int (*unparse_config)(const char *name, const char *type,
const struct nlattr *options, size_t options_len,
struct shash *args);
+ bool (*config_equal)(const struct shash *nd_args, const struct shash *args);
};
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
return error;
}
+static bool
+netdev_vport_config_equal(const struct netdev_dev *dev_,
+ const struct shash *args)
+{
+ const struct netdev_class *netdev_class = netdev_dev_get_class(dev_);
+ const struct vport_class *vport_class = vport_class_cast(netdev_class);
+
+ if (vport_class->config_equal) {
+ return vport_class->config_equal(&dev_->args, args);
+ } else {
+ return smap_equal(&dev_->args, args);
+ }
+}
+
static int
netdev_vport_send(struct netdev *netdev, const void *data, size_t size)
{
smap_add(args, "peer", nl_attr_get_string(a[ODP_PATCH_ATTR_PEER]));
return 0;
}
+
+/* Returns true if 'nd_args' is equivalent to 'args', otherwise false.
+ * Typically, 'nd_args' is the result of a call to unparse_tunnel_config()
+ * and 'args' is the original definition of the port.
+ *
+ * IPsec key configuration is handled by an external program, so it is not
+ * pushed down into the kernel module. Thus, when the "unparse_config"
+ * method is called on an existing IPsec-based vport, a simple
+ * comparison with the returned data will not match the original
+ * configuration. This function ignores configuration about keys when
+ * doing a comparison.
+ */
+static bool
+config_equal_ipsec(const struct shash *nd_args, const struct shash *args)
+{
+ struct shash tmp1, tmp2;
+ bool result;
+
+ smap_clone(&tmp1, nd_args);
+ smap_clone(&tmp2, args);
+
+ shash_find_and_delete(&tmp1, "psk");
+ shash_find_and_delete(&tmp2, "psk");
+ shash_find_and_delete(&tmp1, "peer_cert");
+ shash_find_and_delete(&tmp2, "peer_cert");
+ shash_find_and_delete(&tmp1, "certificate");
+ shash_find_and_delete(&tmp2, "certificate");
+ shash_find_and_delete(&tmp1, "private_key");
+ shash_find_and_delete(&tmp2, "private_key");
+ shash_find_and_delete(&tmp1, "use_ssl_cert");
+ shash_find_and_delete(&tmp2, "use_ssl_cert");
+
+ result = smap_equal(&tmp1, &tmp2);
+ smap_destroy(&tmp1);
+ smap_destroy(&tmp2);
+
+ return result;
+}
\f
#define VPORT_FUNCTIONS(GET_STATUS) \
NULL, \
netdev_vport_create, \
netdev_vport_destroy, \
netdev_vport_set_config, \
+ netdev_vport_config_equal, \
\
netdev_vport_open, \
netdev_vport_close, \
static const struct vport_class vport_classes[] = {
{ ODP_VPORT_TYPE_GRE,
{ "gre", VPORT_FUNCTIONS(netdev_vport_get_status) },
- parse_tunnel_config, unparse_tunnel_config },
+ parse_tunnel_config, unparse_tunnel_config, NULL },
{ ODP_VPORT_TYPE_GRE,
{ "ipsec_gre", VPORT_FUNCTIONS(netdev_vport_get_status) },
- parse_tunnel_config, unparse_tunnel_config },
+ parse_tunnel_config, unparse_tunnel_config, config_equal_ipsec },
{ ODP_VPORT_TYPE_CAPWAP,
{ "capwap", VPORT_FUNCTIONS(netdev_vport_get_status) },
- parse_tunnel_config, unparse_tunnel_config },
+ parse_tunnel_config, unparse_tunnel_config, NULL },
{ ODP_VPORT_TYPE_PATCH,
{ "patch", VPORT_FUNCTIONS(NULL) },
- parse_patch_config, unparse_patch_config }
+ parse_patch_config, unparse_patch_config, NULL }
};
int i;