Hello,

as part of an effort to support IPv6, we are now ready to provide
patches for openssl to replace IPv4-only routines and structures
(gethostbyname, char ip[4], sockaddr_in) by a more generic and
AF-agnostic ones. The IPv6 issues are being logged in a bug

https://bugzilla.redhat.com/bugzilla....cgi?id=198737

I sent a patch for the apps/* part a while ago to the openssl's
Request Tracker.

Another part of openssl source that could use a change are the BIO_*
routines. The preliminary patch is in the Bugzilla at

https://bugzilla.redhat.com/bugzilla....cgi?id=132350

(I can forward it to openssl-dev@ or rt@ if you prefer).

The primary concern is a change in API/ABI, namely removal of three
functions: BIO_get_host_ip, BIO_get_port, and BIO_gethostbyname. They
are not documented in doc/crypto/BIO_s_connect.pod and the change in
logic, using getaddrinfo which can return multiple results, makes them
not needed by the other BIO_* functions.

Is removing those three functions (it the patch using #if 0 ...
#endif) okay, or is it out of question as they might be used by
external software, even if they are not documented? If they need to
stay, could you please give me a hint of what their exact semantics
should be, provided that getaddrinfo can return multiple results, with
different address families?

As for the BIO_set_conn_ip/BIO_get_conn_ip functions, they
obviously cannot be used for the IPv6 connections. The patch adds two
new functions, *_ipv6, but maybe even more generic approach is called
for?

Yours,

--
Jan Pazdziora
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org