go
/
gvisor
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #2187 from kevinGC:deflake-connectTCP 

PiperOrigin-RevId: 301716568
This commit is contained in:
gVisor bot 2020-03-18 18:58:30 -07:00
parent c3cee7f5a4 a8f9cc8798
commit 79389f8abb
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
test/iptables/filter_input.go
View File

@ -194,8 +194,14 @@ func (FilterInputDropTCPDestPort) ContainerAction(ip net.IP) error {
// LocalAction implements TestCase.LocalAction.
func (FilterInputDropTCPDestPort) LocalAction(ip net.IP) error {
if err := connectTCP(ip, dropPort, sendloopDuration); err == nil {
return fmt.Errorf("connection destined to port %d should not be accepted, but got accepted", dropPort)
// After the container sets its DROP rule, we shouldn't be able to connect.
// However, we may succeed in connecting if this runs before the container
// sets the rule. To avoid this race, we retry connecting until
// sendloopDuration has elapsed, ignoring whether the connect succeeds. The
// test works becuase the container will error if a connection is
// established after the rule is set.
for start := time.Now(); time.Since(start) < sendloopDuration; {
connectTCP(ip, dropPort, sendloopDuration-time.Since(start))
}
return nil
@ -226,8 +232,14 @@ func (FilterInputDropTCPSrcPort) ContainerAction(ip net.IP) error {
// LocalAction implements TestCase.LocalAction.
func (FilterInputDropTCPSrcPort) LocalAction(ip net.IP) error {
if err := connectTCP(ip, acceptPort, sendloopDuration); err == nil {
return fmt.Errorf("connection should not be accepted, but was")
// After the container sets its DROP rule, we shouldn't be able to connect.
// However, we may succeed in connecting if this runs before the container
// sets the rule. To avoid this race, we retry connecting until
// sendloopDuration has elapsed, ignoring whether the connect succeeds. The
// test works becuase the container will error if a connection is
// established after the rule is set.
for start := time.Now(); time.Since(start) < sendloopDuration; {
connectTCP(ip, acceptPort, sendloopDuration-time.Since(start))
}
return nil

2
test/iptables/iptables_util.go
View File

@ -144,7 +144,7 @@ func connectTCP(ip net.IP, port int, timeout time.Duration) error {
// The container may not be listening when we first connect, so retry
// upon error.
callback := func() error {
conn, err := net.DialTCP("tcp4", nil, &contAddr)
conn, err := net.DialTimeout("tcp", contAddr.String(), timeout)
if conn != nil {
conn.Close()
}