mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-10-30 05:15:25 +01:00
1924c9a0a6
See previous commit This commit finally fixes #1005 so that either a --ssl-native scan terminates on the next (defined) occasion if there are network connectivity problems. It introduces another set of variables (MAX_OSSL_FAIL vs. NR_OSSL_FAIL). As "openssl s_client connect" is sometimes still being used without --ssl-native it also shortens the wait for regular scans if an outage is encountered. To make things easier bot sets (incl. *_SOCKET_FAIL) of variables are independent. For the seldom case that somebody uses --ssl-native with client checks an exception had to be made as otherwise only MAX_OSSL_FAIL client check would be performed. This hasn't been understood yet... As sometimes HTTP header requests (over OpenSSL) fail repeatedly in a way that an empty reply is returned, the same strategy of detecting problems is applied here, using MAX_HEADER_FAIL and NR_HEADER_FAIL. All three detection mechanisims share a new function connectivity_problem().