git://git.onelab.eu
/
sliver-openvswitch.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
netdev-linux: Use "read", not "recv", for tap devices.
[sliver-openvswitch.git]
/
debian
/
ovs-monitor-ipsec
diff --git
a/debian/ovs-monitor-ipsec
b/debian/ovs-monitor-ipsec
index
f7bdf1d
..
9707082
100755
(executable)
--- a/
debian/ovs-monitor-ipsec
+++ b/
debian/ovs-monitor-ipsec
@@
-399,11
+399,13
@@
def update_ipsec(ipsec, interfaces, new_interfaces):
orig_vals = interfaces.get(name)
if orig_vals:
# Configuration for this host already exists. Check if it's
orig_vals = interfaces.get(name)
if orig_vals:
# Configuration for this host already exists. Check if it's
- # changed.
- if vals == orig_vals:
- continue
-
else
:
+ # changed.
We use set difference, since we want to ignore
+ # any local additions to "orig_vals" that we've made
+ # (e.g. the "peer_cert_file" key).
+
if set(vals.items()) - set(orig_vals.items())
:
ipsec.del_entry(vals["local_ip"], vals["remote_ip"])
ipsec.del_entry(vals["local_ip"], vals["remote_ip"])
+ else:
+ continue
try:
ipsec.add_entry(vals["local_ip"], vals["remote_ip"], vals)
try:
ipsec.add_entry(vals["local_ip"], vals["remote_ip"], vals)
@@
-413,9
+415,10
@@
def update_ipsec(ipsec, interfaces, new_interfaces):
def get_ssl_cert(data):
for ovs_rec in data["Open_vSwitch"].rows.itervalues():
def get_ssl_cert(data):
for ovs_rec in data["Open_vSwitch"].rows.itervalues():
- ssl = ovs_rec.ssl
- if ssl and ssl.certificate and ssl.private_key:
- return (ssl.certificate, ssl.private_key)
+ if ovs_rec.ssl:
+ ssl = ovs_rec.ssl[0]
+ if ssl.certificate and ssl.private_key:
+ return (ssl.certificate, ssl.private_key)
return None
return None