Relax STARTTLS FTP requirement

In rare? occassions where the STARTTLS FEAT request only displays AUTH instead of AUTH TLS, testssl.sh fails as it cannot upgrade to TLS. Required by RFC 4217 is only AUTH ("MUST"), AUTH TLS is optional ("should"), see section 6. This commit relaxes the presence of TLS after AUTH and it fixes #2132.
2025-10-31 05:45:26 +01:00 · 2022-04-27 13:34:03 +02:00
parent ab33f6c0b6
commit 6c69fdbf4b
1 changed files with 1 additions and 1 deletions
--- a/testssl.sh
+++ b/testssl.sh
@@ -11044,7 +11044,7 @@ starttls_full_read(){

 starttls_ftp_dialog() {
     local -i ret=0
-     local reSTARTTLS='^ AUTH TLS'
+     local reSTARTTLS='^ AUTH'

     debugme echo "=== starting ftp STARTTLS dialog ==="
     starttls_full_read '^220-' '^220 '     ''                   "received server greeting" &&