Description
It would be nice if clients of the net/smtp package could access the TLS connection state in order to implement server certificate hash checking with STARTTLS. Currently net/smtp's (c *Client) does not expose the conn field, which is set during (c *Client) StartTLS().
https://github.com/golang/go/blob/go1.4/src/net/smtp/smtp.go#L154
As an example, this is the kind of server certificate hash checking I'd like to do with net/smtp:
https://github.com/agl/xmpp/blob/a5b10608a5c441a99c6380efa91d7f4fb517e9c2/xmpp.go#L509-517
I ended up forking net/smtp in order to access the TLS connection state after STARTTLS, which is a lot of code duplication for such a small change. If this isn't too esoteric, an additional method on smtp's Client struct could expose the connection state to clients of the package, making server certificate hash verification possible.