You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR will enable IPv6 fully if available.
It was not enabled before as users were confronted with an error message when
testssl.sh wanted (also) to scan IPv6 before but routing/configuration or
whatsoever issues prevented that. This has been solved by introducing the function
`shouldwedo_ipv6()` which checks whether we can reach the target via IPv6 --
tracked be the global IPv6_OK.
The change is in line with tools like wget or curl in a sense that if IPv6 works
it is just being used. Formally testssl.sh had to be instructed via -6 cmdline
option, like nmap.
* \-6 is now the switch to do IPv6 scans only
* \-4 is now the switch to do IPv4 scans only
The latter is a *breaking change*, as the cmdline option meant before to check
for RC4 ciphers.
Also HAS_IPv6, synonymous to -6 before, does not exist anymore.
As the command line option `--connect-timeout` seemed rather unspecific,
it has been replaced by `--socket-timeout, also all internal variables.
Todo:
* man pages
* dashed lines appear too long
0 commit comments