IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Tolerate UDP port failures in conncheck

Browse Source 
UDP port checks in ipa-replica-conncheck are too strict. The entire
conncheck fails when UDP ports cannot be verified as open. However,
UDP protocol is unrealiable by its nature and the port can also not
be checked if there is an application already bound to it. This can
happen for example when ipa-replica-conncheck is run as a part of
ipa-ca-install and the replica services are thus already running.

This patch changes the behavior of UDP port checks. The conncheck
script now rather reports a warning that UDP port cannot be verified
but does not fail the entire test.

https://fedorahosted.org/freeipa/ticket/2514
This commit is contained in:
Martin Kosek
2012-03-16 10:26:56 +01:00
committed by Rob Crittenden
parent 96c5551ace
commit 159e848d85
1 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
install/tools/ipa-replica-conncheck
View File

@@ -241,18 +241,29 @@ def port_check(host, port_list):
if not ip:
raise RuntimeError("Port check failed! Unable to resolve host name '%s'" % host)
failed_ports = []
ports_failed = []
ports_udp_warning = [] # conncheck could not verify that port is open
for port in port_list:
if ipautil.host_port_open(host, port.port, port.port_type, socket_timeout=CONNECT_TIMEOUT):
result = "OK"
else:
failed_ports.append(port)
if port.port_type == socket.SOCK_DGRAM:
ports_udp_warning.append(port)
result = "WARNING"
else:
ports_failed.append(port)
result = "FAILED"
print_info(" %s (%d): %s" % (port.description, port.port, result))
if failed_ports:
if ports_udp_warning:
print "The following UDP ports could not be verified as open: %s" \
% ", ".join(str(port.port) for port in ports_udp_warning)
print "This can happen if they are already bound to an application"
print "and ipa-replica-conncheck cannot attach own UDP responder."
if ports_failed:
msg_ports = []
for port in failed_ports:
for port in ports_failed:
port_type_text = "TCP" if port.port_type == SOCK_STREAM else "UDP"
msg_ports.append('%d (%s)' % (port.port, port_type_text))
raise RuntimeError("Port check failed! Inaccessible port(s): %s" \