crypto/tls: export the verified chains.

The verified chains are the chains that were actually verified. R=bradfitz CC=golang-dev https://golang.org/cl/4462046
2024-11-19 14:44:40 -07:00 · 2011-05-05 13:44:36 -04:00 · 2011-05-05 13:44:36 -04:00 · ffd550455c
commit ffd550455c
parent e1bf165b28
2 changed files with 3 additions and 0 deletions
--- a/src/pkg/crypto/tls/common.go
+++ b/src/pkg/crypto/tls/common.go
@ -100,6 +100,8 @@ type ConnectionState struct {

 	// the certificate chain that was presented by the other side
 	PeerCertificates []*x509.Certificate
+	// the verified certificate chains built from PeerCertificates.
+	VerifiedChains [][]*x509.Certificate
 }

 // A Config structure is used to configure a TLS client or server. After one
--- a/src/pkg/crypto/tls/conn.go
+++ b/src/pkg/crypto/tls/conn.go
@ -768,6 +768,7 @@ func (c *Conn) ConnectionState() ConnectionState {
 		state.NegotiatedProtocolIsMutual = !c.clientProtocolFallback
 		state.CipherSuite = c.cipherSuite
 		state.PeerCertificates = c.peerCertificates
+		state.VerifiedChains = c.verifiedChains
 	}

 	return state