crypto/tls: export the verified chains.

The verified chains are the chains that were actually verified. R=bradfitz CC=golang-dev https://golang.org/cl/4462046

crypto/tls: export the verified chains.
The verified chains are the chains that were actually verified. R=bradfitz CC=golang-dev https://golang.org/cl/4462046
ffd55045 · Adam Langley · e1bf165b · ffd55045 · ffd55045
Commit ffd55045 authored May 05, 2011 by Adam Langley
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 0 deletions

src/pkg/crypto/tls/common.go src/pkg/crypto/tls/common.go +2 -0

src/pkg/crypto/tls/conn.go src/pkg/crypto/tls/conn.go +1 -0

No files found.
--- a/src/pkg/crypto/tls/common.go
+++ b/src/pkg/crypto/tls/common.go
@@ -100,6 +100,8 @@ type ConnectionState struct {
 	// the certificate chain that was presented by the other side
 	PeerCertificates []*x509.Certificate
+	// the verified certificate chains built from PeerCertificates.
+	VerifiedChains [][]*x509.Certificate
 }
 // A Config structure is used to configure a TLS client or server. After one

--- a/src/pkg/crypto/tls/conn.go
+++ b/src/pkg/crypto/tls/conn.go
@@ -768,6 +768,7 @@ func (c *Conn) ConnectionState() ConnectionState {
 		state.NegotiatedProtocolIsMutual = !c.clientProtocolFallback
 		state.CipherSuite = c.cipherSuite
 		state.PeerCertificates = c.peerCertificates
+		state.VerifiedChains = c.verifiedChains
 	}
 	return state