git » chasquid » commit 4802e2f

smtpsrv: Check TLS Handshake result

author Alberto Bertogli
2020-04-13 13:28:48 UTC
committer Alberto Bertogli
2020-04-14 11:01:01 UTC
parent 0fd3941cf0a4612304a2a68ea39441beb98a9770
smtpsrv: Check TLS Handshake result

When receiving a message on a TLS socket, we currently don't check the
Handshake result, so connections often fail in a way that is not easy to
troubleshoot.

This patch fixes that by checking the result and emitting a nicer error
message before closing the connection.
internal/smtpsrv/conn.go +6 -1 
diff --git a/internal/smtpsrv/conn.go b/internal/smtpsrv/conn.go
index 0568581..6528b0a 100644
--- a/internal/smtpsrv/conn.go
+++ b/internal/smtpsrv/conn.go
@@ -174,7 +174,12 @@ func (c *Conn) Handle() {
 	if tc, ok := c.conn.(*tls.Conn); ok {
 		// For TLS connections, complete the handshake and get the state, so
 		// it can be used when we say hello below.
-		tc.Handshake()
+		err := tc.Handshake()
+		if err != nil {
+			c.tr.Errorf("error completing TLS handshake: %v", err)
+			return
+		}
+
 		cstate := tc.ConnectionState()
 		c.tlsConnState = &cstate
 		if name := c.tlsConnState.ServerName; name != "" {