pub trait Endpoint {
    fn connect_unverified<'life0, 'async_trait, U>(
        endpoint: &'life0 Self,
        url: U,
        client_key_pair: Option<KeyPair>
    ) -> Pin<Box<dyn Future<Output = Result<Connecting, Connect>> + Send + 'async_trait>>
    where
        U: 'async_trait + AsRef<str> + Send,
        'life0: 'async_trait,
        Self: 'async_trait
; }
This is supported on crate feature dangerous only.
Expand description

Security-sensitive features for Endpoint.

Required methods

Establishes a new Connection to a server without verifying the servers Certificate. The servers CertificateChain can still be manually insepcted through Connection::peer_identity.

See connect for more information on host name resolution.

Notes

A client certificate KeyPair set with Builder::set_client_key_pair will be ignored, use client_key_pair to add a client certificate to this connection.

Safety

Connecting to a server without verifying the Certificate provides no way for the client to authenticate the servers identity. This is primarily used to enable connections to unknown user-hosted servers, e.g. multiplayer.

There are many ways to prevent the need for this feature in certain situations:

  • during testing, a temporary certificate can be created
  • use Let’s Encrypt to get a free certificate if a domain is present
  • provide a middle-man service that helps connect clients with servers by automatically communicating the servers public key
  • share a public key over third-party communication channels beforehand as a last resort
Errors
Examples
use fabruic::{dangerous, Endpoint};

let endpoint = Endpoint::new_client()?;
let connecting =
	dangerous::Endpoint::connect_unverified(&endpoint, "quic://localhost:443", None).await?;

Implementors