Re: [Freeipa-devel] [PATCH] 021 Make the IPA installer IPv6 friendly
Jan Zelený wrote: Jakub Hrozek wrote: On 12/15/2010 10:55 AM, Jan Zelený wrote: Jakub Hrozek wrote: This is a first patch towards IPv6 support. Currently it only touches the installer only as other changes will be fully testable only when python-nss is IPv6 ready. Changes include: * parse records in dnsclient * also ask for records when verifying FQDN * do not use functions that are not IPv6 aware - notably socket.gethostbyname(). The complete list of functions was taken from http://www.akkadia.org/drepper/userapi-ipv6.html section "Interface Checklist" Nack, the patch doesn't handle situations when host cannot be resolved. Jan Thanks, it didn't handle the case in ipa-replica-install, now it should catch the exception and return None (and the caller would react upon getting None for the IP address). In krbinstance.py it would still raise an exception, but I think that is OK during instance creation (we surely don't want to print anything). The user would see the error string, anyway.. ack Jan pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 021 Make the IPA installer IPv6 friendly
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/15/2010 10:55 AM, Jan Zelený wrote: > Jakub Hrozek wrote: >> This is a first patch towards IPv6 support. Currently it only touches >> the installer only as other changes will be fully testable only when >> python-nss is IPv6 ready. >> >> Changes include: >> * parse records in dnsclient >> * also ask for records when verifying FQDN >> * do not use functions that are not IPv6 aware - notably >>socket.gethostbyname(). The complete list of functions was taken >>from http://www.akkadia.org/drepper/userapi-ipv6.html >>section "Interface Checklist" > > Nack, the patch doesn't handle situations when host cannot be resolved. > > Jan > Thanks, it didn't handle the case in ipa-replica-install, now it should catch the exception and return None (and the caller would react upon getting None for the IP address). In krbinstance.py it would still raise an exception, but I think that is OK during instance creation (we surely don't want to print anything). The user would see the error string, anyway.. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0KRO0ACgkQHsardTLnvCXAcQCfZgtSWyGo/gCOLPF0Imz0Ogu0 SnEAoOKsG5WTN38lRBr6mYIvDxXC8Vy4 =2QvT -END PGP SIGNATURE- From ba0b989bfd7d970eae7e5c728077e5f01a712ca4 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 1 Dec 2010 17:22:56 +0100 Subject: [PATCH] Make the IPA installer IPv6 friendly Notable changes include: * parse records in dnsclient * also ask for records when verifying FQDN * do not use functions that are not IPv6 aware - notably socket.gethostbyname() The complete list of functions was taken from http://www.akkadia.org/drepper/userapi-ipv6.html section "Interface Checklist" --- install/tools/ipa-dns-install | 21 --- install/tools/ipa-replica-install | 19 +-- install/tools/ipa-server-install | 27 + ipapython/dnsclient.py| 19 ++- ipaserver/install/installutils.py | 109 +++-- ipaserver/install/krbinstance.py |2 +- 6 files changed, 126 insertions(+), 71 deletions(-) diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install index 7ab5d2c..d4cd1eb 100755 --- a/install/tools/ipa-dns-install +++ b/install/tools/ipa-dns-install @@ -62,16 +62,19 @@ def parse_options(): def resolve_host(host_name): ip = None try: -ip = socket.gethostbyname(host_name) - -if ip == "127.0.0.1" or ip == "::1": -print "The hostname resolves to the localhost address (127.0.0.1/::1)" -print "Please change your /etc/hosts file so that the hostname" -print "resolves to the ip address of your network interface." -print "" -print "Please fix your /etc/hosts file and restart the setup program" -return None - +addrinfos = socket.getaddrinfo(host_name, None, + socket.AF_UNSPEC, socket.SOCK_DGRAM) +for ai in addrinfos: +ip = ai[4][0] +if ip == "127.0.0.1" or ip == "::1": +print "The hostname resolves to the localhost address (127.0.0.1/::1)" +print "Please change your /etc/hosts file so that the hostname" +print "resolves to the ip address of your network interface." +print "" +print "Please fix your /etc/hosts file and restart the setup program" +return None + +ip = addrinfos[0][4][0] except: print "Unable to lookup the IP address of the provided host" return ip diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index d30f53e..d188ce0 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -126,12 +126,17 @@ def get_host_name(no_host_dns): return hostname def resolve_host(host_name): -ip = socket.gethostbyname(host_name) - -if ip == "127.0.0.1" or ip == "::1": -raise HostnameLocalhost - -return ip +try: +addrinfos = socket.getaddrinfo(host_name, None, + socket.AF_UNSPEC, socket.SOCK_STREAM) +for ai in addrinfos: +ip = ai[4][0] +if ip == "127.0.0.1" or ip == "::1": +raise HostnameLocalhost + +return addrinfos[0][4][0] +except: +return None def set_owner(config, dir): pw = pwd.getpwnam(config.ds_user) @@ -239,6 +244,8 @@ def install_bind(config, options): forwarders = () bind = bindinstance.BindInstance(dm_password=config.dirman_password) ip_address = resolve_host(config.host_name) +if not ip_address: +sys.exit("Unable to resolve IP address for host name") create_reverse = bindinstance.create_reverse(options.unattended) bind.setup(config.host_name, ip_
