Relax STARTTLS FTP requirement

In rare? occassions where the STARTTLS FEAT request only displays AUTH instead of AUTH TLS, testssl.sh fails as it cannot upgrade to TLS. Required by RFC 4217 is only AUTH ("MUST"), AUTH TLS is optional ("should"), see section 6. This commit relaxes the presence of TLS after AUTH and it fixes #2132.
2024-12-29 04:49:44 +01:00 · 2022-04-27 13:34:03 +02:00 · 2022-04-27 13:34:03 +02:00 · 6c69fdbf4b
commit 6c69fdbf4b
parent ab33f6c0b6
1 changed files with 1 additions and 1 deletions
--- a/testssl.sh
+++ b/testssl.sh
@ -11044,7 +11044,7 @@ starttls_full_read(){

 starttls_ftp_dialog() {
     local -i ret=0
-     local reSTARTTLS='^ AUTH TLS'
+     local reSTARTTLS='^ AUTH'

     debugme echo "=== starting ftp STARTTLS dialog ==="
     starttls_full_read '^220-' '^220 '     ''                   "received server greeting" &&