Fixed default timeout.

CHANGELOG

@@ -1,3 +1,15 @@
+covenant (0.0.28) unstable; urgency=medium
+
+  * Fixed default timeout.
+
+ -- Adrien Delle Cave <adrien.delle.cave@commandersact.com>  Thu, 16 Apr 2020 23:10:59 +0200
+
+covenant (0.0.27) unstable; urgency=medium
+
+  * Added ip_protocol option (ipv4 or ipv6) in secure-layer.
+
+ -- Adrien Delle Cave <adrien.delle.cave@commandersact.com>  Thu, 16 Apr 2020 10:32:36 +0200
+
 covenant (0.0.26) unstable; urgency=medium
 
   * Fixed missing import copy.

RELEASE

@@ -1 +1 @@
-0.0.26
+0.0.28

VERSION

@@ -1 +1 @@
-0.0.26
+0.0.28

bin/covenant

@@ -4,7 +4,7 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 """covenant"""
 
-__version__ = '0.0.26'
+__version__ = '0.0.28'
 
 # TODO: load Python logging configuration (using standard logging.config)
 

covenant/plugins/http.py

@@ -45,6 +45,11 @@ def _do_call(self, obj, targets = None, registry = None): # pylint: disable=unus
             if 'ssl_verify' in cfg:
                 cfg['verify'] = bool(cfg.pop('ssl_verify'))
 
+            if cfg.get('timeout') is not None:
+                cfg['timeout'] = float(cfg['timeout'])
+            else:
+                cfg['timeout'] = None
+
             if target.credentials:
                 cfg['auth'] = (target.credentials['username'],
                                target.credentials['password'])

covenant/plugins/predis.py

@@ -26,8 +26,12 @@ def _do_call(self, obj, targets = None, registry = None): # pylint: disable=unus
             command                       = 'info'
             command_args                  = []
             cfg                           = target.config
-            cfg['socket_timeout']         = cfg.get('socket_timeout', 10)
-            cfg['socket_connect_timeout'] = cfg.get('socket_connect_timeout', 10)
+
+            for x in ('socket_timeout', 'socket_connect_timeout'):
+                if cfg.get(x) is not None:
+                    cfg[x] = float(cfg[x])
+                else:
+                    cfg[x] = None
 
             if 'command' in cfg:
                 command = cfg.pop('command').lower()

covenant/plugins/pssl.py

@@ -34,6 +34,9 @@
                     'SINGLE_ECDH_USE',
                     'ENABLE_MIDDLEBOX_COMPAT')
 
+_IP_PROTOCOLS    = {'ipv4': socket.AF_INET,
+                    'ipv6': socket.AF_INET6}
+
 
 class CovenantSslPlugin(CovenantPlugBase):
     PLUGIN_NAME = 'ssl'
@@ -99,9 +102,9 @@ def _load_context_options(context, options):
             context.options |= getattr(ssl, "OP_%s" % x)
 
     @staticmethod
-    def _connect(context, host, port, server_hostname, timeout):
+    def _connect(context, host, port, server_hostname, ip_protocol, timeout):
         conn = context.wrap_socket(
-            socket.socket(socket.AF_INET),
+            socket.socket(ip_protocol),
             server_hostname = server_hostname)
 
         conn.settimeout(timeout)
@@ -142,8 +145,14 @@ def _do_call(self, obj, targets = None, registry = None): # pylint: disable=unus
 
             cfg                = target.config
             common_name        = cfg.get('common_name')
-            cfg['timeout']     = cfg.get('timeout', 10)
             cfg['verify_peer'] = cfg.get('verify_peer', True)
+            cfg['ip_protocol'] = _IP_PROTOCOLS.get(cfg.get('ip_protocol'), socket.AF_INET)
+
+            if cfg.get('timeout') is not None:
+                cfg['timeout'] = float(cfg['timeout'])
+            else:
+                cfg['timeout'] = None
+
             params             = obj.get_params()
 
             if not params.get('target'):
@@ -182,6 +191,8 @@ def _do_call(self, obj, targets = None, registry = None): # pylint: disable=unus
                     'cert_secure': False,
                     "%s_success" % self.type: False}
 
+            conn = None
+
             try:
                 server_hostname = common_name or host
 
@@ -191,7 +202,12 @@ def _do_call(self, obj, targets = None, registry = None): # pylint: disable=unus
 
                 self._load_context_options(context, cfg.get('options'))
 
-                conn = self._connect(context, host, port, server_hostname, cfg['timeout'])
+                conn = self._connect(context,
+                                     host,
+                                     port,
+                                     server_hostname,
+                                     cfg['ip_protocol'],
+                                     cfg['timeout'])
 
                 data['cipher_info'] = conn.cipher()[0]
                 data['version_info'] = conn.version()
@@ -206,11 +222,18 @@ def _do_call(self, obj, targets = None, registry = None): # pylint: disable=unus
 
                     if cfg['verify_peer']:
                         if conn:
+                            conn.shutdown(socket.SHUT_RDWR)
                             conn.close()
+                            conn = None
 
