I have a secure websocket server written with Boost Beast. A significant portion of the connection code is documented here. I need to extend the code to make a runtime decision on whether the incoming connection is using TLSv1.3 or older (both are valid, but the server needs to have different runtime behavior). Where is the right place to do so?

Is it something on the boost::asio::ip::tcp::acceptor? Perhaps it is accessible from boost::beast::websocket::stream<boost::beast::ssl_stream<boost::beast::tcp_stream>>? Somehwere else?