diff --git a/common.go b/common.go index a3d75d6..d47dc61 100644 --- a/common.go +++ b/common.go @@ -255,7 +255,8 @@ type Config struct { // Certificates contains one or more certificate chains // to present to the other side of the connection. - // Server configurations must include at least one certificate. + // Server configurations must include at least one certificate + // or else set GetCertificate. Certificates []Certificate // NameToCertificate maps from a certificate name to an element of diff --git a/tls.go b/tls.go index f6d5bb1..fb399d0 100644 --- a/tls.go +++ b/tls.go @@ -20,8 +20,8 @@ import ( // Server returns a new TLS server side connection // using conn as the underlying transport. -// The configuration config must be non-nil and must have -// at least one certificate. +// The configuration config must be non-nil and must include +// at least one certificate or else set GetCertificate. func Server(conn net.Conn, config *Config) *Conn { return &Conn{conn: conn, config: config} } @@ -53,8 +53,8 @@ func (l *listener) Accept() (c net.Conn, err error) { // NewListener creates a Listener which accepts connections from an inner // Listener and wraps each connection with Server. -// The configuration config must be non-nil and must have -// at least one certificate. +// The configuration config must be non-nil and must include +// at least one certificate or else set GetCertificate. func NewListener(inner net.Listener, config *Config) net.Listener { l := new(listener) l.Listener = inner @@ -64,8 +64,8 @@ func NewListener(inner net.Listener, config *Config) net.Listener { // Listen creates a TLS listener accepting connections on the // given network address using net.Listen. -// The configuration config must be non-nil and must have -// at least one certificate. +// The configuration config must be non-nil and must include +// at least one certificate or else set GetCertificate. func Listen(network, laddr string, config *Config) (net.Listener, error) { if config == nil || (len(config.Certificates) == 0 && config.GetCertificate == nil) { return nil, errors.New("tls: neither Certificates nor GetCertificate set in Config")