From bc1d2e5f7a587f5c957aaaa522699e352aa5542d Mon Sep 17 00:00:00 2001
From: deepend <deepend@tilde.club>
Date: Sun, 25 Jan 2026 18:26:20 -0700
Subject: [PATCH] Updated STS upgrade handling to fall back to the current
 connection port when servers omit a port in the STS capability, enabling TLS
 upgrades for non-TLS connections in that case.

---
 src/common/sts.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/common/sts.c b/src/common/sts.c
index 9d57a905..d5dae4bf 100644
--- a/src/common/sts.c
+++ b/src/common/sts.c
@@ -553,7 +553,15 @@ sts_handle_capability (struct server *serv, const char *value)
 	{
 		if (!has_port)
 		{
-			return FALSE;
+			if (serv->port > 0)
+			{
+				port = (guint16) serv->port;
+				has_port = TRUE;
+			}
+			else
+			{
+				return FALSE;
+			}
 		}
 #ifdef USE_OPENSSL
 		if (serv->sts_upgrade_in_progress)