Re: [Freeipa-devel] [PATCH] 021 Make the IPA installer IPv6 friendly
Jan Zelený wrote: Jakub Hrozek wrote: On 12/15/2010 10:55 AM, Jan Zelený wrote: Jakub Hrozek wrote: This is a first patch towards IPv6 support. Currently it only touches the installer only as other changes will be fully testable only when python-nss is IPv6 ready. Changes include: * parse records in dnsclient * also ask for records when verifying FQDN * do not use functions that are not IPv6 aware - notably socket.gethostbyname(). The complete list of functions was taken from http://www.akkadia.org/drepper/userapi-ipv6.html section "Interface Checklist" Nack, the patch doesn't handle situations when host cannot be resolved. Jan Thanks, it didn't handle the case in ipa-replica-install, now it should catch the exception and return None (and the caller would react upon getting None for the IP address). In krbinstance.py it would still raise an exception, but I think that is OK during instance creation (we surely don't want to print anything). The user would see the error string, anyway.. ack Jan pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 021 Make the IPA installer IPv6 friendly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/15/2010 10:55 AM, Jan Zelený wrote:
> Jakub Hrozek wrote:
>> This is a first patch towards IPv6 support. Currently it only touches
>> the installer only as other changes will be fully testable only when
>> python-nss is IPv6 ready.
>>
>> Changes include:
>> * parse records in dnsclient
>> * also ask for records when verifying FQDN
>> * do not use functions that are not IPv6 aware - notably
>>socket.gethostbyname(). The complete list of functions was taken
>>from http://www.akkadia.org/drepper/userapi-ipv6.html
>>section "Interface Checklist"
>
> Nack, the patch doesn't handle situations when host cannot be resolved.
>
> Jan
>
Thanks, it didn't handle the case in ipa-replica-install, now it should
catch the exception and return None (and the caller would react upon
getting None for the IP address).
In krbinstance.py it would still raise an exception, but I think that is
OK during instance creation (we surely don't want to print anything).
The user would see the error string, anyway..
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk0KRO0ACgkQHsardTLnvCXAcQCfZgtSWyGo/gCOLPF0Imz0Ogu0
SnEAoOKsG5WTN38lRBr6mYIvDxXC8Vy4
=2QvT
-END PGP SIGNATURE-
From ba0b989bfd7d970eae7e5c728077e5f01a712ca4 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Wed, 1 Dec 2010 17:22:56 +0100
Subject: [PATCH] Make the IPA installer IPv6 friendly
Notable changes include:
* parse records in dnsclient
* also ask for records when verifying FQDN
* do not use functions that are not IPv6 aware - notably socket.gethostbyname()
The complete list of functions was taken from http://www.akkadia.org/drepper/userapi-ipv6.html
section "Interface Checklist"
---
install/tools/ipa-dns-install | 21 ---
install/tools/ipa-replica-install | 19 +--
install/tools/ipa-server-install | 27 +
ipapython/dnsclient.py| 19 ++-
ipaserver/install/installutils.py | 109 +++--
ipaserver/install/krbinstance.py |2 +-
6 files changed, 126 insertions(+), 71 deletions(-)
diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install
index 7ab5d2c..d4cd1eb 100755
--- a/install/tools/ipa-dns-install
+++ b/install/tools/ipa-dns-install
@@ -62,16 +62,19 @@ def parse_options():
def resolve_host(host_name):
ip = None
try:
-ip = socket.gethostbyname(host_name)
-
-if ip == "127.0.0.1" or ip == "::1":
-print "The hostname resolves to the localhost address (127.0.0.1/::1)"
-print "Please change your /etc/hosts file so that the hostname"
-print "resolves to the ip address of your network interface."
-print ""
-print "Please fix your /etc/hosts file and restart the setup program"
-return None
-
+addrinfos = socket.getaddrinfo(host_name, None,
+ socket.AF_UNSPEC, socket.SOCK_DGRAM)
+for ai in addrinfos:
+ip = ai[4][0]
+if ip == "127.0.0.1" or ip == "::1":
+print "The hostname resolves to the localhost address (127.0.0.1/::1)"
+print "Please change your /etc/hosts file so that the hostname"
+print "resolves to the ip address of your network interface."
+print ""
+print "Please fix your /etc/hosts file and restart the setup program"
+return None
+
+ip = addrinfos[0][4][0]
except:
print "Unable to lookup the IP address of the provided host"
return ip
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index d30f53e..d188ce0 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -126,12 +126,17 @@ def get_host_name(no_host_dns):
return hostname
def resolve_host(host_name):
-ip = socket.gethostbyname(host_name)
-
-if ip == "127.0.0.1" or ip == "::1":
-raise HostnameLocalhost
-
-return ip
+try:
+addrinfos = socket.getaddrinfo(host_name, None,
+ socket.AF_UNSPEC, socket.SOCK_STREAM)
+for ai in addrinfos:
+ip = ai[4][0]
+if ip == "127.0.0.1" or ip == "::1":
+raise HostnameLocalhost
+
+return addrinfos[0][4][0]
+except:
+return None
def set_owner(config, dir):
pw = pwd.getpwnam(config.ds_user)
@@ -239,6 +244,8 @@ def install_bind(config, options):
forwarders = ()
bind = bindinstance.BindInstance(dm_password=config.dirman_password)
ip_address = resolve_host(config.host_name)
+if not ip_address:
+sys.exit("Unable to resolve IP address for host name")
create_reverse = bindinstance.create_reverse(options.unattended)
bind.setup(config.host_name, ip_
[Freeipa-devel] [PATCH] 021 Make the IPA installer IPv6 friendly
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is a first patch towards IPv6 support. Currently it only touches the installer only as other changes will be fully testable only when python-nss is IPv6 ready. Changes include: * parse records in dnsclient * also ask for records when verifying FQDN * do not use functions that are not IPv6 aware - notably socket.gethostbyname(). The complete list of functions was taken from http://www.akkadia.org/drepper/userapi-ipv6.html section "Interface Checklist" -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0HR8IACgkQHsardTLnvCU/jQCePrBXG+2NTDmfq1y3BgQIaHMl eH8AnAivy5jA3YQP1JXznBg/IubD3lLG =m52C -END PGP SIGNATURE- From 66376ec364e5a5f5d42492d42412b4ea0893ea99 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 1 Dec 2010 17:22:56 +0100 Subject: [PATCH] Make the IPA installer IPv6 friendly Notable changes include: * parse records in dnsclient * also ask for records when verifying FQDN * do not use functions that are not IPv6 aware - notably socket.gethostbyname() The complete list of functions was taken from http://www.akkadia.org/drepper/userapi-ipv6.html section "Interface Checklist" --- install/tools/ipa-dns-install | 21 --- install/tools/ipa-replica-install | 14 +++-- install/tools/ipa-server-install | 27 + ipapython/dnsclient.py| 19 ++- ipaserver/install/installutils.py | 109 +++-- ipaserver/install/krbinstance.py |2 +- 6 files changed, 121 insertions(+), 71 deletions(-) diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install index bf6679e..a91938f 100755 --- a/install/tools/ipa-dns-install +++ b/install/tools/ipa-dns-install @@ -62,16 +62,19 @@ def parse_options(): def resolve_host(host_name): ip = None try: -ip = socket.gethostbyname(host_name) - -if ip == "127.0.0.1" or ip == "::1": -print "The hostname resolves to the localhost address (127.0.0.1/::1)" -print "Please change your /etc/hosts file so that the hostname" -print "resolves to the ip address of your network interface." -print "" -print "Please fix your /etc/hosts file and restart the setup program" -return None - +addrinfos = socket.getaddrinfo(host_name, None, + socket.AF_UNSPEC, socket.SOCK_DGRAM) +for ai in addrinfos: +ip = ai[4][0] +if ip == "127.0.0.1" or ip == "::1": +print "The hostname resolves to the localhost address (127.0.0.1/::1)" +print "Please change your /etc/hosts file so that the hostname" +print "resolves to the ip address of your network interface." +print "" +print "Please fix your /etc/hosts file and restart the setup program" +return None + +ip = addrinfos[0][4][0] except: print "Unable to lookup the IP address of the provided host" return ip diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 0c13ad0..5ff50f1 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -126,12 +126,14 @@ def get_host_name(no_host_dns): return hostname def resolve_host(host_name): -ip = socket.gethostbyname(host_name) - -if ip == "127.0.0.1" or ip == "::1": -raise HostnameLocalhost - -return ip +addrinfos = socket.getaddrinfo(host_name, None, + socket.AF_UNSPEC, socket.SOCK_STREAM) +for ai in addrinfos: +ip = ai[4][0] +if ip == "127.0.0.1" or ip == "::1": +raise HostnameLocalhost + +return addrinfos[0][4][0] def set_owner(config, dir): pw = pwd.getpwnam(config.ds_user) diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 0a1f1c5..7c1f3c2 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -279,19 +279,22 @@ def read_host_name(host_default,no_host_dns=False): return host_name def resolve_host(host_name): -ip = "" +ip = None try: -ip = socket.gethostbyname(host_name) - -if ip == "127.0.0.1" or ip == "::1": -print "The hostname resolves to the localhost address (127.0.0.1/::1)" -print "Please change your /etc/hosts file so that the hostname" -print "resolves to the ip address of your network interface." -print "The KDC service does not listen on localhost" -print "" -print "Please fix your /etc/hosts file and restart the setup program" -return None +addrinfos = socket.getaddrinfo(host_name, None, + socket.AF_UNSPEC, socket.SOCK_DGRAM) +
