From 9997e88802b4615bd86faa3861e6bdf218b3f8e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joachim=20Stro=CC=88mbergson?= Date: Tue, 27 Aug 2013 12:01:35 +0200 Subject: [PATCH] Change respons parsing to only look for the correct response code. This solves the problem with servers either responding with 220 Go ahead with TLS or 220 Ready to start TLS (see RFC 3207 for confusion.) --- utils/SSLyzeSSLConnection/StartTLS.py | 4 ++-- utils/ServersConnectivityTester.py | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/utils/SSLyzeSSLConnection/StartTLS.py b/utils/SSLyzeSSLConnection/StartTLS.py index 90f5e6d..3c80ff2 100644 --- a/utils/SSLyzeSSLConnection/StartTLS.py +++ b/utils/SSLyzeSSLConnection/StartTLS.py @@ -63,7 +63,7 @@ def connect(self): # Send a STARTTLS sock.send('STARTTLS\r\n') smtp_resp = sock.recv(2048) - if 'Ready to start TLS' not in smtp_resp: + if '220' not in smtp_resp: raise SSLHandshakeError('SMTP STARTTLS not supported ?') # Do the SSL handshake @@ -128,4 +128,4 @@ def connect(self): def close(self): self.sock.close() - \ No newline at end of file + diff --git a/utils/ServersConnectivityTester.py b/utils/ServersConnectivityTester.py index eb525cf..15d447c 100644 --- a/utils/ServersConnectivityTester.py +++ b/utils/ServersConnectivityTester.py @@ -317,11 +317,11 @@ def _connect_callback(self, s): s.send('EHLO sslyze.scan\r\n') if '250 ' not in s.recv(2048): raise InvalidTargetError(self._target_str, self.ERR_SMTP_REJECTED) - + # Send a STARTTLS s.send('STARTTLS\r\n') smtp_resp = s.recv(2048) - if 'Ready to start TLS' not in smtp_resp: + if '220' not in smtp_resp: raise InvalidTargetError(self._target_str,self.ERR_NO_SMTP_STARTTLS)