ITQC/containernetworking-plugins
9
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity

Do not use netns as ID or for entropy

Browse Source 
ContainerID is now required so use that
or generate random bytes.

Fixes #5
This commit is contained in:
Eugene Yakubovich
2015-05-05 13:35:20 -07:00
parent ed97604e74
commit b2d9801b25
9 changed files with 90 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
plugins/main/veth/veth.go
View File

@@ -47,9 +47,7 @@ type NetConf struct {
func setupContainerVeth(netns, ifName string, mtu int, pr *plugin.Result) (string, error) {
var hostVethName string
err := ns.WithNetNSPath(netns, func(hostNS *os.File) error {
entropy := netns + ifName
hostVeth, _, err := ip.SetupVeth(entropy, ifName, mtu, hostNS)
hostVeth, _, err := ip.SetupVeth(ifName, mtu, hostNS)
if err != nil {
return err
}
@@ -116,7 +114,7 @@ func cmdAdd(args *skel.CmdArgs) error {
}
if conf.IPMasq {
h := sha512.Sum512([]byte(args.Netns))
h := sha512.Sum512([]byte(args.ContainerID))
chain := fmt.Sprintf("CNI-%s-%x", conf.Name, h[:8])
if err = ip.SetupIPMasq(&result.IP4.IP, chain); err != nil {
return err
@@ -143,7 +141,7 @@ func cmdDel(args *skel.CmdArgs) error {
}
if conf.IPMasq {
h := sha512.Sum512([]byte(args.Netns))
h := sha512.Sum512([]byte(args.ContainerID))
chain := fmt.Sprintf("CNI-%s-%x", conf.Name, h[:8])
if err = ip.TeardownIPMasq(ipn, chain); err != nil {
return err