crypto/tls: improve documentation for ServerName. Users of the low-level, Client function are frequenctly missing the fact that, unless they pass a ServerName to the TLS connection then it cannot verify the certificates against any name. This change makes it clear that at least one of InsecureSkipVerify and ServerName should always be set. LGTM=bradfitz R=golang-codereviews, bradfitz CC=golang-codereviews https://golang.org/cl/65440043

commit: 80692a3f81f6367e9c61b652bf3dff30f4cc6624 [log] [tgz]
author: Adam Langley <agl@golang.org> Wed Feb 19 11:17:09 2014 -0500
committer: Adam Langley <agl@golang.org> Wed Feb 19 11:17:09 2014 -0500
tree: c041b1ffefd4c9b8cc51096c2566f32a099fe083
parent: ae38b03f6cab6a25f9d8d34a39e33db9857dce2e [diff] [blame]
diff --git a/src/pkg/crypto/tls/tls.go b/src/pkg/crypto/tls/tls.go
index 6c67506..40156a0 100644
--- a/src/pkg/crypto/tls/tls.go
+++ b/src/pkg/crypto/tls/tls.go

@@ -27,9 +27,8 @@
 
 // Client returns a new TLS client side connection
 // using conn as the underlying transport.
-// Client interprets a nil configuration as equivalent to
-// the zero configuration; see the documentation of Config
-// for the defaults.
+// The config cannot be nil: users must set either ServerHostname or
+// InsecureSkipVerify in the config.
 func Client(conn net.Conn, config *Config) *Conn {
 	return &Conn{conn: conn, config: config, isClient: true}
 }
commit	80692a3f81f6367e9c61b652bf3dff30f4cc6624	[log] [tgz]
author	Adam Langley <agl@golang.org>	Wed Feb 19 11:17:09 2014 -0500
committer	Adam Langley <agl@golang.org>	Wed Feb 19 11:17:09 2014 -0500
tree	c041b1ffefd4c9b8cc51096c2566f32a099fe083
parent	ae38b03f6cab6a25f9d8d34a39e33db9857dce2e [diff] [blame]