[Freeipa-devel] [PATCH] 049 Make nsslib IPv6 aware
Rob Crittenden
rcritten at redhat.com
Mon Feb 21 19:52:55 UTC 2011
Jakub Hrozek wrote:
> On Thu, Feb 17, 2011 at 08:25:37PM +0100, Jakub Hrozek wrote:
>> On Wed, Feb 09, 2011 at 10:23:27AM +0100, Jan Zelený wrote:
>>> Jakub Hrozek<jhrozek at redhat.com> wrote:
>>>> On Thu, Feb 03, 2011 at 02:23:11PM +0100, Jan Zelený wrote:
>>>>> Jakub Hrozek<jhrozek at redhat.com> wrote:
>>>>>> Hi,
>>>>>>
>>>>>> attached is a patch to nsslib.py that changes its semantics so
>>>>>> it is able to work with different address families. It is the last
>>>>>> piece of IPv6 support.
>>>>>>
>>>>>> Aside from the hunks in the patch, I still need to set Requires: in the
>>>>>> patch (don't know the exact version yet). Also, the attached patch
>>>>>> always tries IPv4 first and only falls back to IPv6. I think there
>>>>>> should be a config option that tells IPA to prefer one of the address
>>>>>> families or use it exclusively for performance reasons.
>>>>>>
>>>>>> Please note that the patch requires the latest changes to python-nss
>>>>>> in order to work correctly. Since John is still working on python-nss
>>>>>> packages, this patch should be treated as a preview and not pushed even
>>>>>> if it is deemed OK. At this stage, I'd like to get at least the general
>>>>>> approach and code reviewed so I can fix it tomorrow.
>>>>>>
>>>>>> Thank you,
>>>>>>
>>>>>> Jakub
>>>>>
>>>>> The patch looks ok, all my questions answered off-list. Also tested with
>>>>> IPv4 (latest python-nss installed) and IPv6, both work fine.
>>>>>
>>>>> ACK
>>>>>
>>>>> Jan
>>>>
>>>> Thanks for the review. But attached is a new version of the patch that
>>>> changes the semantics a little based on what's recommended by the new
>>>> version of python-nss: don't construct the NetworkAddress object
>>>> manually, but rather resolve the hostname using the AddrInfo object and
>>>> then try connecting to the list of of NetworkAddress object manually.
>>>
>>> Changes consulted off-list, the patch looks good. Will do some more testing on
>>> RHEL6. Unless I find some issues, this patch is ACKed.
>>>
>>> Jan
>>>
>>
>> One more change - bumped the minimum required version of python-nss to
>> 0.11 which is in the nightly devel repo now.
>>
>
> and now with the patch attached.
ack, pushed to master
More information about the Freeipa-devel
mailing list