From 72477c0cfdd44c898f8ca2126a58b1fec89c961e Mon Sep 17 00:00:00 2001
From: Alberto Bertogli <albertito@blitiri.com.ar>
Date: Sun, 10 Sep 2017 11:20:57 +0100
Subject: [PATCH] smtpsrv: Get TLS information for direct connections

For direct TLS connections, such as submission-over-TLS, we currently
don't get the TLS information so it appears in the headers as "plain
text", which is misleading.

This patch fixes the problem by getting the connection information
early. Note it explicitly triggers the handshake, which would otherwise
happen transparently on the first read/write, so we can use the hostname
(if any) in our hello message.
---
 internal/smtpsrv/conn.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/internal/smtpsrv/conn.go b/internal/smtpsrv/conn.go
index c347cea..864e56b 100644
--- a/internal/smtpsrv/conn.go
+++ b/internal/smtpsrv/conn.go
@@ -158,6 +158,17 @@ func (c *Conn) Handle() {
 	defer c.tr.Finish()
 	c.tr.Debugf("Connected, mode: %s", c.mode)
 
+	if tc, ok := c.conn.(*tls.Conn); ok {
+		// For TLS connections, complete the handshake and get the state, so
+		// it can be used when we say hello below.
+		tc.Handshake()
+		cstate := tc.ConnectionState()
+		c.tlsConnState = &cstate
+		if name := c.tlsConnState.ServerName; name != "" {
+			c.hostname = name
+		}
+	}
+
 	c.tc.PrintfLine("220 %s ESMTP chasquid", c.hostname)
 
 	var cmd, params string