diff --git a/transport/internet/tcp/dialer.go b/transport/internet/tcp/dialer.go index 29cd7e89c..0f772b3c8 100644 --- a/transport/internet/tcp/dialer.go +++ b/transport/internet/tcp/dialer.go @@ -36,20 +36,20 @@ func Dial(src v2net.Address, dest v2net.Destination, options internet.DialerOpti if err != nil { return nil, err } - } - if options.Stream != nil && options.Stream.HasSecuritySettings() { - securitySettings, err := options.Stream.GetEffectiveSecuritySettings() - if err != nil { - log.Error("TCP: Failed to get security settings: ", err) - return nil, err - } - tlsConfig, ok := securitySettings.(*v2tls.Config) - if ok { - config := tlsConfig.GetTLSConfig() - if dest.Address.Family().IsDomain() { - config.ServerName = dest.Address.Domain() + if options.Stream != nil && options.Stream.HasSecuritySettings() { + securitySettings, err := options.Stream.GetEffectiveSecuritySettings() + if err != nil { + log.Error("TCP: Failed to get security settings: ", err) + return nil, err + } + tlsConfig, ok := securitySettings.(*v2tls.Config) + if ok { + config := tlsConfig.GetTLSConfig() + if dest.Address.Family().IsDomain() { + config.ServerName = dest.Address.Domain() + } + conn = tls.Client(conn, config) } - conn = tls.Client(conn, config) } } return NewConnection(id, conn, globalCache, tcpSettings), nil diff --git a/transport/internet/tcp/hub.go b/transport/internet/tcp/hub.go index 6c6e5f41c..3b5844d3c 100644 --- a/transport/internet/tcp/hub.go +++ b/transport/internet/tcp/hub.go @@ -77,9 +77,6 @@ func (this *TCPListener) Accept() (internet.Connection, error) { return nil, connErr.err } conn := connErr.conn - if this.tlsConfig != nil { - conn = tls.Server(conn, this.tlsConfig) - } return NewConnection("", conn, this, this.config), nil case <-time.After(time.Second * 2): } @@ -95,6 +92,9 @@ func (this *TCPListener) KeepAccepting() { this.Unlock() break } + if this.tlsConfig != nil { + conn = tls.Server(conn, this.tlsConfig) + } select { case this.awaitingConns <- &ConnectionWithError{ conn: conn,