[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How do we best approach IPv6 for OpenSSL?



* Mats Erik Andersson | 2010-06-29 20:04:07 [+0200]:

>today I discovered to my dismay that the OpenSSL
>package lacks a fully implemented IPv6 capability.
>In fact, the software tries to catch most returns
>of IPv6 and reports them as errors.
>
>This state of affairs is making the release goal
>for full IPv6 support unattainable, as far as I
>understand things. Is there someone planning any-
>actions for OpenSSL? 
>
>I am aware that upstream of OpenSSl is not going
>in that direction, but in comparison, my presently
>oldest OpenBSD runs version 4.4, and there IPv6
>is fully applied on top of OpenSSL.

Well, bio_* to some extends is already IPv6 aware (configured with
OPENSSL_USE_IPV6) other components (s_{client, server}) still lacks IPv6
support. Mainly because changes must be multi-platform aware and it is still
horrible to implement IPv6 under M$. So changes for UNIX derived OS may be the
effort of several hours, where for M$ and other platforms the effort is not to
underestimate.

Not sure if there is currently any upstream effort. I do not track the actual
openssl development.

HGN


-- 
Hagen Paul Pfeifer <hagen@jauu.net>  ||  http://blog.jauu.net/
Telephone: +49 174 5455209           ||  Key Id: 0x98350C22
Key Fingerprint: 490F 557B 6C48 6D7E 5706 2EA2 4A22 8D45 9835 0C22
Always in motion, the future is. 


Reply to: