Edward Haas has uploaded a new change for review.
Change subject: net: Enable VDSM to listen on IPv6 addresses
......................................................................
net: Enable VDSM to listen on IPv6 addresses
VDSM should be able to listen on both IPv6 and IPv4
addresses.
Changes included in this patch:
- Enable the ability to accept connections on IPv6 addresses.
- Cover IPv6 connection handling on the unit tests.
Including SSL cerificates that cover IPv6.
Note: When the configuration (management_ip) is set with'::',
VDSM will listen on both IPv6 & IPv4 addresses.
Change-Id: Ia9c893d8f38f6abf183dcccbc2a5e328b492235e
Signed-off-by: Edward Haas <edwa...@redhat.com>
---
M lib/vdsm/config.py.in
M tests/makecert.sh
M tests/protocoldetectorTests.py
M vdsm/protocoldetector.py
4 files changed, 21 insertions(+), 13 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/19/51319/1
diff --git a/lib/vdsm/config.py.in b/lib/vdsm/config.py.in
index ce0ec47..1cca68e 100644
--- a/lib/vdsm/config.py.in
+++ b/lib/vdsm/config.py.in
@@ -360,7 +360,7 @@
'Port on which the vdsmd XMPRPC server listens to network '
'clients.'),
- ('management_ip', '0.0.0.0', 'Set to "::" to listen on IPv6.'),
+ ('management_ip', '::', 'Set to "::" to listen on IPv6.'),
('guests_gateway_ip', '', None),
diff --git a/tests/makecert.sh b/tests/makecert.sh
index 3444eed..376ed7b 100755
--- a/tests/makecert.sh
+++ b/tests/makecert.sh
@@ -15,13 +15,13 @@
openssl genrsa -des3 -passout $PASSWD -out $PASSKEYFILE 2048
openssl rsa -passin $PASSWD -in $PASSKEYFILE -out $KEYFILE
rm $PASSKEYFILE
-openssl req -new -key $KEYFILE -out $CSRFILE -subj
"/C=US/ST=Bar/L=Foo/O=Dis/CN=127.0.0.1"
+openssl req -new -key $KEYFILE -out $CSRFILE -subj
"/C=US/ST=Bar/L=Foo/O=Dis/CN=::1"
openssl x509 -req -days 365 -in $CSRFILE -signkey $KEYFILE -out $CRTFILE
openssl genrsa -des3 -passout $PASSWD -out $PASSKEYFILE 2048
openssl rsa -passin $PASSWD -in $PASSKEYFILE -out $OTHERKEYFILE
rm $PASSKEYFILE
-openssl req -new -key $OTHERKEYFILE -out $OTHERCSRFILE -subj
"/C=US/ST=Foo/L=Bar/O=Dis/CN=127.0.0.1"
+openssl req -new -key $OTHERKEYFILE -out $OTHERCSRFILE -subj
"/C=US/ST=Foo/L=Bar/O=Dis/CN=::1"
openssl x509 -req -days 365 -in $OTHERCSRFILE -signkey $OTHERKEYFILE -out
$OTHERCRTFILE
openssl pkcs12 -passout $PASSWD -export -in $CRTFILE -inkey $KEYFILE -out
$P12FILE
diff --git a/tests/protocoldetectorTests.py b/tests/protocoldetectorTests.py
index a3d4b71..eac2d98 100644
--- a/tests/protocoldetectorTests.py
+++ b/tests/protocoldetectorTests.py
@@ -137,6 +137,12 @@
self.check_detect(use_ssl, data, data)
@permutations(PERMUTATIONS)
+ def test_detect_echo6(self, use_ssl):
+ self.start_acceptor(use_ssl, address='::1')
+ data = "echo testing is fun\n"
+ self.check_detect(use_ssl, data, data)
+
+ @permutations(PERMUTATIONS)
def test_detect_uppercase(self, use_ssl):
self.start_acceptor(use_ssl)
data = "uppercase testing is fun\n"
@@ -203,31 +209,34 @@
# Helpers
- def start_acceptor(self, use_ssl):
+ def start_acceptor(self, use_ssl, address='127.0.0.1'):
self.reactor = Reactor()
self.acceptor = MultiProtocolAcceptor(
self.reactor,
- '127.0.0.1',
+ address,
0,
sslctx=self.SSLCTX if use_ssl else None
)
self.acceptor.TIMEOUT = 1
self.acceptor.add_detector(Echo())
self.acceptor.add_detector(Uppercase())
- self.acceptor_address = self.acceptor._acceptor.socket.getsockname()
+ self.acceptor_address = \
+ self.acceptor._acceptor.socket.getsockname()[0:2]
t = threading.Thread(target=self.reactor.process_requests)
t.deamon = True
t.start()
@contextmanager
def connect(self, use_ssl):
- s = socket.socket()
+ _host, _port = self.acceptor_address
+ _addr = socket.getaddrinfo(_host, _port, 0, socket.SOCK_STREAM)
+ s = socket.socket(_addr[0][0], _addr[0][1], _addr[0][2])
try:
s.settimeout(self.TIMEOUT)
if use_ssl:
s = ssl.wrap_socket(s, KEY_FILE, CRT_FILE, ca_certs=CRT_FILE,
server_side=False)
- s.connect(self.acceptor_address)
+ s.connect(_addr[0][4])
yield s
finally:
s.close()
diff --git a/vdsm/protocoldetector.py b/vdsm/protocoldetector.py
index 0bcc7a6..504d168 100644
--- a/vdsm/protocoldetector.py
+++ b/vdsm/protocoldetector.py
@@ -28,8 +28,7 @@
def _create_socket(host, port):
- addr = socket.getaddrinfo(host, port, socket.AF_INET,
- socket.SOCK_STREAM)
+ addr = socket.getaddrinfo(host, port, 0, socket.SOCK_STREAM)
if not addr:
raise socket.error("Could not translate address '%s:%s'"
% (host, str(port)))
@@ -69,7 +68,7 @@
else:
client.setblocking(0)
self.log.info("Accepting connection from %s:%d",
- *client.getpeername())
+ *client.getpeername()[0:2])
self._dispatcher_factory(client)
@@ -110,7 +109,7 @@
for detector in self._detectors:
if detector.detect(data):
- host, port = sock.getpeername()
+ host, port = sock.getpeername()[0:2]
self.log.info(
"Detected protocol %s from %s:%d",
detector.NAME,
@@ -168,7 +167,7 @@
self._sslctx = sslctx
self._reactor = reactor
sock = _create_socket(host, port)
- self._host, self._port = sock.getsockname()
+ self._host, self._port = sock.getsockname()[0:2]
self.log.info("Listening at %s:%d", self._host, self._port)
self._acceptor = self._reactor.create_dispatcher(
sock, _AcceptorImpl(self.handle_accept))
--
To view, visit https://gerrit.ovirt.org/51319
To unsubscribe, visit https://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia9c893d8f38f6abf183dcccbc2a5e328b492235e
Gerrit-PatchSet: 1
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Edward Haas <edwa...@redhat.com>
_______________________________________________
vdsm-patches mailing list
vdsm-patches@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
