Struct rustls::ClientConfig

source · []
pub struct ClientConfig {
    pub ciphersuites: Vec<&'static SupportedCipherSuite>,
    pub root_store: RootCertStore,
    pub alpn_protocols: Vec<Vec<u8>>,
    pub session_persistence: Arc<dyn StoresClientSessions>,
    pub mtu: Option<usize>,
    pub client_auth_cert_resolver: Arc<dyn ResolvesClientCert>,
    pub enable_tickets: bool,
    pub versions: Vec<ProtocolVersion>,
    pub ct_logs: Option<&'static [&'static Log<'static>]>,
    pub enable_sni: bool,
    pub key_log: Arc<dyn KeyLog>,
    pub enable_early_data: bool,
    /* private fields */
}
Expand description

Common configuration for (typically) all connections made by a program.

Making one of these can be expensive, and should be once per process rather than once per connection.

Fields

ciphersuites: Vec<&'static SupportedCipherSuite>

List of ciphersuites, in preference order.

root_store: RootCertStore

Collection of root certificates.

alpn_protocols: Vec<Vec<u8>>

Which ALPN protocols we include in our client hello. If empty, no ALPN extension is sent.

session_persistence: Arc<dyn StoresClientSessions>

How we store session data or tickets.

mtu: Option<usize>

Our MTU. If None, we don’t limit TLS message sizes.

client_auth_cert_resolver: Arc<dyn ResolvesClientCert>

How to decide what client auth certificate/keys to use.

enable_tickets: bool

Whether to support RFC5077 tickets. You must provide a working session_persistence member for this to have any meaningful effect.

The default is true.

versions: Vec<ProtocolVersion>

Supported versions, in no particular order. The default is all supported versions.

ct_logs: Option<&'static [&'static Log<'static>]>

Collection of certificate transparency logs. If this collection is empty, then certificate transparency checking is disabled.

enable_sni: bool

Whether to send the Server Name Indication (SNI) extension during the client handshake.

The default is true.

key_log: Arc<dyn KeyLog>

How to output key material for debugging. The default does nothing.

enable_early_data: bool

Whether to send data on the first flight (“early data”) in TLS 1.3 handshakes.

The default is false.

Implementations

Make a ClientConfig with a default set of ciphersuites, no root certificates, no ALPN protocols, and no client auth.

The default session persistence provider stores up to 32 items in memory.

Make a ClientConfig with a custom set of ciphersuites, no root certificates, no ALPN protocols, and no client auth.

The default session persistence provider stores up to 32 items in memory.

Set the ALPN protocol list to the given protocol names. Overwrites any existing configured protocols. The first element in the protocols list is the most preferred, the last is the least preferred.

Sets persistence layer to persist.

Sets MTU to mtu. If None, the default is used. If Some(x) then x must be greater than 5 bytes.

Sets a single client authentication certificate and private key. This is blindly used for all servers that ask for client auth.

cert_chain is a vector of DER-encoded certificates, key_der is a DER-encoded RSA or ECDSA private key.

Access configuration options whose use is dangerous and requires extra care.

Trait Implementations

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Returns the “default value” for a type. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of [From]<T> for U chooses to do.

The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.