Struct rustls::ClientConfig
source · [−]pub struct ClientConfig {
pub alpn_protocols: Vec<Vec<u8>>,
pub session_storage: Arc<dyn StoresClientSessions>,
pub max_fragment_size: Option<usize>,
pub client_auth_cert_resolver: Arc<dyn ResolvesClientCert>,
pub enable_tickets: bool,
pub enable_sni: bool,
pub key_log: Arc<dyn KeyLog>,
pub enable_secret_extraction: bool,
pub enable_early_data: bool,
/* private fields */
}Expand description
Common configuration for (typically) all connections made by a program.
Making one of these can be expensive, and should be once per process rather than once per connection.
These must be created via the ClientConfig::builder() function.
Defaults
ClientConfig::max_fragment_size: the default isNone: TLS packets are not fragmented to a specific size.ClientConfig::session_storage: the default stores 256 sessions in memory.ClientConfig::alpn_protocols: the default is empty – no ALPN protocol is negotiated.ClientConfig::key_log: key material is not logged.
Fields
alpn_protocols: Vec<Vec<u8>>Which ALPN protocols we include in our client hello. If empty, no ALPN extension is sent.
session_storage: Arc<dyn StoresClientSessions>How we store session data or tickets.
max_fragment_size: Option<usize>The maximum size of TLS message we’ll emit. If None, we don’t limit TLS message lengths except to the 2**16 limit specified in the standard.
rustls enforces an arbitrary minimum of 32 bytes for this field. Out of range values are reported as errors from ClientConnection::new.
Setting this value to the TCP MSS may improve latency for stream-y workloads.
client_auth_cert_resolver: Arc<dyn ResolvesClientCert>How to decide what client auth certificate/keys to use.
enable_tickets: boolWhether to support RFC5077 tickets. You must provide a working
session_storage member for this to have any meaningful
effect.
The default is true.
enable_sni: boolWhether to send the Server Name Indication (SNI) extension during the client handshake.
The default is true.
key_log: Arc<dyn KeyLog>How to output key material for debugging. The default does nothing.
enable_secret_extraction: boolAllows traffic secrets to be extracted after the handshake, e.g. for kTLS setup.
enable_early_data: boolWhether to send data on the first flight (“early data”) in TLS 1.3 handshakes.
The default is false.
Implementations
sourceimpl ClientConfig
impl ClientConfig
sourcepub fn builder() -> ConfigBuilder<Self, WantsCipherSuites>
pub fn builder() -> ConfigBuilder<Self, WantsCipherSuites>
Create a builder to build up the client configuration.
For more information, see the ConfigBuilder documentation.
sourcepub fn dangerous(&mut self) -> DangerousClientConfig<'_>
pub fn dangerous(&mut self) -> DangerousClientConfig<'_>
Access configuration options whose use is dangerous and requires extra care.
Trait Implementations
sourceimpl Clone for ClientConfig
impl Clone for ClientConfig
sourcefn clone(&self) -> ClientConfig
fn clone(&self) -> ClientConfig
1.0.0 · sourceconst fn clone_from(&mut self, source: &Self)
const fn clone_from(&mut self, source: &Self)
source. Read more