tls: move PeerCertificates to ConnectionState

R=agl, agl1 CC=golang-dev, rsc https://golang.org/cl/4248078
2024-11-22 01:04:40 -07:00 · 2011-03-10 07:22:53 -08:00 · 2011-03-10 07:22:53 -08:00 · dc06ad5ad7
commit dc06ad5ad7
parent dd5adcc3c3
2 changed files with 5 additions and 9 deletions
--- a/src/pkg/crypto/tls/common.go
+++ b/src/pkg/crypto/tls/common.go
@ -7,6 +7,7 @@ package tls
 import (
 	"crypto/rand"
 	"crypto/rsa"
+	"crypto/x509"
 	"io"
 	"io/ioutil"
 	"sync"
@ -95,6 +96,9 @@ type ConnectionState struct {
 	HandshakeComplete  bool
 	CipherSuite        uint16
 	NegotiatedProtocol string
+
+	// the certificate chain that was presented by the other side
+	PeerCertificates []*x509.Certificate
 }

 // A Config structure is used to configure a TLS client or server. After one
--- a/src/pkg/crypto/tls/conn.go
+++ b/src/pkg/crypto/tls/conn.go
@ -762,6 +762,7 @@ func (c *Conn) ConnectionState() ConnectionState {
 	if c.handshakeComplete {
 		state.NegotiatedProtocol = c.clientProtocol
 		state.CipherSuite = c.cipherSuite
+		state.PeerCertificates = c.peerCertificates
 	}

 	return state
@ -776,15 +777,6 @@ func (c *Conn) OCSPResponse() []byte {
 	return c.ocspResponse
 }

-// PeerCertificates returns the certificate chain that was presented by the
-// other side.
-func (c *Conn) PeerCertificates() []*x509.Certificate {
-	c.handshakeMutex.Lock()
-	defer c.handshakeMutex.Unlock()
-
-	return c.peerCertificates
-}
-
 // VerifyHostname checks that the peer certificate chain is valid for
 // connecting to host.  If so, it returns nil; if not, it returns an os.Error
 // describing the problem.