Struct rustls::ClientConfig

source ·
pub struct ClientConfig {
    pub ciphersuites: Vec<&'static SupportedCipherSuite>,
    pub root_store: RootCertStore,
    pub alpn_protocols: Vec<Vec<u8>>,
    pub session_persistence: Arc<dyn StoresClientSessions>,
    pub mtu: Option<usize>,
    pub client_auth_cert_resolver: Arc<dyn ResolvesClientCert>,
    pub enable_tickets: bool,
    pub versions: Vec<ProtocolVersion>,
    pub ct_logs: Option<&'static [&'static Log<'static>]>,
    pub enable_sni: bool,
    pub key_log: Arc<dyn KeyLog>,
    pub enable_early_data: bool,
    /* private fields */
}
Expand description

Common configuration for (typically) all connections made by a program.

Making one of these can be expensive, and should be once per process rather than once per connection.

Fields§

§ciphersuites: Vec<&'static SupportedCipherSuite>

List of ciphersuites, in preference order.

§root_store: RootCertStore

Collection of root certificates.

§alpn_protocols: Vec<Vec<u8>>

Which ALPN protocols we include in our client hello. If empty, no ALPN extension is sent.

§session_persistence: Arc<dyn StoresClientSessions>

How we store session data or tickets.

§mtu: Option<usize>

Our MTU. If None, we don’t limit TLS message sizes.

§client_auth_cert_resolver: Arc<dyn ResolvesClientCert>

How to decide what client auth certificate/keys to use.

§enable_tickets: bool

Whether to support RFC5077 tickets. You must provide a working session_persistence member for this to have any meaningful effect.

The default is true.

§versions: Vec<ProtocolVersion>

Supported versions, in no particular order. The default is all supported versions.

§ct_logs: Option<&'static [&'static Log<'static>]>

Collection of certificate transparency logs. If this collection is empty, then certificate transparency checking is disabled.

§enable_sni: bool

Whether to send the Server Name Indication (SNI) extension during the client handshake.

The default is true.

§key_log: Arc<dyn KeyLog>

How to output key material for debugging. The default does nothing.

§enable_early_data: bool

Whether to send data on the first flight (“early data”) in TLS 1.3 handshakes.

The default is false.

Implementations§

source§

impl ClientConfig

source

pub fn new() -> ClientConfig

Make a ClientConfig with a default set of ciphersuites, no root certificates, no ALPN protocols, and no client auth.

The default session persistence provider stores up to 32 items in memory.

source

pub fn with_ciphersuites( ciphersuites: &[&'static SupportedCipherSuite] ) -> ClientConfig

Make a ClientConfig with a custom set of ciphersuites, no root certificates, no ALPN protocols, and no client auth.

The default session persistence provider stores up to 32 items in memory.

source

pub fn set_protocols(&mut self, protocols: &[Vec<u8>])

Set the ALPN protocol list to the given protocol names. Overwrites any existing configured protocols. The first element in the protocols list is the most preferred, the last is the least preferred.

source

pub fn set_persistence(&mut self, persist: Arc<dyn StoresClientSessions>)

Sets persistence layer to persist.

source

pub fn set_mtu(&mut self, mtu: &Option<usize>)

Sets MTU to mtu. If None, the default is used. If Some(x) then x must be greater than 5 bytes.

source

pub fn set_single_client_cert( &mut self, cert_chain: Vec<Certificate>, key_der: PrivateKey ) -> Result<(), TLSError>

Sets a single client authentication certificate and private key. This is blindly used for all servers that ask for client auth.

cert_chain is a vector of DER-encoded certificates, key_der is a DER-encoded RSA or ECDSA private key.

Trait Implementations§

source§

impl Clone for ClientConfig

source§

fn clone(&self) -> ClientConfig

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Default for ClientConfig

source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.