From 9fccea23516153c43f6092589de5cc9ea5f36d17 Mon Sep 17 00:00:00 2001
From: Bernhard Froehlich <decke@bluelife.at>
Date: Fri, 14 Dec 2018 11:04:35 +0000
Subject: [PATCH] Ensure that the TLS handshake has been done before using
 tls.ConnectionState() otherwise handshake is performed on first read/write
 and peer.TLS is invalid.

---
 smtpd.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/smtpd.go b/smtpd.go
index 797ad8e..0dbf38c 100644
--- a/smtpd.go
+++ b/smtpd.go
@@ -119,6 +119,9 @@ func (srv *Server) newSession(c net.Conn) (s *session) {
 	tlsConn, s.tls = c.(*tls.Conn)
 
 	if s.tls {
+		// run handshake otherwise it's done when we first
+		// read/write and connection state will be invalid
+		tlsConn.Handshake()
 		state := tlsConn.ConnectionState()
 		s.peer.TLS = &state
 	}