crypto/tls: add server side SNI support.
With this in place, a TLS server is capable of selecting the correct certificate based on the client's ServerNameIndication extension. The need to call Config.BuildNameToCertificate is unfortunate, but adding a sync.Once to the Config structure made it uncopyable and I felt that was too high a price to pay. Parsing the leaf certificates in each handshake was too inefficient to consider. R=bradfitz, rsc CC=golang-dev https://golang.org/cl/5151048
Showing
Please
register
or
sign in
to comment