openssl ipv6 support
Michael Cronenworth
mike at cchtml.com
Wed Mar 4 00:25:09 UTC 2009
Michael Cronenworth wrote:
> Anyone know if OpenSSL supports IPv6? All I've found is that it does
> not, which is a real bummer. I found a bug[1] that looks like it added
> IPv6 support, but when I test using the openssl command line argument
> it fails.
>
> If OpenSSL does support IPv6, then I'd be grateful to know where to
> look to work with the C ABI.
>
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=198737
>
Mk, if anyone is interested here's what I've discovered.
As disclosed in the Red Hat bug, back in 2006 a Red Hat developer tried
to push a patch to allow BIOs to support IPv6. This patch was rejected
in an unfriendly manner by an OpenSSL developer and was dropped.
In order to use IPv6 with OpenSSL, you have to manually setup bind(),
listen(), and accept() calls and link the resulting file descriptor to a
BIO with BIO_set_fd() instead of using BIO_do_accept() and then
everything will work normally.
It would be nice if the IPv6 BIO patch was brought in to OpenSSL. Maybe
I'll make a bug on it and ruffle some feathers...
More information about the fedora-list
mailing list