[Freeipa-devel] [PATCH] 021 Make the IPA installer IPv6 friendly
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is a first patch towards IPv6 support. Currently it only touches the installer only as other changes will be fully testable only when python-nss is IPv6 ready. Changes include: * parse records in dnsclient * also ask for records when verifying FQDN * do not use functions that are not IPv6 aware - notably socket.gethostbyname(). The complete list of functions was taken from http://www.akkadia.org/drepper/userapi-ipv6.html section "Interface Checklist" -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0HR8IACgkQHsardTLnvCU/jQCePrBXG+2NTDmfq1y3BgQIaHMl eH8AnAivy5jA3YQP1JXznBg/IubD3lLG =m52C -END PGP SIGNATURE- From 66376ec364e5a5f5d42492d42412b4ea0893ea99 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 1 Dec 2010 17:22:56 +0100 Subject: [PATCH] Make the IPA installer IPv6 friendly Notable changes include: * parse records in dnsclient * also ask for records when verifying FQDN * do not use functions that are not IPv6 aware - notably socket.gethostbyname() The complete list of functions was taken from http://www.akkadia.org/drepper/userapi-ipv6.html section "Interface Checklist" --- install/tools/ipa-dns-install | 21 --- install/tools/ipa-replica-install | 14 +++-- install/tools/ipa-server-install | 27 + ipapython/dnsclient.py| 19 ++- ipaserver/install/installutils.py | 109 +++-- ipaserver/install/krbinstance.py |2 +- 6 files changed, 121 insertions(+), 71 deletions(-) diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install index bf6679e..a91938f 100755 --- a/install/tools/ipa-dns-install +++ b/install/tools/ipa-dns-install @@ -62,16 +62,19 @@ def parse_options(): def resolve_host(host_name): ip = None try: -ip = socket.gethostbyname(host_name) - -if ip == "127.0.0.1" or ip == "::1": -print "The hostname resolves to the localhost address (127.0.0.1/::1)" -print "Please change your /etc/hosts file so that the hostname" -print "resolves to the ip address of your network interface." -print "" -print "Please fix your /etc/hosts file and restart the setup program" -return None - +addrinfos = socket.getaddrinfo(host_name, None, + socket.AF_UNSPEC, socket.SOCK_DGRAM) +for ai in addrinfos: +ip = ai[4][0] +if ip == "127.0.0.1" or ip == "::1": +print "The hostname resolves to the localhost address (127.0.0.1/::1)" +print "Please change your /etc/hosts file so that the hostname" +print "resolves to the ip address of your network interface." +print "" +print "Please fix your /etc/hosts file and restart the setup program" +return None + +ip = addrinfos[0][4][0] except: print "Unable to lookup the IP address of the provided host" return ip diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 0c13ad0..5ff50f1 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -126,12 +126,14 @@ def get_host_name(no_host_dns): return hostname def resolve_host(host_name): -ip = socket.gethostbyname(host_name) - -if ip == "127.0.0.1" or ip == "::1": -raise HostnameLocalhost - -return ip +addrinfos = socket.getaddrinfo(host_name, None, + socket.AF_UNSPEC, socket.SOCK_STREAM) +for ai in addrinfos: +ip = ai[4][0] +if ip == "127.0.0.1" or ip == "::1": +raise HostnameLocalhost + +return addrinfos[0][4][0] def set_owner(config, dir): pw = pwd.getpwnam(config.ds_user) diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 0a1f1c5..7c1f3c2 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -279,19 +279,22 @@ def read_host_name(host_default,no_host_dns=False): return host_name def resolve_host(host_name): -ip = "" +ip = None try: -ip = socket.gethostbyname(host_name) - -if ip == "127.0.0.1" or ip == "::1": -print "The hostname resolves to the localhost address (127.0.0.1/::1)" -print "Please change your /etc/hosts file so that the hostname" -print "resolves to the ip address of your network interface." -print "The KDC service does not listen on localhost" -print "" -print "Please fix your /etc/hosts file and restart the setup program" -return None +addrinfos = socket.getaddrinfo(host_name, None, + socket.AF_UNSPEC, socket.SOCK_DGRAM) +