URL: https://github.com/freeipa/freeipa/pull/955 Author: pvoborni Title: #955: host_port_open: revert to old behavior where one iface is sufficient Action: opened
PR body: """ Commit a24cd01304aaef77b66d0e178585c9ec8bbce9b5 Changed behavior of host_port_open to require all discovered interfaces to listed on the port. But usage of host_port_open function in wait_for_open_ports function which is indirectly used from service.start might be still ok with only one interface. Requiring all interfaces might then cause issue(waiting till timeout) in IPA upgrader in specific DNS or network setups. https://pagure.io/freeipa/issue/7083 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/955/head:pr955 git checkout pr955
From f5a11c38d26a01a4e15bf61f2094a78de5a5561c Mon Sep 17 00:00:00 2001 From: Petr Vobornik <pvobo...@redhat.com> Date: Wed, 2 Aug 2017 17:52:58 +0200 Subject: [PATCH] host_port_open: revert to old behavior where one iface is sufficient Commit https://pagure.io/freeipa/c/a24cd01304aaef77b66d0e178585c9ec8bbce9b5 Changed behavior of host_port_open to require all discovered interfaces to listed on the port. But usage of host_port_open function in wait_for_open_ports function which is indirectly used from service.start might be still ok with only one interface. Requiring all interfaces might then cause issue in IPA upgrader in specific DNS or network setups. https://pagure.io/freeipa/issue/7083 --- install/tools/ipa-replica-conncheck | 3 ++- ipapython/ipautil.py | 13 ++++++++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck index 9b92de3f66..3835548e98 100755 --- a/install/tools/ipa-replica-conncheck +++ b/install/tools/ipa-replica-conncheck @@ -382,7 +382,8 @@ def port_check(host, port_list): try: port_open = ipautil.host_port_open( host, port.port, port.port_type, - socket_timeout=CONNECT_TIMEOUT, log_errors=True) + socket_timeout=CONNECT_TIMEOUT, log_errors=True, + check_all_ifaces=True) except socket.gaierror: raise RuntimeError("Port check failed! Unable to resolve host name '%s'" % host) if port_open: diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index 1bb48d4fc2..6e61cad66b 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -959,14 +959,16 @@ def user_input(prompt, default = None, allow_empty = True): def host_port_open(host, port, socket_type=socket.SOCK_STREAM, - socket_timeout=None, log_errors=False): + socket_timeout=None, log_errors=False, + check_all_ifaces=False): """ host: either hostname or IP address; if hostname is provided, port MUST be open on ALL resolved IPs returns True is port is open, False otherwise """ - port_open = True + all_open = True + some_open = False # port has to be open on ALL resolved IPs for res in socket.getaddrinfo(host, port, socket.AF_UNSPEC, socket_type): @@ -983,9 +985,10 @@ def host_port_open(host, port, socket_type=socket.SOCK_STREAM, if socket_type == socket.SOCK_DGRAM: s.send('') s.recv(512) - except socket.error: - port_open = False + some_open = True + except socket.error: + all_open = False if log_errors: msg = ('Failed to connect to port %(port)d %(proto)s on ' '%(addr)s' % dict(port=port, @@ -1002,7 +1005,7 @@ def host_port_open(host, port, socket_type=socket.SOCK_STREAM, if s is not None: s.close() - return port_open + return all_open if check_all_ifaces else some_open def reverse_record_exists(ip_address):
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
