Add IPv6 support

Python defaults to IPv4-only, but IPv6 is cooler
2024-11-22 01:22:00 +00:00 · 2014-05-19 15:41:38 -04:00 · 2014-05-19 15:41:38 -04:00 · 950ca5e4c9
commit 950ca5e4c9
parent 51442e0180
2 changed files with 3 additions and 3 deletions
--- a/confluent_client/confluent/client.py
+++ b/confluent_client/confluent/client.py
@ -121,10 +121,10 @@ class Command(object):
                                          ssl_version=ssl.PROTOCOL_TLSv1)
        if knownhosts:
            certdata = self.connection.getpeercert(binary_form=True)
+            fingerprint = 'sha512$' + hashlib.sha512(certdata).hexdigest()
            hostid = '@'.join((port,server))
            khf = dbm.open(os.path.join(clientcfgdir, "knownhosts"), 'c', 384)
            if hostid in khf:
-                fingerprint = 'sha512$' + hashlib.sha512(certdata).hexdigest()
                if fingerprint == khf[hostid]:
                    return
                else:
--- a/confluent_server/confluent/sockapi.py
+++ b/confluent_server/confluent/sockapi.py
@ -194,14 +194,14 @@ def process_request(connection, request, cfm, authdata, authname, skipauth):


 def _tlshandler():
-    plainsocket = socket.socket()
+    plainsocket = socket.socket(AF_INET6)
    plainsocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    plainsocket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
    srv = ssl.wrap_socket(plainsocket, keyfile="/etc/confluent/privkey.pem",
                          certfile="/etc/confluent/srvcert.pem",
                          ssl_version=ssl.PROTOCOL_TLSv1,
                          server_side=True)
-    srv.bind(('0.0.0.0', 13001))
+    srv.bind(('::', 13001, 0, 0))
    srv.listen(5)
    authname = None
    while (1):  # TODO: exithook