[Freeipa-devel] [PATCH] 049 Make nsslib IPv6 aware
Jakub Hrozek
jhrozek at redhat.com
Thu Feb 17 19:25:37 UTC 2011
On Wed, Feb 09, 2011 at 10:23:27AM +0100, Jan Zelený wrote:
> Jakub Hrozek <jhrozek at redhat.com> wrote:
> > On Thu, Feb 03, 2011 at 02:23:11PM +0100, Jan Zelený wrote:
> > > Jakub Hrozek <jhrozek at redhat.com> wrote:
> > > > Hi,
> > > >
> > > > attached is a patch to nsslib.py that changes its semantics so
> > > > it is able to work with different address families. It is the last
> > > > piece of IPv6 support.
> > > >
> > > > Aside from the hunks in the patch, I still need to set Requires: in the
> > > > patch (don't know the exact version yet). Also, the attached patch
> > > > always tries IPv4 first and only falls back to IPv6. I think there
> > > > should be a config option that tells IPA to prefer one of the address
> > > > families or use it exclusively for performance reasons.
> > > >
> > > > Please note that the patch requires the latest changes to python-nss
> > > > in order to work correctly. Since John is still working on python-nss
> > > > packages, this patch should be treated as a preview and not pushed even
> > > > if it is deemed OK. At this stage, I'd like to get at least the general
> > > > approach and code reviewed so I can fix it tomorrow.
> > > >
> > > > Thank you,
> > > >
> > > > Jakub
> > >
> > > The patch looks ok, all my questions answered off-list. Also tested with
> > > IPv4 (latest python-nss installed) and IPv6, both work fine.
> > >
> > > ACK
> > >
> > > Jan
> >
> > Thanks for the review. But attached is a new version of the patch that
> > changes the semantics a little based on what's recommended by the new
> > version of python-nss: don't construct the NetworkAddress object
> > manually, but rather resolve the hostname using the AddrInfo object and
> > then try connecting to the list of of NetworkAddress object manually.
>
> Changes consulted off-list, the patch looks good. Will do some more testing on
> RHEL6. Unless I find some issues, this patch is ACKed.
>
> Jan
>
One more change - bumped the minimum required version of python-nss to
0.11 which is in the nightly devel repo now.
More information about the Freeipa-devel
mailing list