pub struct ClientHello<'a> { /* private fields */ }Expand description
A struct representing the received Client Hello
Implementations§
Source§impl<'a> ClientHello<'a>
impl<'a> ClientHello<'a>
Sourcepub fn server_name(&self) -> Option<&str>
pub fn server_name(&self) -> Option<&str>
Get the server name indicator.
Returns None if the client did not supply a SNI.
Sourcepub fn signature_schemes(&self) -> &[SignatureScheme]
pub fn signature_schemes(&self) -> &[SignatureScheme]
Get the compatible signature schemes.
Returns standard-specified default if the client omitted this extension.
Sourcepub fn alpn(&self) -> Option<impl Iterator<Item = &'a [u8]>>
pub fn alpn(&self) -> Option<impl Iterator<Item = &'a [u8]>>
Get the ALPN protocol identifiers submitted by the client.
Returns None if the client did not include an ALPN extension.
Application Layer Protocol Negotiation (ALPN) is a TLS extension that lets a client submit a set of identifiers that each a represent an application-layer protocol. The server will then pick its preferred protocol from the set submitted by the client. Each identifier is represented as a byte array, although common values are often ASCII-encoded. See the official RFC-7301 specifications at https://datatracker.ietf.org/doc/html/rfc7301 for more information on ALPN.
For example, a HTTP client might specify “http/1.1” and/or “h2”. Other well-known values are listed in the at IANA registry at https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids.
The server can specify supported ALPN protocols by setting ServerConfig::alpn_protocols.
During the handshake, the server will select the first protocol configured that the client supports.
Sourcepub fn cipher_suites(&self) -> &[CipherSuite]
pub fn cipher_suites(&self) -> &[CipherSuite]
Get cipher suites.
Sourcepub fn server_cert_types(&self) -> Option<&'a [CertificateType]>
pub fn server_cert_types(&self) -> Option<&'a [CertificateType]>
Get the server certificate types offered in the ClientHello.
Returns None if the client did not include a certificate type extension.
Sourcepub fn client_cert_types(&self) -> Option<&'a [CertificateType]>
pub fn client_cert_types(&self) -> Option<&'a [CertificateType]>
Get the client certificate types offered in the ClientHello.
Returns None if the client did not include a certificate type extension.
Get the certificate_authorities extension sent by the client.
Returns None if the client did not send this extension.
Sourcepub fn named_groups(&self) -> Option<&'a [NamedGroup]>
pub fn named_groups(&self) -> Option<&'a [NamedGroup]>
Get the named_groups extension sent by the client.
This means different things in different versions of TLS:
Originally it was introduced as the “elliptic_curves” extension for TLS1.2.
It described the elliptic curves supported by a client for all purposes: key
exchange, signature verification (for server authentication), and signing (for
client auth). Later RFC7919 extended this to include FFDHE “named groups”,
but FFDHE groups in this context only relate to key exchange.
In TLS1.3 it was renamed to “named_groups” and now describes all types
of key exchange mechanisms, and does not relate at all to elliptic curves
used for signatures.