freeipa

Clone
Source Code
GIT

d0320b9 Sanitize UDP checks in conncheck

2 files Authored by mkosek 12 years ago, Committed by rcritten 12 years ago,
raw patch tree parent
2 files changed. 49 lines added. 36 lines removed.
install/tools/ipa-replica-conncheck
file modified
+38 -20
ipapython/ipautil.py
file modified
+11 -16 
    Sanitize UDP checks in conncheck
    
    UDP port checks in ipa-replica-conncheck always returns OK even
    if they are closed by a firewall. They cannot be reliably checked
    in the same way as TCP ports as there is no session management as
    in TCP protocol. We cannot guarantee a response on the checked
    side without our own echo server bound to checked port.
    
    This patch removes UDP port checks in replica->master direction
    as we would have to implement (kerberos) protocol-wise check
    to make the other side actually respond. A list of skipped
    ports is printed for user.
    
    Direction master->replica was fixed and now it is able to report
    error when the port is blocked.
    
    https://fedorahosted.org/freeipa/ticket/2062
file modified
+38 -20
file modified
+11 -16
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.