proposal: crypto/tls: expose TLS alert type for more precise error checks #35234
Labels
FeatureRequest
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Proposal
Proposal-Crypto
Proposal related to crypto packages or other security issues
Milestone
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
I've hooked
http.Server.ConnState
using a function that checks for handshake errors on thehttp.StateClosed
state, and logs these. For example:What did you expect to see?
This works, but I really don't like using string comparison on error messages. What would be helpful to ensure accurate comparison (especially if these strings change in the future) is to be able to compare the error with the
tls.alert
types. The error above (err
) is actually atls.alert
wrapped in a*net.OpError
type, but because thetls.alert
type is not exported, I only get to see the publicError()
method that outputs a string.The result of this would be similar to the
http
status codes found innet/http/status.go
.The text was updated successfully, but these errors were encountered: