Enhance wsgi to listen on ipv6 address

Check if the hostname is ipv6 and set the family appropriately. Add tests to ensure that IPv6 and IPv6 with SSL works properly. Change-Id: Ibcf0a9387691d124888c0c0540d4322b0a3b3d67
author: Davanum Srinivas <dims@linux.vnet.ibm.com> 2013-01-14 22:37:07 -0500
committer: Davanum Srinivas <dims@linux.vnet.ibm.com> 2013-01-15 11:16:29 -0500
commit: 7a4e3738ea8ae3f886d29555d3d3c67ac5b22412 (patch)
tree: 715de0e7a500e6a5fefd7a02bab12a2942d49c4b /tests
parent: e1abe0fca3ccff8fee425796de23899658403b0b (diff)
download: keystone-7a4e3738ea8ae3f886d29555d3d3c67ac5b22412.tar.gz
keystone-7a4e3738ea8ae3f886d29555d3d3c67ac5b22412.tar.xz
keystone-7a4e3738ea8ae3f886d29555d3d3c67ac5b22412.zip
2 files changed, 98 insertions, 0 deletions
diff --git a/tests/test_ipv6.py b/tests/test_ipv6.py
new file mode 100644
index 00000000..ec8fb1e5
--- /dev/null
+++ b/tests/test_ipv6.py
@@ -0,0 +1,51 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2012 OpenStack LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import httplib
+import os
+import ssl
+
+from keystone import config
+from keystone import test
+
+
+CONF = config.CONF
+
+
+class IPv6TestCase(test.TestCase):
+    def setUp(self):
+        super(IPv6TestCase, self).setUp()
+        self.load_backends()
+
+    def test_ipv6_ok(self):
+        """
+        Make sure both public and admin API work with ipv6.
+        """
+        self.public_server = self.serveapp('keystone', name='main',
+                                           host="::1", port=0)
+        self.admin_server = self.serveapp('keystone', name='admin',
+                                          host="::1", port=0)
+        # Verify Admin
+        conn = httplib.HTTPConnection('::1', CONF.admin_port)
+        conn.request('GET', '/')
+        resp = conn.getresponse()
+        self.assertEqual(resp.status, 300)
+        # Verify Public
+        conn = httplib.HTTPConnection('::1', CONF.public_port)
+        conn.request('GET', '/')
+        resp = conn.getresponse()
+        self.assertEqual(resp.status, 300)
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
index d710867d..2096f342 100644
--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py
@@ -81,6 +81,53 @@ class SSLTestCase(test.TestCase):
         resp = conn.getresponse()
         self.assertEqual(resp.status, 300)
 
+    def test_1way_ssl_with_ipv6_ok(self):
+        """
+        Make sure both public and admin API work with 1-way ipv6 & SSL.
+        """
+        self.public_server = self.serveapp('keystone', name='main',
+                                           cert=CERT, key=KEY, ca=CA,
+                                           host="::1", port=0)
+        self.admin_server = self.serveapp('keystone', name='admin',
+                                          cert=CERT, key=KEY, ca=CA,
+                                          host="::1", port=0)
+        # Verify Admin
+        conn = httplib.HTTPSConnection('::1', CONF.admin_port)
+        conn.request('GET', '/')
+        resp = conn.getresponse()
+        self.assertEqual(resp.status, 300)
+        # Verify Public
+        conn = httplib.HTTPSConnection('::1', CONF.public_port)
+        conn.request('GET', '/')
+        resp = conn.getresponse()
+        self.assertEqual(resp.status, 300)
+
+    def test_2way_ssl_with_ipv6_ok(self):
+        """
+        Make sure both public and admin API work with 2-way ipv6 & SSL.
+        Requires client certificate.
+        """
+        self.public_server = self.serveapp(
+            'keystone', name='main', cert=CERT,
+            key=KEY, ca=CA, cert_required=True,
+            host="::1", port=0)
+        self.admin_server = self.serveapp(
+            'keystone', name='admin', cert=CERT,
+            key=KEY, ca=CA, cert_required=True,
+            host="::1", port=0)
+        # Verify Admin
+        conn = httplib.HTTPSConnection(
+            '::1', CONF.admin_port, CLIENT, CLIENT)
+        conn.request('GET', '/')
+        resp = conn.getresponse()
+        self.assertEqual(resp.status, 300)
+        # Verify Public
+        conn = httplib.HTTPSConnection(
+            '::1', CONF.public_port, CLIENT, CLIENT)
+        conn.request('GET', '/')
+        resp = conn.getresponse()
+        self.assertEqual(resp.status, 300)
+
     def test_2way_ssl_fail(self):
         """
         Expect to fail when client does not present proper certificate.
author	Davanum Srinivas <dims@linux.vnet.ibm.com>	2013-01-14 22:37:07 -0500
committer	Davanum Srinivas <dims@linux.vnet.ibm.com>	2013-01-15 11:16:29 -0500
commit	7a4e3738ea8ae3f886d29555d3d3c67ac5b22412 (patch)
tree	715de0e7a500e6a5fefd7a02bab12a2942d49c4b /tests
parent	e1abe0fca3ccff8fee425796de23899658403b0b (diff)
download	keystone-7a4e3738ea8ae3f886d29555d3d3c67ac5b22412.tar.gz keystone-7a4e3738ea8ae3f886d29555d3d3c67ac5b22412.tar.xz keystone-7a4e3738ea8ae3f886d29555d3d3c67ac5b22412.zip