Bug 601612

Summary: s_server doesn't listen for ipv6 connections
Product: Red Hat Enterprise Linux 6 Reporter: Miroslav Vadkerti <mvadkert>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Miroslav Vadkerti <mvadkert>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0CC: borgan, sgrubb
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssl-1.0.0-7.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-19 11:47:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 519903    

Description Miroslav Vadkerti 2010-06-08 10:18:05 UTC 
Description of problem:
I cannot connect to s_server with s_client using IPv6 address (or host resolved as IPv6 adress)

Version-Release number of selected component (if applicable):
openssl-1.0.0-2.el6

How reproducible:
always

Steps to Reproduce:
Have two IPv6 enabled machines, generate pem for s_server, add server with ipv6 address to /etc/hosts

1. openssl s_server
2. openssl s_client -host server
  
Actual results:
socket: Connection refused
connect:errno=111

Expected results:
Connection successful as with IPv4

Additional info:
Comment 1 Miroslav Vadkerti 2010-06-08 10:19:39 UTC 
Proposed blocker as IPv6 is a RHEL6 feature
Comment 2 Tomas Mraz 2010-06-08 10:40:59 UTC 
I don't think this is a blocker. Openssl s_server is just a debugging tool for testing interoperability of various TLS clients with the openssl TLS server. It has no ability to listen on two addresses simultaneously. If you configure the server host with IPv6 addresses only (including the loopback) it should work.

The only feasible way how to fix this is to add a new option which would cause it to listen only on a specified address.
Comment 3 Miroslav Vadkerti 2010-06-08 10:48:37 UTC 
Proposing for 6.1 according to comment #2
Comment 9 Tomas Mraz 2011-01-24 20:14:00 UTC 
I've made the s_server to listen on the IPv6 wildcard if available which automatically makes it to accept the IPv4 connections as well.
Comment 13 errata-xmlrpc 2011-05-19 11:47:40 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0677.html