Closed
Description
by crest@tzi.de:
I tried to use X.509 client certificates to control access to a HTTP server. I discovered that req.TLS in the request passed to a HandlerFunc called by a http.Server is invalid. What steps will reproduce the problem? 1. Fetch the project from github.com (https://github.com/Crest/gresec) 2. Create a CA certificate in cacert.pem and a keypair in key.pem,cert.pem. 3. cat key.pem cert.pem > both.pem for usage by curl 4. (gomake && ./gresec) & 5. curl http://127.0.0.1:8080 What is the expected output? With the patch applied it will print a valid tls.ConnectionState. What do you see instead? With release-branch.r58 it gresec will print the invalid tls.ConnectionState cached by http.newConn(). Which compiler are you using (5g, 6g, 8g, gccgo)? 6g Which operating system are you using? FreeBSD 8.2 Which revision are you using? (hg identify) 1b38d90eebcd+ (release-branch.r58) release/release.r58 Please provide any additional information below. The attached patch is just a first try by a go noob. It increases the overhead per HTTP request by at least one new() and copy.