Change respons parsing to only look for the correct response code. Th…

…is solves the problem with servers either responding with 220 Go ahead with TLS or 220 Ready to start TLS (see RFC 3207 for confusion.)
kirei · Aug 27, 2013 · 9997e88 · 9997e88
1 parent 5a4c12e
commit 9997e88
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/utils/SSLyzeSSLConnection/StartTLS.py b/utils/SSLyzeSSLConnection/StartTLS.py
@@ -63,7 +63,7 @@ def connect(self):
         # Send a STARTTLS
         sock.send('STARTTLS\r\n')
         smtp_resp = sock.recv(2048)
-        if 'Ready to start TLS'  not in smtp_resp: 
+        if '220'  not in smtp_resp: 
             raise SSLHandshakeError('SMTP STARTTLS not supported ?')
 
         # Do the SSL handshake
@@ -128,4 +128,4 @@ def connect(self):
 
     def close(self):
         self.sock.close()
-
+
diff --git a/utils/ServersConnectivityTester.py b/utils/ServersConnectivityTester.py
@@ -317,11 +317,11 @@ def _connect_callback(self, s):
         s.send('EHLO sslyze.scan\r\n')
         if '250 ' not in s.recv(2048):
             raise InvalidTargetError(self._target_str, self.ERR_SMTP_REJECTED)
-                
+
         # Send a STARTTLS
         s.send('STARTTLS\r\n')
         smtp_resp = s.recv(2048)
-        if 'Ready to start TLS'  not in smtp_resp:
+        if '220' not in smtp_resp:
             raise InvalidTargetError(self._target_str,self.ERR_NO_SMTP_STARTTLS)