added ip6 module into tls acceptor and added ip6 confs

.gitignore

@@ -20,3 +20,5 @@ rebar3.crashdump
 
 config/dev.config
 apps/epp_proxy/priv/test_backend_app/pidfile
+
+.DS_Store

Dockerfile

@@ -31,6 +31,8 @@ RUN apt-get update && apt-get install -y \
   libssl1.1=* \
   perl-base=* \
   zlib1g-dev \
+  net-tools \
+  iproute2 \
   && apt-get clean \
   && rm -rf /var/lib/apt/lists/*
 

apps/epp_proxy/src/epp_tls_acceptor.erl

@@ -25,7 +25,7 @@ init(Port) ->
 		      {active, false}, {reuseaddr, true},
 		      {verify, verify_peer}, {depth, 1},
 		      {cacertfile, ca_cert_file()}, {certfile, cert_file()},
-		      {keyfile, key_file()}],
+		      {keyfile, key_file()}, inet6],
     Options = handle_crl_check_options(DefaultOptions),
     {ok, ListenSocket} = ssl:listen(Port, Options),
     gen_server:cast(self(), accept),
@@ -33,6 +33,7 @@ init(Port) ->
      #state{socket = ListenSocket, port = Port,
 	    options = Options}}.
 
+
 %% Acceptor has only one state that goes in a loop:
 %% 1. Listen for a connection from anyone.
 %% 2. Ask supervisor to return a worker.

config/vm.args

@@ -4,3 +4,17 @@
 
 +K true
 +A30
+
+-proto_dist inet6_tls
+-ssl_dist_opt server_certfile "/opt/ca/certs/cert.pem"
+-ssl_dist_opt server_secure_renegotiate true
+-ssl_dist_opt client_secure_renegotiate true
+
+-proto_dist inet6_tls
+-ssl_dist_opt server_certfile "/opt/ca/certs/cert.pem"
+-ssl_dist_opt server_keyfile "/opt/ca/private/key.pem"
+-ssl_dist_opt cacertfile "/opt/ca/certs/ca.crt.pem"
+-ssl_dist_opt verify 1
+-ssl_dist_opt fail_if_no_peer_cert true
+-ssl_dist_opt server_secure_renegotiate true
+-ssl_dist_opt client_secure_renegotiate true