X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=debian%2Fovs-monitor-ipsec;h=970708264ad0b12ece3cd23ad3609bd1206ad707;hb=748dca871d1f8a06d33a1002e1dfabb74b16c9b6;hp=444b23417117f291ce5419535e5d943abc349e59;hpb=a251af0a5337e265005eae19b08b5099f063c9c1;p=sliver-openvswitch.git

diff --git a/debian/ovs-monitor-ipsec b/debian/ovs-monitor-ipsec
old mode 100644
new mode 100755
index 444b23417..970708264
--- a/debian/ovs-monitor-ipsec
+++ b/debian/ovs-monitor-ipsec
@@ -399,11 +399,13 @@ def update_ipsec(ipsec, interfaces, new_interfaces):
         orig_vals = interfaces.get(name)
         if orig_vals:
             # Configuration for this host already exists.  Check if it's
-            # changed.
-            if vals == orig_vals:
-                continue
-            else:
+            # changed.  We use set difference, since we want to ignore
+            # any local additions to "orig_vals" that we've made
+            # (e.g. the "peer_cert_file" key).
+            if set(vals.items()) - set(orig_vals.items()):
                 ipsec.del_entry(vals["local_ip"], vals["remote_ip"])
+            else:
+                continue
 
         try:
             ipsec.add_entry(vals["local_ip"], vals["remote_ip"], vals)
@@ -413,9 +415,10 @@ def update_ipsec(ipsec, interfaces, new_interfaces):
 
 def get_ssl_cert(data):
     for ovs_rec in data["Open_vSwitch"].rows.itervalues():
-        ssl = ovs_rec.ssl
-        if ssl and ssl.certificate and ssl.private_key:
-            return (ssl.certificate, ssl.private_key)
+        if ovs_rec.ssl:
+            ssl = ovs_rec.ssl[0]
+            if ssl.certificate and ssl.private_key:
+                return (ssl.certificate, ssl.private_key)
 
     return None
 
@@ -436,7 +439,8 @@ def main():
     ovs.daemon.handle_args(args)
 
     global root_prefix
-    root_prefix = args.root_prefix
+    if args.root_prefix:
+        root_prefix = args.root_prefix
 
     remote = args.database
     schema_file = "%s/vswitch.ovsschema" % ovs.dirs.PKGDATADIR