From ea749d785b5ef9b6f69d09d8cedc64ca49ea1f9d Mon Sep 17 00:00:00 2001
From: tomsellers <tomsellers@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Sat, 25 Oct 2014 18:38:17 +0000
Subject: [PATCH] Fixed a bug in the sslcert.lua library that was triggered
 against certain services when version detection was used.

http://seclists.org/nmap-dev/2014/q4/110
---
 CHANGELOG          | 3 +++
 nselib/sslcert.lua | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/CHANGELOG b/CHANGELOG
index 30de92a80..eda541c69 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Fixed a bug in the sslcert.lua library that was triggered against
+  certain services when version detection was used. [Tom Sellers]
+  
 o [NSE] Added ssl-poodle to detect CVE-2014-3566 [Daniel Miller]
 
 o [NSE] vulns.Report:make_output() now generates XML structured output 
diff --git a/nselib/sslcert.lua b/nselib/sslcert.lua
index 311b0db32..bed258404 100644
--- a/nselib/sslcert.lua
+++ b/nselib/sslcert.lua
@@ -418,6 +418,9 @@ local SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT = {
 -- @param port A port table with 'number' and 'service' keys
 -- @return A STARTTLS function or nil
 function getPrepareTLSWithoutReconnect(port)
+  if ( port.version and port.version.service_tunnel == 'ssl') then
+    return nil
+  end
   return (SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT[port.number] or
     SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT[port.service])
 end
@@ -429,6 +432,9 @@ end
 -- @param port A port table with 'number' and 'service' keys
 -- @return A STARTTLS function or nil
 function isPortSupported(port)
+  if ( port.version and port.version.service_tunnel == 'ssl') then
+    return nil
+  end
   return (SPECIALIZED_PREPARE_TLS[port.number] or
     SPECIALIZED_PREPARE_TLS[port.service])
 end