Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[master] Do not make Salt CLI to crash when there are IPv6 established connections #55583

Merged
merged 7 commits into from
Jan 12, 2020
Merged

[master] Do not make Salt CLI to crash when there are IPv6 established connections #55583

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
716a3cc
Do not crash when there are IPv6 established connections
meaksh May 7, 2019
6fdcd55
Add unit test for '_netlink_tool_remote_on'
meaksh May 7, 2019
d9b4878
Merge branch 'master' into master-prevent-crashing-if-ss-returns-ipv6…
dwoz Jan 1, 2020
c0f8790
Fix linter - redefined method
dwoz Jan 4, 2020
05d5f67
Merge branch 'master' into master-prevent-crashing-if-ss-returns-ipv6…
dwoz Jan 6, 2020
f89a3f4
Merge branch 'master' into master-prevent-crashing-if-ss-returns-ipv6…
dwoz Jan 7, 2020
1f9413b
Strip possible [] on IPv6 addresses returned by ss execution
meaksh Jan 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions salt/utils/network.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1454,7 +1454,7 @@ def _parse_tcp_line(line):

def _netlink_tool_remote_on(port, which_end):
'''
Returns set of ipv4 host addresses of remote established connections
Returns set of IPv4/IPv6 host addresses of remote established connections
on local or remote tcp port.

Parses output of shell 'ss' to get connections
Expand All @@ -1464,6 +1464,7 @@ def _netlink_tool_remote_on(port, which_end):
LISTEN 0 511 *:80 *:*
LISTEN 0 128 *:22 *:*
ESTAB 0 0 127.0.0.1:56726 127.0.0.1:4505
ESTAB 0 0 [::ffff:127.0.0.1]:41323 [::ffff:127.0.0.1]:4505
'''
remotes = set()
valid = False
Expand All @@ -1486,7 +1487,7 @@ def _netlink_tool_remote_on(port, which_end):
chunks = line.split()
remote_host, remote_port = chunks[4].rsplit(':', 1)

remotes.add(remote_host)
remotes.add(remote_host.strip("[]"))

if valid is False:
remotes = None
Expand Down
26 changes: 21 additions & 5 deletions tests/unit/utils/test_network.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,14 @@
ESTAB 0 0 ::ffff:1.2.3.4:5678 ::ffff:1.2.3.4:4505
'''

LINUX_NETLINK_SS_OUTPUT = '''\
State Recv-Q Send-Q Local Address:Port Peer Address:Port
TIME-WAIT 0 0 [::1]:8009 [::1]:40368
LISTEN 0 128 127.0.0.1:5903 0.0.0.0:*
ESTAB 0 0 [::ffff:127.0.0.1]:4506 [::ffff:127.0.0.1]:32315
ESTAB 0 0 192.168.122.1:4506 192.168.122.177:24545
'''

IPV4_SUBNETS = {True: ('10.10.0.0/24',),
False: ('10.10.0.0', '10.10.0.0/33', 'FOO', 9, '0.9.800.1000/24')}
IPV6_SUBNETS = {True: ('::1/128',),
Expand Down Expand Up @@ -487,6 +495,19 @@ def test_freebsd_remotes_on_with_fat_pid(self):
remotes = network._freebsd_remotes_on('4506', 'remote')
self.assertEqual(remotes, set(['127.0.0.1']))

def test_netlink_tool_remote_on_a(self):
with patch('salt.utils.platform.is_sunos', lambda: False):
with patch('salt.utils.platform.is_linux', lambda: True):
with patch('subprocess.check_output',
return_value=LINUX_NETLINK_SS_OUTPUT):
remotes = network._netlink_tool_remote_on('4506', 'local')
self.assertEqual(remotes, set(['192.168.122.177', '::ffff:127.0.0.1']))

def test_netlink_tool_remote_on_b(self):
with patch('subprocess.check_output', return_value=NETLINK_SS):
remotes = network._netlink_tool_remote_on('4505', 'remote_port')
self.assertEqual(remotes, set(['127.0.0.1', '::ffff:1.2.3.4']))

def test_generate_minion_id_distinct(self):
'''
Test if minion IDs are distinct in the pool.
Expand Down Expand Up @@ -671,8 +692,3 @@ def test_generate_minion_id_with_long_hostname(self):
# An exception is raised if unicode is passed to socket.getfqdn
minion_id = network.generate_minion_id()
assert minion_id != '', minion_id

def test_netlink_tool_remote_on(self):
with patch('subprocess.check_output', return_value=NETLINK_SS):
remotes = network._netlink_tool_remote_on('4505', 'remote_port')
self.assertEqual(remotes, set(['127.0.0.1', '::ffff:1.2.3.4']))