From 8f6cd9ccc59428a051d2d3714c8611f08e159dce Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 12 Jun 2014 12:28:08 +0000
Subject: [PATCH] Restore STARTTLS support in ssl-ccs-injection

---
 scripts/ssl-ccs-injection.nse | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/scripts/ssl-ccs-injection.nse b/scripts/ssl-ccs-injection.nse
index 7351913ce..c5ffb9a1a 100644
--- a/scripts/ssl-ccs-injection.nse
+++ b/scripts/ssl-ccs-injection.nse
@@ -132,11 +132,21 @@ local function test_ccs_injection(host, port, version)
     })
 
   local status, err
-  local s = nmap.new_socket()
-  local status = s:connect(host, port)
-  if not status then
-    stdnse.print_debug(1, "Connection to server failed")
-    return false
+  local s
+  local specialized = sslcert.getPrepareTLSWithoutReconnect(port)
+  if specialized then
+    status, s = specialized(host, port)
+    if not status then
+      stdnse.print_debug(3, "Connection to server failed")
+      return
+    end
+  else
+    s = nmap.new_socket()
+    status = s:connect(host, port)
+    if not status then
+      stdnse.print_debug(3, "Connection to server failed")
+      return
+    end
   end
 
   -- Set a sufficiently large timeout