Re: OpenSSL 1.0.0 BIO_new_accept _only_ binds to IPV6 interface?
Thanks. Finally got an opportunity to reboot the machine and install the new OpenSSL. This patch works correctly for me. Thanks, Justin On 08/05/11 19:02, Michael Tüxen wrote: On May 7, 2011, at 11:14 PM, Justin Schoeman wrote: Michael Tüxen wrote: On May 7, 2011, at 10:40 PM, Justin Schoeman wrote: William A. Rowe Jr. wrote: On 5/7/2011 7:16 AM, Justin Schoeman wrote: It does not matter which of these I try, openssl always binds to '::1:8008', which does not accept IPV4. I have tried various combinations of: BIO_new_accept(0.0.0.0:8008) This syntax should have bound to all IPv4 interfaces alone, so as Michael suggests, it's certainly a bug. Thanks. If I get a chance I will have a further look on Monday. Can I just post a patch here if I manage to figure it out? I know what is going on... I contacted Stephen to figure out what the correct behavior is for BIO_new_accept(8008) BIO_new_accept(*:8080) Currently it is platform specific whether it returns an IPv4 or IPv6 socket. The fix is that you need to add hint.ai_family = AI_PASSIVE; and depending on the semantic of the above hint.ai_family = AF_INET or hint.ai_family = AF_INET6 for the above cases in BIO_get_accept_socket(). As soon as I get an answer from Stephen, I provide a patch. Hi, the attached patch (submitted to the RT tracker) does the following: 1. BIO_new_accept(8008) will give an IPv4 or IPv6 socket, depending on the system. 2. BIO_new_accept(*:8080) will give an IPv4 socket. 3. BIO_new_accept(::8080) will give an IPv6 socket. Best regards Michael __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.0 BIO_new_accept _only_ binds to IPV6 interface?
Further information... I have read the source, and it says that either the port number (eg. 8008 alone, or '*:port number' (eg:*:8008) will bind to all interfaces, and '::portnumber' (eg ::8008) will bind to the IPV6 wildcard, which on most OSs will also accept IPV4 connections. It does not matter which of these I try, openssl always binds to '::1:8008', which does not accept IPV4. Does anybody have any idea how to convince openssl 1.0.0 to bind to an IPV4 wildcard interface? Thanks, Justin Justin Schoeman wrote: I have just compiled an application I wrote on an OpenSuse 11.3 box, with OpenSSL 1.0.0 installed. All other installations have been on previous OpenSuse installations, with OpenSSL 0.9.8x, and have worked fine. On the new box, the application call only binds to the IPV6 interface. Under 0.9.8, BIO_new_accept(8080) gives the following in netstat: tcp0 0 0.0.0.0:80800.0.0.0:* LISTEN And with 1.0.0, BIO_new_accept(8008) gives the following: tcp0 0 ::1:8008:::* LISTEN I have tried various combinations of: BIO_new_accept(0.0.0.0:8008) BIO_new_accept(8008) BIO_new_accept(*:8008) BIO_new_accept(127.0.0.1:8008) BIO_new_accept(localhost:8008) But nothing seems to work. Does anybody have an idea how to bet BIO_new_accept to listen on an IPV4 interface? Thanks, Justin __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.0 BIO_new_accept _only_ binds to IPV6 interface?
William A. Rowe Jr. wrote: On 5/7/2011 7:16 AM, Justin Schoeman wrote: It does not matter which of these I try, openssl always binds to '::1:8008', which does not accept IPV4. I have tried various combinations of: BIO_new_accept(0.0.0.0:8008) This syntax should have bound to all IPv4 interfaces alone, so as Michael suggests, it's certainly a bug. Thanks. If I get a chance I will have a further look on Monday. Can I just post a patch here if I manage to figure it out? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.0 BIO_new_accept _only_ binds to IPV6 interface?
Michael Tüxen wrote: On May 7, 2011, at 10:40 PM, Justin Schoeman wrote: William A. Rowe Jr. wrote: On 5/7/2011 7:16 AM, Justin Schoeman wrote: It does not matter which of these I try, openssl always binds to '::1:8008', which does not accept IPV4. I have tried various combinations of: BIO_new_accept(0.0.0.0:8008) This syntax should have bound to all IPv4 interfaces alone, so as Michael suggests, it's certainly a bug. Thanks. If I get a chance I will have a further look on Monday. Can I just post a patch here if I manage to figure it out? I know what is going on... I contacted Stephen to figure out what the correct behavior is for BIO_new_accept(8008) BIO_new_accept(*:8080) Currently it is platform specific whether it returns an IPv4 or IPv6 socket. The fix is that you need to add hint.ai_family = AI_PASSIVE; and depending on the semantic of the above hint.ai_family = AF_INET or hint.ai_family = AF_INET6 for the above cases in BIO_get_accept_socket(). As soon as I get an answer from Stephen, I provide a patch. Best regards Michael Great! Thanks! Justin __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OpenSSL 1.0.0 BIO_new_accept _only_ binds to IPV6 interface?
I have just compiled an application I wrote on an OpenSuse 11.3 box, with OpenSSL 1.0.0 installed. All other installations have been on previous OpenSuse installations, with OpenSSL 0.9.8x, and have worked fine. On the new box, the application call only binds to the IPV6 interface. Under 0.9.8, BIO_new_accept(8080) gives the following in netstat: tcp0 0 0.0.0.0:80800.0.0.0:* LISTEN And with 1.0.0, BIO_new_accept(8008) gives the following: tcp0 0 ::1:8008:::*LISTEN I have tried various combinations of: BIO_new_accept(0.0.0.0:8008) BIO_new_accept(8008) BIO_new_accept(*:8008) BIO_new_accept(127.0.0.1:8008) BIO_new_accept(localhost:8008) But nothing seems to work. Does anybody have an idea how to bet BIO_new_accept to listen on an IPV4 interface? Thanks, Justin __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
