commit b203f88c7f0b81043a3f387136147d8193a0a8b8
author Adam Langley <agl@golang.org> Tue Jan 19 08:27:10 2016 -0800
committer Brad Fitzpatrick <bradfitz@golang.org> Thu Jan 21 18:50:24 2016 +0000
tree a6ca7c0bcc7fcee08b4581be82d3be0c21bccf87
parent 754216d1d7642e8f254d0c8b8cd47ce3426ea051

crypto/tls: note in comment that Certificate.Leaf is nil after parsing.

LoadX509KeyPair and X509KeyPair don't retain the parsed form of
certificates in their return value because it's generally not needed.
This change makes that clear in the comment.

See https://groups.google.com/d/msg/golang-dev/VResvFj2vF8/Wt6WkVT2AwAJ

Change-Id: Ibb759cd6e84c00f4450a012992088422c0546638
Reviewed-on: https://go-review.googlesource.com/18734
Reviewed-by: Russ Cox <rsc@golang.org>

src/crypto/tls/tls.go

diff --git a/src/crypto/tls/tls.go b/src/crypto/tls/tls.go
index c1d1331..4bedd76 100644
--- a/src/crypto/tls/tls.go
+++ b/src/crypto/tls/tls.go
@@ -172,7 +172,9 @@
 }
 
 // LoadX509KeyPair reads and parses a public/private key pair from a pair of
-// files. The files must contain PEM encoded data.
+// files. The files must contain PEM encoded data. On successful return,
+// Certificate.Leaf will be nil because the parsed form of the certificate is
+// not retained.
 func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) {
 	certPEMBlock, err := ioutil.ReadFile(certFile)
 	if err != nil {
@@ -186,7 +188,8 @@
 }
 
 // X509KeyPair parses a public/private key pair from a pair of
-// PEM encoded data.
+// PEM encoded data. On successful return, Certificate.Leaf will be nil because
+// the parsed form of the certificate is not retained.
 func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error) {
 	fail := func(err error) (Certificate, error) { return Certificate{}, err }