From: Tomas Mraz Date: Wed, 23 Aug 2023 20:24:45 +0000 (+0200) Subject: The canonical localhost IPv6 address is [::1] not [::] X-Git-Tag: openssl-3.2.0-alpha1~144 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7a12e7af0fccb51b0a569a1b27de5cd877c966b1;p=thirdparty%2Fopenssl.git The canonical localhost IPv6 address is [::1] not [::] Reviewed-by: Hugo Landau Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/21825) --- diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in index e39c7bede5a..6aca2ae71e5 100644 --- a/doc/man1/openssl-cmp.pod.in +++ b/doc/man1/openssl-cmp.pod.in @@ -475,7 +475,7 @@ Reason numbers defined in RFC 5280 are: The I domain name or IP address and optionally I of the CMP server to connect to using HTTP(S). -IP address may be for v4 or v6, such as C<127.0.0.1> or C<[::]> for localhost. +IP address may be for v4 or v6, such as C<127.0.0.1> or C<[::1]> for localhost. This option excludes I<-port> and I<-use_mock_srv>. It is ignored if I<-rspin> is given with enough filename arguments. @@ -1042,7 +1042,7 @@ This excludes the B<-server> and B<-port> options. =item B<-port> I Act as HTTP-based CMP server mock-up listening on the given local port. -The client may address the server via, e.g., C<127.0.0.1> or C<[::]>. +The client may address the server via, e.g., C<127.0.0.1> or C<[::1]>. This option excludes the B<-server> and B<-use_mock_srv> options. The B<-rspin>, B<-rspout>, B<-reqin>, and B<-reqout> options so far are not supported in this mode. diff --git a/doc/man1/openssl-ocsp.pod.in b/doc/man1/openssl-ocsp.pod.in index 183a02098b0..d45abab1e05 100644 --- a/doc/man1/openssl-ocsp.pod.in +++ b/doc/man1/openssl-ocsp.pod.in @@ -178,7 +178,7 @@ For details, see the B<-host> and B<-path> options described next. If the B<-host> option is present then the OCSP request is sent to the host I on port I. The I may be a domain name or an IP (v4 or v6) address, -such as C<127.0.0.1> or C<[::]> for localhost. +such as C<127.0.0.1> or C<[::1]> for localhost. The B<-path> option specifies the HTTP pathname to use or "/" by default. This is equivalent to specifying B<-url> with scheme http:// and the given I, I, and optional I. diff --git a/test/recipes/80-test_cmp_http_data/test_connection.csv b/test/recipes/80-test_cmp_http_data/test_connection.csv index 52a39383d74..3c0a598d11c 100644 --- a/test/recipes/80-test_cmp_http_data/test_connection.csv +++ b/test/recipes/80-test_cmp_http_data/test_connection.csv @@ -3,7 +3,7 @@ expected,description, -section,val, -server,val, -proxy,val, -no_proxy,val, -tls ,,,,,,,,,,,,,,,,,,, 1,default config, -section,,,,,,,,BLANK,,,,BLANK,,BLANK,,BLANK, 1,server domain name, -section,, -server,localhost:_SERVER_PORT,,,,,,,,,,,,,, -1,server IPv6 address, -section,, -server,[::]:_SERVER_PORT,,,,,,,,,,,,,, +1,server IPv6 address, -section,, -server,[::1]:_SERVER_PORT,,,,,,,,,,,,,, ,,,,,,,,,,,,,,,,,,, 0,wrong server, -section,, -server,xn--rksmrgs-5wao1o.example.com:_SERVER_PORT,,,,,BLANK,,,, -msg_timeout,1,BLANK,,BLANK, 0,wrong server port, -section,, -server,_SERVER_HOST:99,,,,,BLANK,,,, -msg_timeout,1,BLANK,,BLANK,