smtpsrv: Get TLS information for direct connections

For direct TLS connections, such as submission-over-TLS, we currently don't get the TLS information so it appears in the headers as "plain text", which is misleading. This patch fixes the problem by getting the connection information early. Note it explicitly triggers the handshake, which would otherwise happen transparently on the first read/write, so we can use the hostname (if any) in our hello message.
2025-12-17 14:37:02 +00:00 · 2017-09-10 11:20:57 +01:00
parent 0972964722
commit 72477c0cfd
1 changed files with 11 additions and 0 deletions
--- a/internal/smtpsrv/conn.go
+++ b/internal/smtpsrv/conn.go
@@ -158,6 +158,17 @@ func (c *Conn) Handle() {
 	defer c.tr.Finish()
 	c.tr.Debugf("Connected, mode: %s", c.mode)

+	if tc, ok := c.conn.(*tls.Conn); ok {
+		// For TLS connections, complete the handshake and get the state, so
+		// it can be used when we say hello below.
+		tc.Handshake()
+		cstate := tc.ConnectionState()
+		c.tlsConnState = &cstate
+		if name := c.tlsConnState.ServerName; name != "" {
+			c.hostname = name
+		}
+	}
+
 	c.tc.PrintfLine("220 %s ESMTP chasquid", c.hostname)

 	var cmd, params string