Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR will enable IPv6 fully if available.
It was not enabled before as users were confronted with an error message when testssl.sh wanted (also) to scan IPv6 before but routing/configuration or whatsoever issues prevented that. This has been solved by introducing the function
shouldwedo_ipv6()
which checks whether we can reach the target via IPv6 -- tracked by the global IPv6_OK.The change is in line with tools like wget or curl in a sense that if IPv6 works it is just being used. Formally testssl.sh had to be instructed via -6 cmdline option, like nmap.
The latter is a breaking change, as the cmdline option meant before to check for RC4 ciphers.
Also HAS_IPv6, synonymous to -6 before, does not exist anymore.
As the command line option
--connect-timeout
seemed rather unspecific, it has been replaced by `--socket-timeout, also all internal variables.Fixes #2843
What is your pull request about?
If it's a code change please check the boxes which are applicable
help()