From 716a3cc5cd54595035bca6816d2e3b83d28b3a47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?= Date: Tue, 7 May 2019 15:33:51 +0100 Subject: [PATCH 1/4] Do not crash when there are IPv6 established connections --- salt/utils/network.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/salt/utils/network.py b/salt/utils/network.py index df299773e8ff..dc04a15954d6 100644 --- a/salt/utils/network.py +++ b/salt/utils/network.py @@ -1460,7 +1460,7 @@ def _parse_tcp_line(line): def _netlink_tool_remote_on(port, which_end): ''' - Returns set of ipv4 host addresses of remote established connections + Returns set of IPv4/IPv6 host addresses of remote established connections on local or remote tcp port. Parses output of shell 'ss' to get connections @@ -1470,6 +1470,7 @@ def _netlink_tool_remote_on(port, which_end): LISTEN 0 511 *:80 *:* LISTEN 0 128 *:22 *:* ESTAB 0 0 127.0.0.1:56726 127.0.0.1:4505 + ESTAB 0 0 [::ffff:127.0.0.1]:41323 [::ffff:127.0.0.1]:4505 ''' remotes = set() valid = False From 6fdcd555ad4d17829c6585c239fe44d8958f6d3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?= Date: Tue, 7 May 2019 15:56:10 +0100 Subject: [PATCH 2/4] Add unit test for '_netlink_tool_remote_on' --- tests/unit/utils/test_network.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/unit/utils/test_network.py b/tests/unit/utils/test_network.py index 6a940300b841..002841fe95aa 100644 --- a/tests/unit/utils/test_network.py +++ b/tests/unit/utils/test_network.py @@ -128,6 +128,14 @@ ESTAB 0 0 ::ffff:1.2.3.4:5678 ::ffff:1.2.3.4:4505 ''' +LINUX_NETLINK_SS_OUTPUT = '''\ +State Recv-Q Send-Q Local Address:Port Peer Address:Port +TIME-WAIT 0 0 [::1]:8009 [::1]:40368 +LISTEN 0 128 127.0.0.1:5903 0.0.0.0:* +ESTAB 0 0 [::ffff:127.0.0.1]:4506 [::ffff:127.0.0.1]:32315 +ESTAB 0 0 192.168.122.1:4506 192.168.122.177:24545 +''' + IPV4_SUBNETS = {True: ('10.10.0.0/24',), False: ('10.10.0.0', '10.10.0.0/33', 'FOO', 9, '0.9.800.1000/24')} IPV6_SUBNETS = {True: ('::1/128',), @@ -491,6 +499,14 @@ def test_freebsd_remotes_on_with_fat_pid(self): remotes = network._freebsd_remotes_on('4506', 'remote') self.assertEqual(remotes, set(['127.0.0.1'])) + def test_netlink_tool_remote_on(self): + with patch('salt.utils.platform.is_sunos', lambda: False): + with patch('salt.utils.platform.is_linux', lambda: True): + with patch('subprocess.check_output', + return_value=LINUX_NETLINK_SS_OUTPUT): + remotes = network._netlink_tool_remote_on('4506', 'local') + self.assertEqual(remotes, set(['192.168.122.177', '::ffff:127.0.0.1'])) + def test_generate_minion_id_distinct(self): ''' Test if minion IDs are distinct in the pool. From c0f8790f491d60f8f51d922ff610cc8ce50fd73b Mon Sep 17 00:00:00 2001 From: "Daniel A. Wozniak" Date: Sat, 4 Jan 2020 23:46:30 +0000 Subject: [PATCH 3/4] Fix linter - redefined method --- tests/unit/utils/test_network.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/unit/utils/test_network.py b/tests/unit/utils/test_network.py index 195c16d29d43..f12f7a1a25f8 100644 --- a/tests/unit/utils/test_network.py +++ b/tests/unit/utils/test_network.py @@ -495,7 +495,7 @@ def test_freebsd_remotes_on_with_fat_pid(self): remotes = network._freebsd_remotes_on('4506', 'remote') self.assertEqual(remotes, set(['127.0.0.1'])) - def test_netlink_tool_remote_on(self): + def test_netlink_tool_remote_on_a(self): with patch('salt.utils.platform.is_sunos', lambda: False): with patch('salt.utils.platform.is_linux', lambda: True): with patch('subprocess.check_output', @@ -503,6 +503,11 @@ def test_netlink_tool_remote_on(self): remotes = network._netlink_tool_remote_on('4506', 'local') self.assertEqual(remotes, set(['192.168.122.177', '::ffff:127.0.0.1'])) + def test_netlink_tool_remote_on_b(self): + with patch('subprocess.check_output', return_value=NETLINK_SS): + remotes = network._netlink_tool_remote_on('4505', 'remote_port') + self.assertEqual(remotes, set(['127.0.0.1', '::ffff:1.2.3.4'])) + def test_generate_minion_id_distinct(self): ''' Test if minion IDs are distinct in the pool. @@ -687,8 +692,3 @@ def test_generate_minion_id_with_long_hostname(self): # An exception is raised if unicode is passed to socket.getfqdn minion_id = network.generate_minion_id() assert minion_id != '', minion_id - - def test_netlink_tool_remote_on(self): - with patch('subprocess.check_output', return_value=NETLINK_SS): - remotes = network._netlink_tool_remote_on('4505', 'remote_port') - self.assertEqual(remotes, set(['127.0.0.1', '::ffff:1.2.3.4'])) From 1f9413b0226213e2205110ea7d6385daabfe5fa8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?= Date: Fri, 10 Jan 2020 09:14:54 +0000 Subject: [PATCH 4/4] Strip possible [] on IPv6 addresses returned by ss execution --- salt/utils/network.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/utils/network.py b/salt/utils/network.py index 066249afe342..56b04b2d0c37 100644 --- a/salt/utils/network.py +++ b/salt/utils/network.py @@ -1487,7 +1487,7 @@ def _netlink_tool_remote_on(port, which_end): chunks = line.split() remote_host, remote_port = chunks[4].rsplit(':', 1) - remotes.add(remote_host) + remotes.add(remote_host.strip("[]")) if valid is False: remotes = None