From 4d7aa5df8beb65c9e0d1ae66e2ad3a629db3e92f Mon Sep 17 00:00:00 2001 From: Dirk Date: Wed, 6 Dec 2017 12:48:55 +0100 Subject: [PATCH] Fix for POP3, robustness for STARTTLS POP3 STARTTLS handshakes were often unsuccessful as a regex wasn't properly escaped. Furthermore if a STARTTLS handshake doesn't succeed, there's a warning now. --- testssl.sh | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/testssl.sh b/testssl.sh index b9ec61b..96db685 100755 --- a/testssl.sh +++ b/testssl.sh @@ -7137,7 +7137,7 @@ starttls_just_read(){ } starttls_full_read(){ - starttls_read_data=() + local starttls_read_data=() local one_line="" local ret=0 local cont_pattern="$1" @@ -7160,6 +7160,11 @@ starttls_full_read(){ fi fi starttls_read_data+=("${one_line}") + if [[ $DEBUG -ge 4 ]]; then + echo "one_line: ${one_line}" + echo "end_pattern: ${end_pattern}" + echo "cont_pattern: ${cont_pattern}" + fi if [[ ${one_line} =~ ${end_pattern} ]]; then debugme echo "=== full read finished ===" IFS="${oldIFS}" @@ -7204,9 +7209,9 @@ starttls_smtp_dialog(){ starttls_pop3_dialog() { debugme echo "=== starting pop3 STARTTLS dialog ===" - starttls_full_read '$^' '^+OK' && debugme echo "received server greeting" && + starttls_full_read '^\+OK' '^\+OK' && debugme echo "received server greeting" && starttls_just_send 'STLS' && debugme echo "initiated STARTTLS" && - starttls_full_read '$^' '^+OK' && debugme echo "received ack for STARTTLS" + starttls_full_read '^\+OK' '^\+OK' && debugme echo "received ack for STARTTLS" local ret=$? debugme echo "=== finished pop3 STARTTLS dialog with ${ret} ===" return $ret @@ -7356,8 +7361,9 @@ EOF fatal "FIXME: STARTTLS protocol $STARTTLS_PROTOCOL is not yet supported" -4 esac fi - - return 0 + [[ $? -eq 0 ]] && return 0 + prln_warning "STARTTLS handshake failed" + return 1 }