validate_server_protocol_support

zoe_wire_protocol::version

Function validate_server_protocol_support 

Source 
pub fn validate_server_protocol_support(
    connection: &Connection,
    client_config: &ClientProtocolConfig,
) -> Result<ProtocolVersion, ProtocolVersionError>
Expand description

Validate protocol compatibility after TLS connection establishment

This function performs post-connection validation to ensure the server supports the client’s protocol versions. It examines the server’s TLS certificate for embedded protocol version information.

§How It Works

  1. Extracts server certificate from the established TLS connection
  2. Reads protocol extension (OID: 1.3.6.1.4.1.99999.1) from certificate
  3. Deserializes protocol version from the extension data
  4. Validates compatibility against client’s supported versions

§Return Values

  • Ok(ProtocolVersion): Server supports a compatible protocol version
  • Err(ProtocolNotSupportedByServer): Server returned empty extension (no compatible versions)
  • Err(ProtocolMismatch): Server negotiated a version client doesn’t support
  • Err(NoAlpnData): Missing certificate or extension data
  • Err(InvalidAlpnData): Malformed protocol data in certificate

§Empty Extension Behavior

When the server cannot find any compatible protocol versions during negotiation, it returns a certificate with an empty protocol extension. This is detected by the client and results in ProtocolNotSupportedByServer error.

This approach provides much better debugging than failing the TLS handshake:

  • TLS connection succeeds (can inspect certificates, logs, etc.)
  • Clear error message indicates protocol incompatibility
  • Distinguishes between TLS issues and protocol version issues

§Example Usage

use zoe_wire_protocol::version::{validate_server_protocol_support, ClientProtocolConfig};

let client_config = ClientProtocolConfig::default();
match validate_server_protocol_support(&connection, &client_config) {
    Ok(negotiated_version) => {
        println!("✅ Protocol negotiated: {}", negotiated_version);
        // Proceed with application protocol
    }
    Err(ProtocolVersionError::ProtocolNotSupportedByServer) => {
        eprintln!("❌ Server doesn't support any of our protocol versions");
        eprintln!("   Client versions: {:?}", client_config.supported_versions());
        eprintln!("   Consider upgrading client or contacting server admin");
    }
    Err(e) => {
        eprintln!("❌ Protocol validation failed: {}", e);
    }
}