diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go index 4cce5085f49b84acbf824628b34b651948d273e6..929c8ef4da5eef356e9e3a0a9a09627c14baccc4 100644 --- a/src/crypto/tls/common.go +++ b/src/crypto/tls/common.go @@ -169,6 +169,7 @@ type ConnectionState struct { PeerCertificates []*x509.Certificate // certificate chain presented by remote peer VerifiedChains [][]*x509.Certificate // verified chains built from PeerCertificates SignedCertificateTimestamps [][]byte // SCTs from the server, if any + OCSPResponse []byte // stapled OCSP response from server, if any // TLSUnique contains the "tls-unique" channel binding value (see RFC // 5929, section 3). For resumed sessions this value will be nil diff --git a/src/crypto/tls/conn.go b/src/crypto/tls/conn.go index c7b30a5d7238bcde16eccdbcbeb874ba5953add2..cad471859f5872a8437b1cc0d84e38ac30755a06 100644 --- a/src/crypto/tls/conn.go +++ b/src/crypto/tls/conn.go @@ -995,6 +995,7 @@ func (c *Conn) ConnectionState() ConnectionState { state.VerifiedChains = c.verifiedChains state.ServerName = c.serverName state.SignedCertificateTimestamps = c.scts + state.OCSPResponse = c.ocspResponse if !c.didResume { state.TLSUnique = c.firstFinished[:] }