On Mar 24, 2013, at 1:21 AM, Axel Rau <axel.rau@chaos1.de> wrote:

Am 24.03.2013 um 04:00 schrieb glyph@twistedmatrix.com:

On Mar 21, 2013, at 2:58 PM, Axel Rau <axel.rau@chaos1.de> wrote:

I see some IPv6 patches in backport, while getting

twisted.internet.error.CannotListenError: Couldn't listen on dead:beef:f:d::cc:8443: [Errno 43] Protocol not supported.

Is this expected to work in 4.2?

Yes, but only if your host actually has an IPv6 address. Do you?
Yes, its cp4.lrau.net.
So, I will have to debug that on my FreeBSD port. I first check, if the patch code in backport is being called...
Any suggestions welcome...

The backport is identical to the code in newer versions of Twisted, so it shouldn't matter. It would still be good to know for diagnostic purposes, of course.

If yes, does the TLS/cert code handle dual stack addresses?

Sure, that's at a totally different layer. TLS certificates are for a hostname, not an IP.
My experience is, that some server/client implementations check reverse mapping and fail if there is more than one address per fqdn:
[axels-macpro:~] axel% host cp4.lrau.net
cp4.lrau.net has address 91.216.35.77
cp4.lrau.net has IPv6 address 2a02:d40:2:2::77
[axels-macpro:~] axel% host 91.216.35.77
77.35.216.91.in-addr.arpa domain name pointer cp4.lrau.net.
[axels-macpro:~] axel% host 2a02:d40:2:2::77
7.7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0.2.0.0.0.0.4.d.0.2.0.a.2.ip6.arpa domain name pointercp4.lrau.net.
[axels-macpro:~] axel% ping6 cp4
PING6(56=40+8+8 bytes) 2a02:d40:2:10::121 --> 2a02:d40:2:2::77
16 bytes from 2a02:d40:2:2::77, icmp_seq=0 hlim=62 time=18.691 ms