Fix also IPv6 addresses for --nodns etc....

drwetter · drwetter · commit 57689611bf06 · 2025-07-22T14:38:42.000+02:00
Seems the patch in #2856 wasn't complete. So that it was forgotten to add also manually specified IPv6 addresses to the IP addresses to show and to scan. This makes sure it does, so this fixes #2854 finally. Also statements were added to reset do_ipv4_only and do_ipv6_only correctly so that later the output "Testing all IP** addresses" is correct.
diff --git a/testssl.sh b/testssl.sh
@@ -22385,24 +22385,20 @@ determine_ip_addresses() {
 
      # first, try to get IP addresses from /etc/hosts
      # Local_A[AAA] is for our UI
+
      ip4=$(get_local_a "$NODE")
+     ip6=$(get_local_aaaa "$NODE")
+
      if [[ -n "$ip4" ]]; then
           LOCAL_A=true
      else
           ip4="$(get_a_record "$NODE")"
      fi
-     ip6=$(get_local_aaaa "$NODE")
      if [[ -n "$ip6" ]]; then
           LOCAL_AAAA=true
      else
           ip6=$(get_aaaa_record "$NODE")
      fi
-     IPADDRs2SHOW=$(newline_to_spaces "$ip4 $ip6")
-
-     if [[ -n "$ip6" ]]; then
-          # sets IPv6_OK
-          shouldwedo_ipv6 $(head -1 <<< "$ip6")
-     fi
 
      if [[ -n "$CMDLINE_IP" ]]; then
           # command line has supplied an IP address or "one"
@@ -22436,6 +22432,13 @@ determine_ip_addresses() {
      fi
      IPADDRs2SHOW=$(newline_to_spaces "$ip4 $ip6")
 
+     # If $ip4 was empty, remove the leading blank
+     [[ ${IPADDRs2SHOW:0:1} == \   ]] && IPADDRs2SHOW=${IPADDRs2SHOW:1}
+     if [[ -n "$ip6" ]]; then
+          # sets IPv6_OK
+          shouldwedo_ipv6 $(head -1 <<< "$ip6")
+     fi
+
      if "$do_ipv4_only"; then
           if [[ -z "$ip4" ]]; then
                 fatal_cmd_line "No IPv4 addresses available, but IPv4-only scan requested" $ERR_CMDLINE
@@ -22456,13 +22459,29 @@ determine_ip_addresses() {
                [[ -z $IPADDRs2CHECK ]] && IPADDRs2CHECK="${addr}" || IPADDRs2CHECK="${IPADDRs2CHECK} ${addr}"
           done
      fi
-     # If scanning IPV6 doesn't work, put the address to show in round brackets to
+     # If scanning IPv6 doesn't work, put the address to show in round brackets to
      # signal the user / UI that those won't be scanned. We don't do that for IPv4, yet
      for addr in $IPADDRs2SHOW; do
           if is_ipv6addr $addr && ! "$IPv6_OK" ; then
                IPADDRs2SHOW=${IPADDRs2SHOW/$addr/($addr)}
           fi
      done
+     if [[ -z "$IPADDRs2CHECK" ]]; then
+          fatal_cmd_line "No IP address can be used" $ERR_RESOURCE
+     fi
+
+     # (Loose) check whether we have IPv6/IPv4 addresses to check and set the do_* variables correctly
+     # so that the output "Testing all IP** addresses" is correct
+     if [[ "$IPADDRs2CHECK" =~ ^([0-9a-fA-F]{1,4}:){1,7}[0-9a-fA-F]{1,4} ]]; then
+          if ! [[ "$IPADDRs2CHECK" =~ ^[0-9]{1,3}.[0-9]{1,3}.[0-9].{1,3}[0-9]{1,3}$ ]]; then
+               do_ipv6_only=true
+          fi
+     elif [[ "$IPADDRs2CHECK" =~ ^[0-9]{1,3}.[0-9]{1,3}.[0-9].{1,3}[0-9]{1,3}$ ]]; then
+          if ! [[ "$IPADDRs2CHECK" =~ ([0-9a-fA-F]{1,4}:){1,7}[0-9a-fA-F]{1,4} ]]; then
+               do_ipv4_only=true
+          fi
+     fi
+
      return 0
 }
 
