From b203f88c7f0b81043a3f387136147d8193a0a8b8 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 19 Jan 2016 08:27:10 -0800 Subject: [PATCH] crypto/tls: note in comment that Certificate.Leaf is nil after parsing. LoadX509KeyPair and X509KeyPair don't retain the parsed form of certificates in their return value because it's generally not needed. This change makes that clear in the comment. See https://groups.google.com/d/msg/golang-dev/VResvFj2vF8/Wt6WkVT2AwAJ Change-Id: Ibb759cd6e84c00f4450a012992088422c0546638 Reviewed-on: https://go-review.googlesource.com/18734 Reviewed-by: Russ Cox --- src/crypto/tls/tls.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/crypto/tls/tls.go b/src/crypto/tls/tls.go index c1d1331bde..4bedd7682d 100644 --- a/src/crypto/tls/tls.go +++ b/src/crypto/tls/tls.go @@ -172,7 +172,9 @@ func Dial(network, addr string, config *Config) (*Conn, error) { } // LoadX509KeyPair reads and parses a public/private key pair from a pair of -// files. The files must contain PEM encoded data. +// files. The files must contain PEM encoded data. On successful return, +// Certificate.Leaf will be nil because the parsed form of the certificate is +// not retained. func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) { certPEMBlock, err := ioutil.ReadFile(certFile) if err != nil { @@ -186,7 +188,8 @@ func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) { } // X509KeyPair parses a public/private key pair from a pair of -// PEM encoded data. +// PEM encoded data. On successful return, Certificate.Leaf will be nil because +// the parsed form of the certificate is not retained. func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error) { fail := func(err error) (Certificate, error) { return Certificate{}, err }