Edward Haas has uploaded a new change for review. Change subject: net: Enable VDSM to listen on IPv6 addresses ......................................................................
net: Enable VDSM to listen on IPv6 addresses VDSM should be able to listen on both IPv6 and IPv4 addresses. Changes included in this patch: - Enable the ability to accept connections on IPv6 addresses. - Cover IPv6 connection handling on the unit tests. Including SSL cerificates that cover IPv6. Note: When the configuration (management_ip) is set with'::', VDSM will listen on both IPv6 & IPv4 addresses. Change-Id: Ia9c893d8f38f6abf183dcccbc2a5e328b492235e Signed-off-by: Edward Haas <edwa...@redhat.com> --- M lib/vdsm/config.py.in M tests/makecert.sh M tests/protocoldetectorTests.py M vdsm/protocoldetector.py 4 files changed, 21 insertions(+), 13 deletions(-) git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/19/51319/1 diff --git a/lib/vdsm/config.py.in b/lib/vdsm/config.py.in index ce0ec47..1cca68e 100644 --- a/lib/vdsm/config.py.in +++ b/lib/vdsm/config.py.in @@ -360,7 +360,7 @@ 'Port on which the vdsmd XMPRPC server listens to network ' 'clients.'), - ('management_ip', '0.0.0.0', 'Set to "::" to listen on IPv6.'), + ('management_ip', '::', 'Set to "::" to listen on IPv6.'), ('guests_gateway_ip', '', None), diff --git a/tests/makecert.sh b/tests/makecert.sh index 3444eed..376ed7b 100755 --- a/tests/makecert.sh +++ b/tests/makecert.sh @@ -15,13 +15,13 @@ openssl genrsa -des3 -passout $PASSWD -out $PASSKEYFILE 2048 openssl rsa -passin $PASSWD -in $PASSKEYFILE -out $KEYFILE rm $PASSKEYFILE -openssl req -new -key $KEYFILE -out $CSRFILE -subj "/C=US/ST=Bar/L=Foo/O=Dis/CN=127.0.0.1" +openssl req -new -key $KEYFILE -out $CSRFILE -subj "/C=US/ST=Bar/L=Foo/O=Dis/CN=::1" openssl x509 -req -days 365 -in $CSRFILE -signkey $KEYFILE -out $CRTFILE openssl genrsa -des3 -passout $PASSWD -out $PASSKEYFILE 2048 openssl rsa -passin $PASSWD -in $PASSKEYFILE -out $OTHERKEYFILE rm $PASSKEYFILE -openssl req -new -key $OTHERKEYFILE -out $OTHERCSRFILE -subj "/C=US/ST=Foo/L=Bar/O=Dis/CN=127.0.0.1" +openssl req -new -key $OTHERKEYFILE -out $OTHERCSRFILE -subj "/C=US/ST=Foo/L=Bar/O=Dis/CN=::1" openssl x509 -req -days 365 -in $OTHERCSRFILE -signkey $OTHERKEYFILE -out $OTHERCRTFILE openssl pkcs12 -passout $PASSWD -export -in $CRTFILE -inkey $KEYFILE -out $P12FILE diff --git a/tests/protocoldetectorTests.py b/tests/protocoldetectorTests.py index a3d4b71..eac2d98 100644 --- a/tests/protocoldetectorTests.py +++ b/tests/protocoldetectorTests.py @@ -137,6 +137,12 @@ self.check_detect(use_ssl, data, data) @permutations(PERMUTATIONS) + def test_detect_echo6(self, use_ssl): + self.start_acceptor(use_ssl, address='::1') + data = "echo testing is fun\n" + self.check_detect(use_ssl, data, data) + + @permutations(PERMUTATIONS) def test_detect_uppercase(self, use_ssl): self.start_acceptor(use_ssl) data = "uppercase testing is fun\n" @@ -203,31 +209,34 @@ # Helpers - def start_acceptor(self, use_ssl): + def start_acceptor(self, use_ssl, address='127.0.0.1'): self.reactor = Reactor() self.acceptor = MultiProtocolAcceptor( self.reactor, - '127.0.0.1', + address, 0, sslctx=self.SSLCTX if use_ssl else None ) self.acceptor.TIMEOUT = 1 self.acceptor.add_detector(Echo()) self.acceptor.add_detector(Uppercase()) - self.acceptor_address = self.acceptor._acceptor.socket.getsockname() + self.acceptor_address = \ + self.acceptor._acceptor.socket.getsockname()[0:2] t = threading.Thread(target=self.reactor.process_requests) t.deamon = True t.start() @contextmanager def connect(self, use_ssl): - s = socket.socket() + _host, _port = self.acceptor_address + _addr = socket.getaddrinfo(_host, _port, 0, socket.SOCK_STREAM) + s = socket.socket(_addr[0][0], _addr[0][1], _addr[0][2]) try: s.settimeout(self.TIMEOUT) if use_ssl: s = ssl.wrap_socket(s, KEY_FILE, CRT_FILE, ca_certs=CRT_FILE, server_side=False) - s.connect(self.acceptor_address) + s.connect(_addr[0][4]) yield s finally: s.close() diff --git a/vdsm/protocoldetector.py b/vdsm/protocoldetector.py index 0bcc7a6..504d168 100644 --- a/vdsm/protocoldetector.py +++ b/vdsm/protocoldetector.py @@ -28,8 +28,7 @@ def _create_socket(host, port): - addr = socket.getaddrinfo(host, port, socket.AF_INET, - socket.SOCK_STREAM) + addr = socket.getaddrinfo(host, port, 0, socket.SOCK_STREAM) if not addr: raise socket.error("Could not translate address '%s:%s'" % (host, str(port))) @@ -69,7 +68,7 @@ else: client.setblocking(0) self.log.info("Accepting connection from %s:%d", - *client.getpeername()) + *client.getpeername()[0:2]) self._dispatcher_factory(client) @@ -110,7 +109,7 @@ for detector in self._detectors: if detector.detect(data): - host, port = sock.getpeername() + host, port = sock.getpeername()[0:2] self.log.info( "Detected protocol %s from %s:%d", detector.NAME, @@ -168,7 +167,7 @@ self._sslctx = sslctx self._reactor = reactor sock = _create_socket(host, port) - self._host, self._port = sock.getsockname() + self._host, self._port = sock.getsockname()[0:2] self.log.info("Listening at %s:%d", self._host, self._port) self._acceptor = self._reactor.create_dispatcher( sock, _AcceptorImpl(self.handle_accept)) -- To view, visit https://gerrit.ovirt.org/51319 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ia9c893d8f38f6abf183dcccbc2a5e328b492235e Gerrit-PatchSet: 1 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Edward Haas <edwa...@redhat.com> _______________________________________________ vdsm-patches mailing list vdsm-patches@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches