#!/usr/bin/python
-# Copyright (c) 2009, 2010 Nicira Networks
+# Copyright (c) 2009, 2010, 2011 Nicira Networks
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
cert_entry = """remote %s {
exchange_mode main;
nat_traversal on;
+ ike_frag on;
certificate_type x509 "%s" "%s";
my_identifier asn1dn;
peers_identifier asn1dn;
self.psk_hosts = {}
self.cert_hosts = {}
+ if not os.path.isdir(self.cert_dir):
+ os.mkdir(self.cert_dir)
+
# Clean out stale peer certs from previous runs
for ovs_cert in glob.glob("%s/ovs-*.pem" % self.cert_dir):
try:
self.call_setkey("spdflush;")
def spd_add(self, local_ip, remote_ip):
- cmds = ("spdadd %s %s gre -P out ipsec esp/transport//default;\n" %
+ cmds = ("spdadd %s %s gre -P out ipsec esp/transport//require;\n" %
(local_ip, remote_ip))
- cmds += ("spdadd %s %s gre -P in ipsec esp/transport//default;" %
+ cmds += ("spdadd %s %s gre -P in ipsec esp/transport//require;" %
(remote_ip, local_ip))
self.call_setkey(cmds)
"(use --help for help)\n" % ovs.util.PROGRAM_NAME)
sys.exit(1)
- ovs.daemon.die_if_already_running()
-
remote = args[0]
idl = ovs.db.idl.Idl(remote, "Open_vSwitch", monitor_uuid_schema_cb)
git://git.onelab.eu / sliver-openvswitch.git / blobdiff