Do not require STARTTLS if the connection is already TLS
aronatkins opened this issue · comments
Aron Atkins commented
Launch a server with something like:
listener, err := tls.Listen("tcp", "127.0.0.1:0", tlsConfig)
defer listener.Close()
go server.Serve(listener)
I should be able to connect to this server and authenticate without issuing STARTTLS
.
Related to golang/go#22166 - I was trying to use smtpd to verify my workaround.
Aron Atkins commented
I think this can be fixed by changing newSession
to test the type of connection.
func (srv *Server) newSession(c net.Conn) (s *session) {
s = &session{
server: srv,
conn: c,
reader: bufio.NewReader(c),
writer: bufio.NewWriter(c),
peer: Peer{
Addr: c.RemoteAddr(),
ServerName: srv.Hostname,
},
}
_, s.tls = c.(*tls.Conn)
s.scanner = bufio.NewScanner(s.reader)
return
}
Christian Joergensen commented
I will review your comments on Monday.
Christian Joergensen commented
Thank you for your comments, @aronatkins. Your proposed fix did indeed solve the problem and has been committed along with a test case. Under normal circumstances smtps
isn't really deployed. But the library should have supported it anyway.
Aron Atkins commented
Thanks, @chrj. The package has been really helpful as a test-aid for some email-sending code.