git://git.onelab.eu
/
sliver-openvswitch.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
ofproto: Fix potential leak during flow mods.
[sliver-openvswitch.git]
/
debian
/
ovs-monitor-ipsec
diff --git
a/debian/ovs-monitor-ipsec
b/debian/ovs-monitor-ipsec
index
87a1491
..
414d18b
100755
(executable)
--- a/
debian/ovs-monitor-ipsec
+++ b/
debian/ovs-monitor-ipsec
@@
-1,5
+1,5
@@
#!/usr/bin/python
#!/usr/bin/python
-# Copyright (c) 2009, 2010, 2011
Nicira Networks
+# Copyright (c) 2009, 2010, 2011
, 2012 Nicira, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@
-38,11
+38,12
@@
import ovs.util
import ovs.daemon
import ovs.db.idl
import ovs.unixctl
import ovs.daemon
import ovs.db.idl
import ovs.unixctl
+import ovs.unixctl.server
import ovs.vlog
vlog = ovs.vlog.Vlog("ovs-monitor-ipsec")
root_prefix = '' # Prefix for absolute file names, for testing.
import ovs.vlog
vlog = ovs.vlog.Vlog("ovs-monitor-ipsec")
root_prefix = '' # Prefix for absolute file names, for testing.
-
setkey
= "/usr/sbin/setkey"
+
SETKEY
= "/usr/sbin/setkey"
exiting = False
exiting = False
@@
-266,11
+267,11
@@
class IPsec:
def call_setkey(self, cmds):
try:
def call_setkey(self, cmds):
try:
- p = subprocess.Popen([root_prefix +
setkey
, "-c"],
+ p = subprocess.Popen([root_prefix +
SETKEY
, "-c"],
stdin=subprocess.PIPE,
stdout=subprocess.PIPE)
except:
stdin=subprocess.PIPE,
stdout=subprocess.PIPE)
except:
- vlog.err("could not call %s%s" % (root_prefix,
setkey
))
+ vlog.err("could not call %s%s" % (root_prefix,
SETKEY
))
sys.exit(1)
# xxx It is safer to pass the string into the communicate()
sys.exit(1)
# xxx It is safer to pass the string into the communicate()
@@
-414,30
+415,33
@@
def main():
ovs.daemon.daemonize()
ovs.unixctl.command_register("exit", "", 0, 0, unixctl_exit, None)
ovs.daemon.daemonize()
ovs.unixctl.command_register("exit", "", 0, 0, unixctl_exit, None)
- error, unixctl_server = ovs.unixctl.UnixctlServer.create(None)
+ error, unixctl_server = ovs.unixctl.
server.
UnixctlServer.create(None)
if error:
ovs.util.ovs_fatal(error, "could not create unixctl server", vlog)
ipsec = IPsec()
interfaces = {}
if error:
ovs.util.ovs_fatal(error, "could not create unixctl server", vlog)
ipsec = IPsec()
interfaces = {}
+ seqno = idl.change_seqno # Sequence number when we last processed the db
while True:
unixctl_server.run()
if exiting:
break
while True:
unixctl_server.run()
if exiting:
break
- if not idl.run():
+ idl.run()
+ if seqno == idl.change_seqno:
poller = ovs.poller.Poller()
unixctl_server.wait(poller)
idl.wait(poller)
poller.block()
continue
poller = ovs.poller.Poller()
unixctl_server.wait(poller)
idl.wait(poller)
poller.block()
continue
+ seqno = idl.change_seqno
ssl_cert = get_ssl_cert(idl.tables)
new_interfaces = {}
for rec in idl.tables["Interface"].rows.itervalues():
ssl_cert = get_ssl_cert(idl.tables)
new_interfaces = {}
for rec in idl.tables["Interface"].rows.itervalues():
- if rec.type == "ipsec_gre":
+ if rec.type == "ipsec_gre"
or rec.type == "ipsec_gre64"
:
name = rec.name
options = rec.options
peer_cert_name = "ovs-%s.pem" % (options.get("remote_ip"))
name = rec.name
options = rec.options
peer_cert_name = "ovs-%s.pem" % (options.get("remote_ip"))