Skip to content

Commit

Permalink
Merge pull request #55583 from meaksh/master-prevent-crashing-if-ss-r…
Browse files Browse the repository at this point in the history 
…eturns-ipv6-connections

[master] Do not make Salt CLI to crash when there are IPv6 established connections
  • Loading branch information
@dwoz
dwoz authored Jan 12, 2020
2 parents 94f863e + 1f9413b commit 1ef11f6
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 7 deletions.
5 changes: 3 additions & 2 deletions salt/utils/network.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1454,7 +1454,7 @@ def _parse_tcp_line(line):

def _netlink_tool_remote_on(port, which_end):
'''
Returns set of ipv4 host addresses of remote established connections
Returns set of IPv4/IPv6 host addresses of remote established connections
on local or remote tcp port.
Parses output of shell 'ss' to get connections
Expand All @@ -1464,6 +1464,7 @@ def _netlink_tool_remote_on(port, which_end):
LISTEN 0 511 *:80 *:*
LISTEN 0 128 *:22 *:*
ESTAB 0 0 127.0.0.1:56726 127.0.0.1:4505
ESTAB 0 0 [::ffff:127.0.0.1]:41323 [::ffff:127.0.0.1]:4505
'''
remotes = set()
valid = False
Expand All @@ -1486,7 +1487,7 @@ def _netlink_tool_remote_on(port, which_end):
chunks = line.split()
remote_host, remote_port = chunks[4].rsplit(':', 1)

remotes.add(remote_host)
remotes.add(remote_host.strip("[]"))

if valid is False:
remotes = None
Expand Down
26 changes: 21 additions & 5 deletions tests/unit/utils/test_network.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,14 @@
ESTAB 0 0 ::ffff:1.2.3.4:5678 ::ffff:1.2.3.4:4505
'''

LINUX_NETLINK_SS_OUTPUT = '''\
State Recv-Q Send-Q Local Address:Port Peer Address:Port
TIME-WAIT 0 0 [::1]:8009 [::1]:40368
LISTEN 0 128 127.0.0.1:5903 0.0.0.0:*
ESTAB 0 0 [::ffff:127.0.0.1]:4506 [::ffff:127.0.0.1]:32315
ESTAB 0 0 192.168.122.1:4506 192.168.122.177:24545
'''

IPV4_SUBNETS = {True: ('10.10.0.0/24',),
False: ('10.10.0.0', '10.10.0.0/33', 'FOO', 9, '0.9.800.1000/24')}
IPV6_SUBNETS = {True: ('::1/128',),
Expand Down Expand Up @@ -487,6 +495,19 @@ def test_freebsd_remotes_on_with_fat_pid(self):
remotes = network._freebsd_remotes_on('4506', 'remote')
self.assertEqual(remotes, set(['127.0.0.1']))

def test_netlink_tool_remote_on_a(self):
with patch('salt.utils.platform.is_sunos', lambda: False):
with patch('salt.utils.platform.is_linux', lambda: True):
with patch('subprocess.check_output',
return_value=LINUX_NETLINK_SS_OUTPUT):
remotes = network._netlink_tool_remote_on('4506', 'local')
self.assertEqual(remotes, set(['192.168.122.177', '::ffff:127.0.0.1']))

def test_netlink_tool_remote_on_b(self):
with patch('subprocess.check_output', return_value=NETLINK_SS):
remotes = network._netlink_tool_remote_on('4505', 'remote_port')
self.assertEqual(remotes, set(['127.0.0.1', '::ffff:1.2.3.4']))

def test_generate_minion_id_distinct(self):
'''
Test if minion IDs are distinct in the pool.
Expand Down Expand Up @@ -671,8 +692,3 @@ def test_generate_minion_id_with_long_hostname(self):
# An exception is raised if unicode is passed to socket.getfqdn
minion_id = network.generate_minion_id()
assert minion_id != '', minion_id

def test_netlink_tool_remote_on(self):
with patch('subprocess.check_output', return_value=NETLINK_SS):
remotes = network._netlink_tool_remote_on('4505', 'remote_port')
self.assertEqual(remotes, set(['127.0.0.1', '::ffff:1.2.3.4']))

0 comments on commit 1ef11f6

Please sign in to comment.