URL: https://github.com/freeipa/freeipa/pull/753 Author: MartinBasti Title: #753: Check CA status: add HTTP timeout Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/753/head:pr753 git checkout pr753
From 1c0d760de5b882c819d96ef0ce791fe7557208b4 Mon Sep 17 00:00:00 2001 From: Martin Basti <mba...@redhat.com> Date: Tue, 2 May 2017 19:24:16 +0200 Subject: [PATCH 1/2] http_request: add timeout option httplib.HTTPConnection supports timeout option so _httplib_request can be updated to allow passing connection keyword arguments to connection_factory. We need connection timeout for cases when reply from server is not received on time to ask again and not to wait for infinity. https://pagure.io/freeipa/issue/6766 --- ipapython/dogtag.py | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py index 48232a9..21d58a9 100644 --- a/ipapython/dogtag.py +++ b/ipapython/dogtag.py @@ -163,9 +163,10 @@ def connection_factory(host, port): method=method, headers=headers) -def http_request(host, port, url, **kw): +def http_request(host, port, url, timeout=None, **kw): """ :param url: The path (not complete URL!) to post to. + :param timeout: Timeout in seconds for waiting for reply. :param kw: Keyword arguments to encode into POST body. :return: (http_status, http_headers, http_body) as (integer, dict, str) @@ -173,21 +174,32 @@ def http_request(host, port, url, **kw): Perform an HTTP request. """ body = urlencode(kw) + if timeout is None: + conn_opt = {} + else: + conn_opt = {"timeout": timeout} + return _httplib_request( - 'http', host, port, url, httplib.HTTPConnection, body) + 'http', host, port, url, httplib.HTTPConnection, body, + connection_options=conn_opt) def _httplib_request( protocol, host, port, path, connection_factory, request_body, - method='POST', headers=None): + method='POST', headers=None, connection_options=None): """ :param request_body: Request body :param connection_factory: Connection class to use. Will be called with the host and port arguments. :param method: HTTP request method (default: 'POST') + :param connection_options: a dictionary that will be passed to + connection_factory as keyword arguments. Perform a HTTP(s) request. """ + if connection_options is None: + connection_options = {} + uri = u'%s://%s%s' % (protocol, ipautil.format_netloc(host, port), path) root_logger.debug('request %s %s', method, uri) root_logger.debug('request body %r', request_body) @@ -200,7 +212,7 @@ def _httplib_request( headers['content-type'] = 'application/x-www-form-urlencoded' try: - conn = connection_factory(host, port) + conn = connection_factory(host, port, **connection_options) conn.request(method, uri, body=request_body, headers=headers) res = conn.getresponse() From cf243bbb518670fd5ee073fcf5dc3f6a161e9ee3 Mon Sep 17 00:00:00 2001 From: Martin Basti <mba...@redhat.com> Date: Tue, 2 May 2017 19:52:13 +0200 Subject: [PATCH 2/2] ca_status: add HTTP timeout 30 seconds CA sometimes "forgot to answer" so we have to add timeout for http connection and ask again rather than wait for infinity. https://pagure.io/freeipa/issue/6766 --- ipalib/constants.py | 2 ++ ipapython/dogtag.py | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/ipalib/constants.py b/ipalib/constants.py index e604bb4..5279b64 100644 --- a/ipalib/constants.py +++ b/ipalib/constants.py @@ -140,6 +140,8 @@ # Time to wait for a service to start, in seconds ('startup_timeout', 300), + # How long http connection should wait for reply [seconds]. + ('http_timeout', 30), # Web Application mount points ('mount_ipa', '/ipa/'), diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py index 21d58a9..28f78b5 100644 --- a/ipapython/dogtag.py +++ b/ipapython/dogtag.py @@ -123,7 +123,9 @@ def ca_status(ca_host=None): if ca_host is None: ca_host = api.env.ca_host status, _headers, body = http_request( - ca_host, 8080, '/ca/admin/ca/getStatus') + ca_host, 8080, '/ca/admin/ca/getStatus', + # timeout: CA sometimes forgot to answer, we have to try again + timeout=api.env.http_timeout) if status == 503: # Service temporarily unavailable return status
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code