add --start-tls option

README.md

@@ -181,6 +181,11 @@ Options are:
    Using this extension may miss some supported cipher suites, if the
    server does not support EC-based suites without the client extension.
 
+ - `-st protocol`
+
+   Negotiate TLS on ports that do not have always-on TLS. The supported
+   protocols at this time ar `FTP` and `SMTP`.
+
  - `-text fname`
 
    Produce a text report (readable by humans) into the designated

Src/FullTest.cs

@@ -196,6 +196,15 @@ internal int ConnectionWait {
 		}
 	}
 
+	internal string StartTls {
+		get {
+			return startTls;
+		}
+		set {
+			startTls = value;
+		}
+	}
+
 	bool verbose;
 	TextWriter debugLog;
 	int minVersion;
@@ -210,6 +219,7 @@ internal int ConnectionWait {
 	bool proxSSL;
 	int readTimeout;
 	int connectionWait;
+	string startTls;
 
 	Report rp;
 	SSLTestBuilder tb;
@@ -601,6 +611,40 @@ internal Report Run()
 		return rp;
 	}
 
+	Stream PrepareStream(Stream stream)
+	{
+		if (startTls != null) {
+			StreamReader r = new StreamReader(stream);
+			StreamWriter w = new StreamWriter(stream);
+			switch (startTls) {
+				case "FTP":
+					w.AutoFlush = true;
+					r.ReadLine();
+					w.WriteLine("AUTH TLS");
+					r.ReadLine();
+					break;
+				case "SMTP":
+					w.AutoFlush = true;
+					string response;
+					do {response = r.ReadLine();} while (response[3] == '-');
+					w.WriteLine("EHLO TestSSLServer");
+					bool TlsEnabled = false;
+					do {
+						response = r.ReadLine();
+						TlsEnabled |= response.EndsWith("STARTTLS");
+					} while (response[3] == '-');
+					if (TlsEnabled)
+					{
+						w.WriteLine("STARTTLS");
+						do { response = r.ReadLine(); } while (response[3] == '-');
+					}
+					else throw new InvalidOperationException("TLS not supported");
+					break;
+			}
+		}
+		return stream;
+	}
+
 	Stream OpenConnection()
 	{
 		if (connectionWait > 0) {
@@ -609,7 +653,7 @@ Stream OpenConnection()
 
 		if (proxName == null) {
 			TcpClient tc = new TcpClient(serverName, serverPort);
-			return tc.GetStream();
+			return PrepareStream(tc.GetStream());
 		}
 
 		Stream ns = null;
@@ -624,7 +668,7 @@ Stream OpenConnection()
 			HTTPProx hp = new HTTPProx();
 			Stream ns2 = hp.DoProxy(ns, serverName, serverPort);
 			ns = null;
-			return ns2;
+			return PrepareStream(ns2);
 		} finally {
 			if (ns != null) {
 				try {

Src/TestSSLServer.cs

@@ -38,6 +38,8 @@ static void Usage()
 		Console.WriteLine(
 "  -noec             try connecting without a 'supported curves' extension");
 		Console.WriteLine(
+"  -st protocol      negotiate TLS connection (FTP, SMTP)");
+		Console.WriteLine(
 "  -text fname       write text report in file 'fname' ('-' = stdout)");
 		Console.WriteLine(
 "  -json fname       write JSON report in file 'fname' ('-' = stdout)");
@@ -187,6 +189,13 @@ static void Process(string[] args)
 				}
 				logName = args[i];
 				break;
+			case "-st":
+			case "--start-tls":
+				if (++ i >= args.Length) {
+					Usage();
+				}
+				ft.StartTls = args[i].ToUpperInvariant();
+				break;
 			default:
 				if (a.Length > 0 && a[0] == '-') {
 					Usage();