Only try startTls if the connection is not secure

This commit is contained in:
Wichert Akkerman 2019-10-28 14:46:13 +01:00 committed by Mickaël Rémond
parent 6da1962962
commit 2f8ec7b36f

View file

@ -29,12 +29,14 @@ func NewSession(transport Transport, o Config, state SMState) (*Session, error)
s.SMState = state s.SMState = state
s.init(o) s.init(o)
s.startTlsIfSupported(o)
if s.err != nil { if s.err != nil {
return nil, NewConnError(s.err, true) return nil, NewConnError(s.err, true)
} }
if !transport.IsSecure() {
s.startTlsIfSupported(o)
}
if !transport.IsSecure() && !o.Insecure { if !transport.IsSecure() && !o.Insecure {
err := fmt.Errorf("failed to negotiate TLS session : %s", s.err) err := fmt.Errorf("failed to negotiate TLS session : %s", s.err)
return nil, NewConnError(err, true) return nil, NewConnError(err, true)