kris
/
tls-tris
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

crypto/tls: document VerifyPeerCertificate behavior in relation to ClientAuth 

Change-Id: I3ff478912a5a178492d544d2f4ee9cc7570d9acc
Reviewed-on: https://go-review.googlesource.com/84475
Reviewed-by: Filippo Valsorda <hi@filippo.io>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
tls13
Filippo Valsorda 6 years ago
committed by Henry Dorsett Case
parent
d3da622def
commit
2e765efc88
1 changed files with 3 additions and 2 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -2
      common.go

+ 3
- 2
common.go View File

@@ -483,8 +483,9 @@ type Config struct {
// //
// If normal verification fails then the handshake will abort before // If normal verification fails then the handshake will abort before
// considering this callback. If normal verification is disabled by // considering this callback. If normal verification is disabled by
// setting InsecureSkipVerify then this callback will be considered but
// the verifiedChains argument will always be nil.
// setting InsecureSkipVerify, or (for a server) when ClientAuth is
// RequestClientCert or RequireAnyClientCert, then this callback will
// be considered but the verifiedChains argument will always be nil.
VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error


// RootCAs defines the set of root certificate authorities // RootCAs defines the set of root certificate authorities


Write Preview
Loading…
Cancel
Save