Skip to content

Commit

Permalink
refactor: improve and align ftp tls error msg
Browse files Browse the repository at this point in the history
  • Loading branch information
@developStorm
developStorm committed Apr 11, 2024
1 parent 1e97dd8 commit 1fc756c
Showing 1 changed file with 11 additions and 11 deletions.
22 changes: 11 additions & 11 deletions modules/ftp/scanner.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,14 +216,14 @@ func (ftp *Connection) GetFTPSCertificates() error {
ftpsReady, err := ftp.SetupFTPS()

if err != nil {
return err
return fmt.Errorf("error setting up FTPS: %w", err)
}
if !ftpsReady {
return nil
}
var conn *zgrab2.TLSConnection
if conn, err = ftp.config.TLSFlags.GetTLSConnection(ftp.conn); err != nil {
return err
return fmt.Errorf("error setting up TLS connection: %w", err)
}
ftp.results.TLSLog = conn.GetLog()

Expand All @@ -232,20 +232,20 @@ func (ftp *Connection) GetFTPSCertificates() error {
// AUTH TLS succeeds, but the handshake fails, dumping
// "error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher"
// to the socket.
return err
return fmt.Errorf("TLS handshake failed: %w", err)
}
ftp.conn = conn
return nil
}

// Scan performs the configured scan on the FTP server, as follows:
// * Read the banner into results.Banner (if it is not a 2XX response, bail)
// * If the FTPAuthTLS flag is not set, finish.
// * Send the AUTH TLS command to the server. If the response is not 2XX, then
// send the AUTH SSL command. If the response is not 2XX, then finish.
// * Perform ths TLS handshake / any configured TLS scans, populating
// results.TLSLog.
// * Return SCAN_SUCCESS, &results, nil
// - Read the banner into results.Banner (if it is not a 2XX response, bail)
// - If the FTPAuthTLS flag is not set, finish.
// - Send the AUTH TLS command to the server. If the response is not 2XX, then
// send the AUTH SSL command. If the response is not 2XX, then finish.
// - Perform ths TLS handshake / any configured TLS scans, populating
// results.TLSLog.
// - Return SCAN_SUCCESS, &results, nil
func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) {
var err error
conn, err := t.Open(&s.config.BaseFlags)
Expand Down Expand Up @@ -279,7 +279,7 @@ func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result in
}
if s.config.FTPAuthTLS && is200Banner {
if err := ftp.GetFTPSCertificates(); err != nil {
return zgrab2.SCAN_APPLICATION_ERROR, &ftp.results, err
return zgrab2.TryGetScanStatus(err), &ftp.results, err
}
}
return zgrab2.SCAN_SUCCESS, &ftp.results, nil
Expand Down

0 comments on commit 1fc756c

Please sign in to comment.