crypto/tls: extensions and Next Protocol Negotiation

Add support for TLS extensions in general and Next Protocol Negotiation in particular. R=rsc CC=golang-dev https://golang.org/cl/181045
2025-12-08 06:10:04 +00:00 · 2009-12-23 11:13:09 -08:00 · 2009-12-23 11:13:09 -08:00 · 9ebb59634e
commit 9ebb59634e
parent 7c9111434a
9 changed files with 379 additions and 28 deletions
--- a/src/pkg/crypto/tls/common.go
+++ b/src/pkg/crypto/tls/common.go
@ -41,6 +41,7 @@ const (
 	typeServerHelloDone   uint8 = 14
 	typeClientKeyExchange uint8 = 16
 	typeFinished          uint8 = 20
+	typeNextProtocol      uint8 = 67 // Not IANA assigned
 )

 // TLS cipher suites.
@ -53,10 +54,17 @@ var (
 	compressionNone uint8 = 0
 )

+// TLS extension numbers
+var (
+	extensionServerName   uint16 = 0
+	extensionNextProtoNeg uint16 = 13172 // not IANA assigned
+)
+
 type ConnectionState struct {
-	HandshakeComplete bool
-	CipherSuite       string
-	Error             alertType
+	HandshakeComplete  bool
+	CipherSuite        string
+	Error              alertType
+	NegotiatedProtocol string
 }

 // A Config structure is used to configure a TLS client or server. After one
@ -68,6 +76,9 @@ type Config struct {
 	Time         func() int64
 	Certificates []Certificate
 	RootCAs      *CASet
+	// NextProtos is a list of supported, application level protocols.
+	// Currently only server-side handling is supported.
+	NextProtos []string
 }

 type Certificate struct {