name); |
| let mut sock = TcpStream::connect("google.com:443").unwrap(); |
| let mut tls = rustls::Stream::new(&mut sess, &mut sock); |
| tls.write( |
| concat!( |
| "GET / HTTP/1.1\r\n", |
| "Host: google.com\r\n", |
| "Connection: close\r\n", |
| "Accept-Encoding: identity\r\n", |
| "\r\n" |
| ) |
| .as_bytes(), |
| ) |
| .unwrap(); |
| let ciphersuite = tls |
| .sess |
| .get_negotiated_ciphersuite() |
| .unwrap(); |
| writeln!( |
| &mut std::io::stderr(), |
| "Current ciphersuite: {:?}", |
| ciphersuite.suite |
| ) |
| .unwrap(); |
| let mut plaintext = Vec::new(); |
| tls.read_to_end(&mut plaintext).unwrap(); |
| stdout().write_all(&plaintext).unwrap(); |
| } |