crypto/tls: add client OCSP stapling support.

R=r, rsc CC=golang-dev https://golang.org/cl/1750042
2025-12-08 06:10:04 +00:00 · 2010-07-14 10:40:15 -04:00 · 2010-07-14 10:40:15 -04:00 · c9406f930d
commit c9406f930d
parent cec007d3d2
6 changed files with 164 additions and 20 deletions
--- a/src/pkg/crypto/tls/common.go
+++ b/src/pkg/crypto/tls/common.go
@ -38,6 +38,7 @@ const (
 	typeClientHello       uint8 = 1
 	typeServerHello       uint8 = 2
 	typeCertificate       uint8 = 11
+	typeCertificateStatus uint8 = 22
 	typeServerHelloDone   uint8 = 14
 	typeClientKeyExchange uint8 = 16
 	typeFinished          uint8 = 20
@ -45,25 +46,30 @@ const (
 )

 // TLS cipher suites.
-var (
+const (
 	TLS_RSA_WITH_RC4_128_SHA uint16 = 5
 )

 // TLS compression types.
-var (
+const (
 	compressionNone uint8 = 0
 )

 // TLS extension numbers
 var (
-	extensionServerName   uint16 = 0
-	extensionNextProtoNeg uint16 = 13172 // not IANA assigned
+	extensionServerName    uint16 = 0
+	extensionStatusRequest uint16 = 5
+	extensionNextProtoNeg  uint16 = 13172 // not IANA assigned
+)
+
+// TLS CertificateStatusType (RFC 3546)
+const (
+	statusTypeOCSP uint8 = 1
 )

 type ConnectionState struct {
 	HandshakeComplete  bool
-	CipherSuite        string
-	Error              alert
+	CipherSuite        uint16
 	NegotiatedProtocol string
 }