diff options
author | Roland Shoemaker <rolandshoemaker@gmail.com> | 2020-10-21 10:59:22 -0700 |
---|---|---|
committer | Roland Shoemaker <roland@golang.org> | 2020-10-27 23:12:41 +0000 |
commit | 5d3666e1a48d0976718c75dddc2ef0232be835d8 (patch) | |
tree | 164d828e6b3a19b7375096ac0184d7135d3356c5 | |
parent | b4b014465216790e01aa66f9120d03230e4aff46 (diff) | |
download | go-5d3666e1a48d0976718c75dddc2ef0232be835d8.tar.gz go-5d3666e1a48d0976718c75dddc2ef0232be835d8.zip |
crypto/tls: document the ClientAuthType consts
Fixes #34023
Change-Id: Ib7552a8873a79a91e8d971f906c6d7283da7a80c
Reviewed-on: https://go-review.googlesource.com/c/go/+/264027
Trust: Roland Shoemaker <roland@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
-rw-r--r-- | src/crypto/tls/common.go | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go index e4f18bf5eb..66d2c005a7 100644 --- a/src/crypto/tls/common.go +++ b/src/crypto/tls/common.go @@ -294,10 +294,26 @@ func (cs *ConnectionState) ExportKeyingMaterial(label string, context []byte, le type ClientAuthType int const ( + // NoClientCert indicates that no client certificate should be requested + // during the handshake, and if any certificates are sent they will not + // be verified. NoClientCert ClientAuthType = iota + // RequestClientCert indicates that a client certificate should be requested + // during the handshake, but does not require that the client send any + // certificates. RequestClientCert + // RequireAnyClientCert indicates that a client certificate should be requested + // during the handshake, and that at least one certificate is required to be + // sent by the client, but that certificate is not required to be valid. RequireAnyClientCert + // VerifyClientCertIfGiven indicates that a client certificate should be requested + // during the handshake, but does not require that the client sends a + // certificate. If the client does send a certificate it is required to be + // valid. VerifyClientCertIfGiven + // RequireAndVerifyClientCert indicates that a client certificate should be requested + // during the handshake, and that at least one valid certificate is required + // to be sent by the client. RequireAndVerifyClientCert ) |