RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Description of problem:
I cannot connect to s_server with s_client using IPv6 address (or host resolved as IPv6 adress)

Version-Release number of selected component (if applicable):
openssl-1.0.0-2.el6

How reproducible:
always

Steps to Reproduce:
Have two IPv6 enabled machines, generate pem for s_server, add server with ipv6 address to /etc/hosts

1. openssl s_server
2. openssl s_client -host server
  
Actual results:
socket: Connection refused
connect:errno=111

Expected results:
Connection successful as with IPv4

Additional info:

Proposed blocker as IPv6 is a RHEL6 feature

I don't think this is a blocker. Openssl s_server is just a debugging tool for testing interoperability of various TLS clients with the openssl TLS server. It has no ability to listen on two addresses simultaneously. If you configure the server host with IPv6 addresses only (including the loopback) it should work.

The only feasible way how to fix this is to add a new option which would cause it to listen only on a specified address.

Proposing for 6.1 according to comment #2

I've made the s_server to listen on the IPv6 wildcard if available which automatically makes it to accept the IPv4 connections as well.

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0677.html