From c67f0d949941279681b53b585eb967326811a93b Mon Sep 17 00:00:00 2001 From: Anmol Sethi Date: Sun, 29 Jan 2017 03:18:17 -0500 Subject: [PATCH] crypto/tls: document ConnectionState.NegotiatedProtocol more clearly ConnectionState.NegotiatedProtocol's documentation implies that it will always be from Config.NextProtos. This commit clarifies that there is no guarantee. This commit also adds a note to ConnectionState.NegotiatedProtocolIsMutual, making it clear that it is client side only. Fixes #18841 Change-Id: Icd028af8042f31e45575f1080c5e9bd3012e03d7 Reviewed-on: https://go-review.googlesource.com/35917 Reviewed-by: Filippo Valsorda Reviewed-by: Adam Langley Reviewed-by: Brad Fitzpatrick Run-TryBot: Adam Langley TryBot-Result: Gobot Gobot --- src/crypto/tls/common.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go index 276d1761ea..2ebb37bd40 100644 --- a/src/crypto/tls/common.go +++ b/src/crypto/tls/common.go @@ -163,8 +163,8 @@ type ConnectionState struct { HandshakeComplete bool // TLS handshake is complete DidResume bool // connection resumes a previous TLS connection CipherSuite uint16 // cipher suite in use (TLS_RSA_WITH_RC4_128_SHA, ...) - NegotiatedProtocol string // negotiated next protocol (from Config.NextProtos) - NegotiatedProtocolIsMutual bool // negotiated protocol was advertised by server + NegotiatedProtocol string // negotiated next protocol (not guaranteed to be from Config.NextProtos) + NegotiatedProtocolIsMutual bool // negotiated protocol was advertised by server (client side only) ServerName string // server name requested by client, if any (server side only) PeerCertificates []*x509.Certificate // certificate chain presented by remote peer VerifiedChains [][]*x509.Certificate // verified chains built from PeerCertificates -- 2.48.1