Cypherpunks repositories - gostls13.git/commit

author	Joshua Boelter <joshua.boelter@intel.com>
	Wed, 13 Jul 2016 22:22:28 +0000 (16:22 -0600)
committer	Adam Langley <agl@golang.org>
	Mon, 24 Oct 2016 23:24:11 +0000 (23:24 +0000)
commit	426c287eb64abfe54e51fba3014c8eaeff7fc270
tree	96865909398b40a9b2e5f843ef14ee3d4c2b837b	tree
parent	93bca632d9d4662c0e04f6ae24122579130a4bc2	commit \| diff

crypto/tls: add VerifyPeerCertificate to tls.Config

VerifyPeerCertificate returns an error if the peer should not be
trusted. It will be called after the initial handshake and before
any other verification checks on the cert or chain are performed.
This provides the callee an opportunity to augment the certificate
verification.

If VerifyPeerCertificate is not nil and returns an error,
then the handshake will fail.

Fixes #16363

Change-Id: I6a22f199f0e81b6f5d5f37c54d85ab878216bb22
Reviewed-on: https://go-review.googlesource.com/26654
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

src/crypto/tls/common.go		diff \| blob \| history
src/crypto/tls/handshake_client.go		diff \| blob \| history
src/crypto/tls/handshake_client_test.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/tls_test.go		diff \| blob \| history