Merge pull request #1952 from drwetter/fix_1717

Look-ahead trick for -U --ids-friendly
2025-10-30 21:35:26 +01:00 · 2021-08-01 17:47:11 +02:00
parent a3ab6cd887 6cf7521184
commit b603d57146
1 changed files with 7 additions and 0 deletions
--- a/testssl.sh
+++ b/testssl.sh
@@ -22172,6 +22172,13 @@ parse_cmd_line() {
                    do_client_simulation=true
                    ;;
               -U|--vulnerable|--vulnerabilities)
+                    # Lookahead function: If the order of the cmdline is '-U --ids-friendly'
+                    # then we need to make sure we catch --ids-friendly. Normally we do not,
+                    # see #1717.  The following statement makes sure. In the do-while + case-esac
+                    # loop it will be execute again, but it does not hurt
+                    if [[ "${CMDLINE_ARRAY[@]}" =~ --ids-friendly ]]; then
+                         OFFENSIVE=false
+                    fi
                    do_vulnerabilities=true
                    do_heartbleed="$OFFENSIVE"
                    do_ccs_injection="$OFFENSIVE"