From 4802e2f3e4c1e09539963b6f45a2efe0da0df7aa Mon Sep 17 00:00:00 2001
From: Alberto Bertogli <albertito@blitiri.com.ar>
Date: Mon, 13 Apr 2020 14:28:48 +0100
Subject: [PATCH] smtpsrv: Check TLS Handshake result

When receiving a message on a TLS socket, we currently don't check the
Handshake result, so connections often fail in a way that is not easy to
troubleshoot.

This patch fixes that by checking the result and emitting a nicer error
message before closing the connection.
---
 internal/smtpsrv/conn.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/internal/smtpsrv/conn.go b/internal/smtpsrv/conn.go
index 0568581..6528b0a 100644
--- a/internal/smtpsrv/conn.go
+++ b/internal/smtpsrv/conn.go
@@ -174,7 +174,12 @@ func (c *Conn) Handle() {
 	if tc, ok := c.conn.(*tls.Conn); ok {
 		// For TLS connections, complete the handshake and get the state, so
 		// it can be used when we say hello below.
-		tc.Handshake()
+		err := tc.Handshake()
+		if err != nil {
+			c.tr.Errorf("error completing TLS handshake: %v", err)
+			return
+		}
+
 		cstate := tc.ConnectionState()
 		c.tlsConnState = &cstate
 		if name := c.tlsConnState.ServerName; name != "" {