tls: move PeerCertificates to ConnectionState

R=agl, agl1 CC=golang-dev, rsc https://golang.org/cl/4248078

tls: move PeerCertificates to ConnectionState
R=agl, agl1 CC=golang-dev, rsc https://golang.org/cl/4248078
dc06ad5a · Brad Fitzpatrick · dd5adcc3 · dc06ad5a · dc06ad5a
Commit dc06ad5a authored Mar 10, 2011 by Brad Fitzpatrick
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 9 deletions

common.go src/pkg/crypto/tls/common.go +4 -0

conn.go src/pkg/crypto/tls/conn.go +1 -9

No files found.
--- a/src/pkg/crypto/tls/common.go
+++ b/src/pkg/crypto/tls/common.go
@@ -7,6 +7,7 @@ package tls
 import (
 	"crypto/rand"
 	"crypto/rsa"
+	"crypto/x509"
 	"io"
 	"io/ioutil"
 	"sync"
@@ -95,6 +96,9 @@ type ConnectionState struct {
 	HandshakeComplete  bool
 	CipherSuite        uint16
 	NegotiatedProtocol string
+
+	// the certificate chain that was presented by the other side
+	PeerCertificates []*x509.Certificate
 }

 // A Config structure is used to configure a TLS client or server. After one

--- a/src/pkg/crypto/tls/conn.go
+++ b/src/pkg/crypto/tls/conn.go
@@ -762,6 +762,7 @@ func (c *Conn) ConnectionState() ConnectionState {
 	if c.handshakeComplete {
 		state.NegotiatedProtocol = c.clientProtocol
 		state.CipherSuite = c.cipherSuite
+		state.PeerCertificates = c.peerCertificates
 	}

 	return state
@@ -776,15 +777,6 @@ func (c *Conn) OCSPResponse() []byte {
 	return c.ocspResponse
 }

-// PeerCertificates returns the certificate chain that was presented by the
-// other side.
-func (c *Conn) PeerCertificates() []*x509.Certificate {
-	c.handshakeMutex.Lock()
-	defer c.handshakeMutex.Unlock()
-
-	return c.peerCertificates
-}
-
 // VerifyHostname checks that the peer certificate chain is valid for
 // connecting to host.  If so, it returns nil; if not, it returns an os.Error
 // describing the problem.