From c8c4da0d6f27d2a6e327224ce734b1ce3bb9c7d8 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Sat, 26 Mar 2016 13:42:12 +0000
Subject: [PATCH] Check for service name before port number to work on
 nonstandard ports

---
 nselib/sslcert.lua | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/nselib/sslcert.lua b/nselib/sslcert.lua
index 6d5be7ed7..1292dbaa0 100644
--- a/nselib/sslcert.lua
+++ b/nselib/sslcert.lua
@@ -646,10 +646,10 @@ function getPrepareTLSWithoutReconnect(port)
   if ( port.version and port.version.service_tunnel == 'ssl') then
     return nil
   end
-  return (SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT[port.number] or
-    SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT[port.service] or
-    SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.number] or
-    SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.service])
+  return (SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT[port.service] or
+    SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT[port.number] or
+    SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.service] or
+    SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.number])
 end
 
 --- Get a specialized SSL connection function to create an SSL socket
@@ -665,8 +665,8 @@ function isPortSupported(port)
   if ( port.version and port.version.service_tunnel == 'ssl') then
     return nil
   end
-  return (SPECIALIZED_PREPARE_TLS[port.number] or
-    SPECIALIZED_PREPARE_TLS[port.service])
+  return (SPECIALIZED_PREPARE_TLS[port.service] or
+    SPECIALIZED_PREPARE_TLS[port.number])
 end
 
 -- returns a function that yields a new tls record each time it is called
@@ -713,7 +713,7 @@ function getCertificate(host, port)
 
   local cert
   -- do we have to use a wrapper and do a manual handshake?
-  local wrapper = SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.number] or SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.service]
+  local wrapper = SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.service] or SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.number]
   if wrapper then
     local status, socket = wrapper(host, port)
     if not status then
@@ -779,7 +779,7 @@ function getCertificate(host, port)
     end
   else
     -- Is there a specialized function for this port?
-    local specialized = SPECIALIZED_PREPARE_TLS[port.number]
+    local specialized = SPECIALIZED_PREPARE_TLS[port.service] or SPECIALIZED_PREPARE_TLS[port.number]
     local status
     local socket = nmap.new_socket()
     if specialized then