server: Don't populate Request.Certificate field
Handlers should instead use the certificate provided in Request.TLS.
This commit is contained in:
parent
20e1b14108
commit
6f7c183662
16
request.go
16
request.go
@ -13,8 +13,6 @@ import (
|
||||
// by a client.
|
||||
//
|
||||
// The field semantics differ slightly between client and server usage.
|
||||
// In addition to the notes on the fields below, see the documentation
|
||||
// for Request.Write and TODO: RoundTripper.
|
||||
type Request struct {
|
||||
// URL specifies the URL being requested (for server
|
||||
// requests) or the URL to access (for client requests).
|
||||
@ -25,10 +23,9 @@ type Request struct {
|
||||
// This field is ignored by the Gemini server.
|
||||
Host string
|
||||
|
||||
// Certificate specifies the TLS certificate to use for the request.
|
||||
//
|
||||
// On the server side, if the client provided a certificate then
|
||||
// Certificate.Leaf is guaranteed to be non-nil.
|
||||
// For client requests, Certificate optionally specifies the
|
||||
// TLS certificate to present to the other side of the connection.
|
||||
// This field is ignored by the Gemini server.
|
||||
Certificate *tls.Certificate
|
||||
|
||||
// RemoteAddr allows Gemini servers and other software to record
|
||||
@ -49,13 +46,18 @@ type Request struct {
|
||||
// This field is ignored by the Gemini client.
|
||||
TLS *tls.ConnectionState
|
||||
|
||||
// Context specifies the context to use for client requests.
|
||||
// Context specifies the context to use for outgoing requests.
|
||||
// The context controls the entire lifetime of a request and its
|
||||
// response: obtaining a connection, sending the request, and
|
||||
// reading the response header and body.
|
||||
// If Context is nil, the background context will be used.
|
||||
// This field is ignored by the Gemini server.
|
||||
Context context.Context
|
||||
}
|
||||
|
||||
// NewRequest returns a new request. The host is inferred from the URL.
|
||||
//
|
||||
// The returned Request is suitable for use with Client.Do.
|
||||
func NewRequest(rawurl string) (*Request, error) {
|
||||
u, err := url.Parse(rawurl)
|
||||
if err != nil {
|
||||
|
10
server.go
10
server.go
@ -230,14 +230,6 @@ func (srv *Server) respond(conn net.Conn) {
|
||||
if tlsConn, ok := conn.(*tls.Conn); ok {
|
||||
state := tlsConn.ConnectionState()
|
||||
req.TLS = &state
|
||||
if len(req.TLS.PeerCertificates) > 0 {
|
||||
peerCert := req.TLS.PeerCertificates[0]
|
||||
// Store the TLS certificate
|
||||
req.Certificate = &tls.Certificate{
|
||||
Certificate: [][]byte{peerCert.Raw},
|
||||
Leaf: peerCert,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Store remote address
|
||||
@ -289,7 +281,7 @@ func (srv *Server) logf(format string, args ...interface{}) {
|
||||
// If ServeGemini panics, the server (the caller of ServeGemini) assumes that
|
||||
// the effect of the panic was isolated to the active request. It recovers
|
||||
// the panic, logs a stack trace to the server error log, and closes the
|
||||
// newtwork connection. To abort a handler so the client sees an interrupted
|
||||
// network connection. To abort a handler so the client sees an interrupted
|
||||
// response but the server doesn't log an error, panic with the value
|
||||
// ErrAbortHandler.
|
||||
type Handler interface {
|
||||
|
Loading…
Reference in New Issue
Block a user