Make TLS field nil for unencrypted connections

client.go

@@ -101,7 +101,8 @@ func (c *Client) Do(req *Request) (*Response, error) {
 	}
 
 	// Store connection state
-	resp.TLS = conn.ConnectionState()
+	state := conn.ConnectionState()
+	resp.TLS = &state
 
 	return resp, nil
 }

request.go

@@ -36,7 +36,7 @@ type Request struct {
 	// connection on which the request was received.
 	//
 	// This field is ignored by the client.
-	TLS tls.ConnectionState
+	TLS *tls.ConnectionState
 
 	// Context specifies the context to use for client requests.
 	// If Context is nil, the background context will be used.

response.go

@@ -26,7 +26,7 @@ type Response struct {
 
 	// TLS contains information about the TLS connection on which the response
 	// was received.
-	TLS tls.ConnectionState
+	TLS *tls.ConnectionState
 }
 
 // ReadResponse reads a Gemini response from the provided io.ReadCloser.

server.go

@@ -207,7 +207,8 @@ func (s *Server) respond(conn net.Conn) {
 
 	// Store information about the TLS connection
 	if tlsConn, ok := conn.(*tls.Conn); ok {
-		req.TLS = tlsConn.ConnectionState()
+		state := tlsConn.ConnectionState()
+		req.TLS = &state
 		if len(req.TLS.PeerCertificates) > 0 {
 			peerCert := req.TLS.PeerCertificates[0]
 			// Store the TLS certificate