[Freeipa-devel] [PATCH] 049 Make nsslib IPv6 aware
Rob Crittenden
rcritten at redhat.com
Mon Feb 21 22:47:59 UTC 2011
Jakub Hrozek wrote:
> On Wed, Feb 09, 2011 at 10:23:27AM +0100, Jan Zelený wrote:
>> Jakub Hrozek<jhrozek at redhat.com> wrote:
>>> On Thu, Feb 03, 2011 at 02:23:11PM +0100, Jan Zelený wrote:
>>>> Jakub Hrozek<jhrozek at redhat.com> wrote:
>>>>> Hi,
>>>>>
>>>>> attached is a patch to nsslib.py that changes its semantics so
>>>>> it is able to work with different address families. It is the last
>>>>> piece of IPv6 support.
>>>>>
>>>>> Aside from the hunks in the patch, I still need to set Requires: in the
>>>>> patch (don't know the exact version yet). Also, the attached patch
>>>>> always tries IPv4 first and only falls back to IPv6. I think there
>>>>> should be a config option that tells IPA to prefer one of the address
>>>>> families or use it exclusively for performance reasons.
>>>>>
>>>>> Please note that the patch requires the latest changes to python-nss
>>>>> in order to work correctly. Since John is still working on python-nss
>>>>> packages, this patch should be treated as a preview and not pushed even
>>>>> if it is deemed OK. At this stage, I'd like to get at least the general
>>>>> approach and code reviewed so I can fix it tomorrow.
>>>>>
>>>>> Thank you,
>>>>>
>>>>> Jakub
>>>>
>>>> The patch looks ok, all my questions answered off-list. Also tested with
>>>> IPv4 (latest python-nss installed) and IPv6, both work fine.
>>>>
>>>> ACK
>>>>
>>>> Jan
>>>
>>> Thanks for the review. But attached is a new version of the patch that
>>> changes the semantics a little based on what's recommended by the new
>>> version of python-nss: don't construct the NetworkAddress object
>>> manually, but rather resolve the hostname using the AddrInfo object and
>>> then try connecting to the list of of NetworkAddress object manually.
>>
>> Changes consulted off-list, the patch looks good. Will do some more testing on
>> RHEL6. Unless I find some issues, this patch is ACKed.
>>
>> Jan
>>
>
> One more change - bumped the minimum required version of python-nss to
> 0.11 which is in the nightly devel repo now.
pushed to master
More information about the Freeipa-devel
mailing list