From 00ffcb8c00ed249334b259d14acc50483485d57d Mon Sep 17 00:00:00 2001 From: David Cooper Date: Mon, 30 Aug 2021 13:52:00 -0400 Subject: [PATCH] Fix #1961 in 3.0 branch This commit is the same as #1962, but for the 3.0 branch. --- testssl.sh | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/testssl.sh b/testssl.sh index 5eda3e4..7353e67 100755 --- a/testssl.sh +++ b/testssl.sh @@ -18564,8 +18564,6 @@ determine_service() { ftp|smtp|lmtp|pop3|imap|xmpp|telnet|ldap|postgres|mysql|nntp) STARTTLS="-starttls $protocol" if [[ "$protocol" == xmpp ]]; then - # for XMPP, openssl has a problem using -connect $NODEIP:$PORT. thus we use -connect $NODE:$PORT instead! - NODEIP="$NODE" if [[ -n "$XMPP_HOST" ]]; then if ! "$HAS_XMPP"; then fatal "Your $OPENSSL does not support the \"-xmpphost\" option" $ERR_OSSLBIN @@ -18579,11 +18577,18 @@ determine_service() { prln_warning " IP address doesn't work for XMPP, trying PTR record $rDNS" # remove trailing . NODE=${rDNS%%.} - NODEIP=${rDNS%%.} else fatal "No DNS supplied and no PTR record available which I can try for XMPP" $ERR_DNSLOOKUP fi fi + if "$HAS_XMPP"; then + # small hack -- instead of changing calls all over the place + STARTTLS="$STARTTLS -xmpphost $NODE" + else + # If the XMPP name cannot be provided using -xmpphost, + # then it needs to be provided to the -connect option + NODEIP="$NODE" + fi fi elif [[ "$protocol" == postgres ]]; then # Check if openssl version supports postgres.