Bug 601612 - s_server doesn't listen for ipv6 connections
Summary: s_server doesn't listen for ipv6 connections
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openssl
Version: 6.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: Miroslav Vadkerti
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 519903
TreeView+ depends on / blocked
 
Reported: 2010-06-08 10:18 UTC by Miroslav Vadkerti
Modified: 2011-05-19 11:47 UTC (History)
2 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2011-05-19 11:47:40 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:0677 normal SHIPPED_LIVE Moderate: openssl security, bug fix, and enhancement update 2011-05-19 11:47:28 UTC

Description Miroslav Vadkerti 2010-06-08 10:18:05 UTC
Description of problem:
I cannot connect to s_server with s_client using IPv6 address (or host resolved as IPv6 adress)

Version-Release number of selected component (if applicable):
openssl-1.0.0-2.el6

How reproducible:
always

Steps to Reproduce:
Have two IPv6 enabled machines, generate pem for s_server, add server with ipv6 address to /etc/hosts

1. openssl s_server
2. openssl s_client -host server
  
Actual results:
socket: Connection refused
connect:errno=111

Expected results:
Connection successful as with IPv4

Additional info:

Comment 1 Miroslav Vadkerti 2010-06-08 10:19:39 UTC
Proposed blocker as IPv6 is a RHEL6 feature

Comment 2 Tomas Mraz 2010-06-08 10:40:59 UTC
I don't think this is a blocker. Openssl s_server is just a debugging tool for testing interoperability of various TLS clients with the openssl TLS server. It has no ability to listen on two addresses simultaneously. If you configure the server host with IPv6 addresses only (including the loopback) it should work.

The only feasible way how to fix this is to add a new option which would cause it to listen only on a specified address.

Comment 3 Miroslav Vadkerti 2010-06-08 10:48:37 UTC
Proposing for 6.1 according to comment #2

Comment 9 Tomas Mraz 2011-01-24 20:14:00 UTC
I've made the s_server to listen on the IPv6 wildcard if available which automatically makes it to accept the IPv4 connections as well.

Comment 13 errata-xmlrpc 2011-05-19 11:47:40 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0677.html


Note You need to log in before you can comment on or make changes to this bug.