                         context.verify_mode = ssl.CERT_REQUIRED
                         context.load_default_certs(ssl.Purpose.SERVER_AUTH)
-                        conn = self._connect(context, host, port, server_hostname, cfg['timeout'])
+                        conn = self._connect(context,
+                                             host,
+                                             port,
+                                             server_hostname,
+                                             cfg['ip_protocol'],
+                                             cfg['timeout'])
             except ssl.SSLError as e:
                 LOG.warning("ssl error on target: %r. exception: %r",
                             target.name,
@@ -230,6 +253,7 @@ def _do_call(self, obj, targets = None, registry = None): # pylint: disable=unus
                         data["%s_success" % self.type] = True
             finally:
                 if conn:
+                    conn.shutdown(socket.SHUT_RDWR)
                     conn.close()
 
             target(data)

etc/covenant/metrics.d/apache.yml

@@ -2,7 +2,7 @@
 - name: status
   config:
     enabled: ${vars.get('status_enabled', True) | n,my}
-    timeout: ${vars.get('timeout') | n,my}
+    timeout: ${vars.get('timeout', 10) | n,my}
     uri: ${vars['url'] | n,my}
     format: text
   collects:

etc/covenant/metrics.d/nginx.yml

@@ -1,7 +1,7 @@
 - name: status
   config:
     enabled: ${vars.get('status_enabled', True) | n,my}
-    timeout: ${vars.get('timeout') | n,my}
+    timeout: ${vars.get('timeout', 10) | n,my}
     uri: ${vars['url'] | n,my}/nginx_status
     format: text
   collects:
@@ -98,7 +98,7 @@
 - name: version
   config:
     enabled: ${vars.get('version_enabled', True) | n,my}
-    timeout: ${vars.get('timeout') | n,my}
+    timeout: ${vars.get('timeout', 10) | n,my}
     uri: ${vars['url'] | n,my}/nginx_version
     format: text
   collects:

etc/covenant/metrics.d/rabbitmq.yml

@@ -2,7 +2,7 @@
 - name: overview
   config:
     enabled: ${vars.get('overview_enabled', True) | n,my}
-    timeout: ${vars.get('timeout') | n,my}
+    timeout: ${vars.get('timeout', 10) | n,my}
     uri: ${vars['url'] | n,my}/overview
     format: json
   labels:
@@ -104,7 +104,7 @@
 - name: exchanges
   config:
     enabled: ${vars.get('exchanges_enabled', True) | n,my}
-    timeout: ${vars.get('timeout') | n,my}
+    timeout: ${vars.get('timeout', 10) | n,my}
     uri: ${vars['url'] | n,my}/exchanges
     format: json
   collects:
@@ -159,7 +159,7 @@
 - name: nodes
   config:
     enabled: ${vars.get('nodes_enabled', True) | n,my}
-    timeout: ${vars.get('timeout') | n,my}
+    timeout: ${vars.get('timeout', 10) | n,my}
     uri: ${vars['url'] | n,my}/nodes
     format: json
   labels:
@@ -251,7 +251,7 @@
 - name: queues
   config:
     enabled: ${vars.get('queues_enabled', True) | n,my}
-    timeout: ${vars.get('timeout') | n,my}
+    timeout: ${vars.get('timeout', 10) | n,my}
     uri: ${vars['url'] | n,my}/queues
     format: json
   collects:

etc/covenant/metrics.d/redis.yml

@@ -2,8 +2,8 @@
 - name: info
   config:
     enabled: ${vars.get('info_enabled', True) | n,my}
-    socket_timeout: ${vars.get('timeout') | n,my}
-    socket_connect_timeout: ${vars.get('timeout') | n,my}
+    socket_timeout: ${vars.get('timeout', 10) | n,my}
+    socket_connect_timeout: ${vars.get('timeout', 10) | n,my}
     url: ${vars['url'] | n,my}
     command: info
   labels:
@@ -326,8 +326,8 @@
 - name: config
   config:
     enabled: ${vars.get('config_enabled', True) | n,my}
-    socket_timeout: ${vars.get('timeout') | n,my}
-    socket_connect_timeout: ${vars.get('timeout') | n,my}
+    socket_timeout: ${vars.get('timeout', 10) | n,my}
+    socket_connect_timeout: ${vars.get('timeout', 10) | n,my}
     url: ${vars['url'] | n,my}
     command: config_get
   labels:
@@ -354,8 +354,8 @@
 - name: keyspace
   config:
     enabled: ${vars.get('keyspace_enabled', True) | n,my}
-    socket_timeout: ${vars.get('timeout') | n,my}
-    socket_connect_timeout: ${vars.get('timeout') | n,my}
+    socket_timeout: ${vars.get('timeout', 10) | n,my}
+    socket_connect_timeout: ${vars.get('timeout', 10) | n,my}
     url: ${vars['url'] | n,my}
     command: info
     command_args:

etc/covenant/metrics.d/secure-layer.yml

@@ -3,9 +3,10 @@
     common_name: ${vars.get('common_name') | n,my}
     enabled: ${vars.get('state_enabled', True) | n,my}
     options: ${vars.get('options') | n,my}
-    timeout: ${vars.get('timeout') | n,my}
+    timeout: ${vars.get('timeout', 10) | n,my}
     uri: ${vars.get('uri') | n,my}
     verify_peer: ${vars.get('verify_peer', True) | n,my}
+    ip_protocol: ${vars.get('ip_protocol') | n,my}
   collects:
     - cert_not_after:
         type: gauge

setup.yml

@@ -4,8 +4,8 @@ description: covenant
 author: Adrien Delle Cave
 author_email: pypi@doowan.net
 copyright: '2020 fjord-technologies'
-release: '0.0.26'
-version: '0.0.26'
+release: '0.0.28'
+version: '0.0.28'
 license: License GPL-3
 url: https://github.com/decryptus/covenant
 python_requires: