From e89d1c82bb6830c1f80155b609187587b1b45325 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Mon, 22 Jan 2024 23:21:12 +0100
Subject: [PATCH] tlsproxy: bind on 127.0.0.1 explicitly to avoid ipv6 issues

---
 tlsproxy | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tlsproxy b/tlsproxy
index d6a845c..72efd90 100755
--- a/tlsproxy
+++ b/tlsproxy
@@ -38,10 +38,10 @@ pass $PREFIX/consul$YEAR.crt > $CERTDIR/consul.crt
 pass $PREFIX/consul$YEAR-client.crt > $CERTDIR/consul-client.crt
 pass $PREFIX/consul$YEAR-client.key > $CERTDIR/consul-client.key
 
-socat -dd tcp-listen:4646,reuseaddr,fork,bind=localhost openssl:localhost:14646,cert=$CERTDIR/nomad-client.crt,key=$CERTDIR/nomad-client.key,cafile=$CERTDIR/nomad.crt,verify=0 &
+socat -dd tcp-listen:4646,reuseaddr,fork,bind=127.0.0.1 openssl:localhost:14646,cert=$CERTDIR/nomad-client.crt,key=$CERTDIR/nomad-client.key,cafile=$CERTDIR/nomad.crt,verify=0 &
 child1=$!
 
-socat -dd tcp-listen:8500,reuseaddr,fork,bind=localhost openssl:localhost:8501,cert=$CERTDIR/consul-client.crt,key=$CERTDIR/consul-client.key,cafile=$CERTDIR/consul.crt,verify=0 &
+socat -dd tcp-listen:8500,reuseaddr,fork,bind=127.0.0.1 openssl:localhost:8501,cert=$CERTDIR/consul-client.crt,key=$CERTDIR/consul-client.key,cafile=$CERTDIR/consul.crt,verify=0 &
 child2=$!
 
 wait "$child1"