X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=ovsdb%2Fovsdb-server.c;h=27db0702c95c45e68baf123e4356900a3a8eed3f;hb=ee5311097049272834308f64931172f1c8210755;hp=ac3ae4a91fbcbcce32335845c255169df34ee91a;hpb=02dd3123a0e312f1d33403e744af52dd6096f12d;p=sliver-openvswitch.git diff --git a/ovsdb/ovsdb-server.c b/ovsdb/ovsdb-server.c index ac3ae4a91..27db0702c 100644 --- a/ovsdb/ovsdb-server.c +++ b/ovsdb/ovsdb-server.c @@ -45,19 +45,29 @@ #include "trigger.h" #include "util.h" #include "unixctl.h" - #include "vlog.h" -#define THIS_MODULE VLM_ovsdb_server + +VLOG_DEFINE_THIS_MODULE(ovsdb_server) + +#if HAVE_OPENSSL +/* SSL configuration. */ +static char *private_key_file; +static char *certificate_file; +static char *ca_cert_file; +static bool bootstrap_ca_cert; +#endif static unixctl_cb_func ovsdb_server_exit; +static unixctl_cb_func ovsdb_server_compact; +static unixctl_cb_func ovsdb_server_reconnect; static void parse_options(int argc, char *argv[], char **file_namep, struct shash *remotes, char **unixctl_pathp, char **run_command); static void usage(void) NO_RETURN; -static void set_remotes(struct ovsdb_jsonrpc_server *jsonrpc, - const struct ovsdb *db, struct shash *remotes); +static void reconfigure_from_db(struct ovsdb_jsonrpc_server *jsonrpc, + const struct ovsdb *db, struct shash *remotes); int main(int argc, char *argv[]) @@ -68,6 +78,7 @@ main(int argc, char *argv[]) struct ovsdb_jsonrpc_server *jsonrpc; struct shash remotes; struct ovsdb_error *error; + struct ovsdb_file *file; struct ovsdb *db; struct process *run_process; char *file_name; @@ -76,8 +87,6 @@ main(int argc, char *argv[]) proctitle_init(argc, argv); set_program_name(argv[0]); - time_init(); - vlog_init(); signal(SIGPIPE, SIG_IGN); process_init(); @@ -87,13 +96,13 @@ main(int argc, char *argv[]) die_if_already_running(); daemonize_start(); - error = ovsdb_file_open(file_name, false, &db); + error = ovsdb_file_open(file_name, false, &db, &file); if (error) { ovs_fatal(0, "%s", ovsdb_error_to_string(error)); } jsonrpc = ovsdb_jsonrpc_server_create(db); - set_remotes(jsonrpc, db, &remotes); + reconfigure_from_db(jsonrpc, db, &remotes); retval = unixctl_server_create(unixctl_path, &unixctl); if (retval) { @@ -119,10 +128,14 @@ main(int argc, char *argv[]) daemonize_complete(); unixctl_command_register("exit", ovsdb_server_exit, &exiting); + unixctl_command_register("ovsdb-server/compact", ovsdb_server_compact, + file); + unixctl_command_register("ovsdb-server/reconnect", ovsdb_server_reconnect, + jsonrpc); exiting = false; while (!exiting) { - set_remotes(jsonrpc, db, &remotes); + reconfigure_from_db(jsonrpc, db, &remotes); ovsdb_jsonrpc_server_run(jsonrpc); unixctl_server_run(unixctl); ovsdb_trigger_run(db, time_msec()); @@ -155,13 +168,14 @@ main(int argc, char *argv[]) } static void -query_db_remotes(const char *name_, const struct ovsdb *db, - struct shash *remotes) +parse_db_string_column(const struct ovsdb *db, + const char *name_, + const struct ovsdb_table **tablep, + const struct ovsdb_column **columnp) { char *name, *table_name, *column_name; const struct ovsdb_column *column; const struct ovsdb_table *table; - const struct ovsdb_row *row; char *save_ptr = NULL; name = xstrdup(name_); @@ -169,27 +183,71 @@ query_db_remotes(const char *name_, const struct ovsdb *db, table_name = strtok_r(NULL, ",", &save_ptr); column_name = strtok_r(NULL, ",", &save_ptr); if (!table_name || !column_name) { - ovs_fatal(0, "remote \"%s\": invalid syntax", name_); + ovs_fatal(0, "\"%s\": invalid syntax", name_); } table = ovsdb_get_table(db, table_name); if (!table) { - ovs_fatal(0, "remote \"%s\": no table named %s", name_, table_name); + ovs_fatal(0, "\"%s\": no table named %s", name_, table_name); } column = ovsdb_table_schema_get_column(table->schema, column_name); if (!column) { - ovs_fatal(0, "remote \"%s\": table \"%s\" has no column \"%s\"", + ovs_fatal(0, "\"%s\": table \"%s\" has no column \"%s\"", name_, table_name, column_name); } + free(name); if (column->type.key.type != OVSDB_TYPE_STRING || column->type.value.type != OVSDB_TYPE_VOID) { - ovs_fatal(0, "remote \"%s\": type of table \"%s\" column \"%s\" is " + ovs_fatal(0, "\"%s\": table \"%s\" column \"%s\" is " "not string or set of strings", - name_, table_name, column_name); + name_, table->schema->name, column->name); } + *columnp = column; + *tablep = table; +} + +#if HAVE_OPENSSL +static const char * +query_db_string(const struct ovsdb *db, const char *name) +{ + if (!name || strncmp(name, "db:", 3)) { + return name; + } else { + const struct ovsdb_column *column; + const struct ovsdb_table *table; + const struct ovsdb_row *row; + + parse_db_string_column(db, name, &table, &column); + + HMAP_FOR_EACH (row, struct ovsdb_row, hmap_node, &table->rows) { + const struct ovsdb_datum *datum; + size_t i; + + datum = &row->fields[column->index]; + for (i = 0; i < datum->n; i++) { + if (datum->keys[i].string[0]) { + return datum->keys[i].string; + } + } + } + return NULL; + } +} +#endif /* HAVE_OPENSSL */ + +static void +query_db_remotes(const char *name, const struct ovsdb *db, + struct shash *remotes) +{ + const struct ovsdb_column *column; + const struct ovsdb_table *table; + const struct ovsdb_row *row; + + parse_db_string_column(db, name, &table, &column); + HMAP_FOR_EACH (row, struct ovsdb_row, hmap_node, &table->rows) { const struct ovsdb_datum *datum; size_t i; @@ -199,17 +257,17 @@ query_db_remotes(const char *name_, const struct ovsdb *db, shash_add_once(remotes, datum->keys[i].string, NULL); } } - - free(name); } +/* Reconfigures ovsdb-server based on information in the database. */ static void -set_remotes(struct ovsdb_jsonrpc_server *jsonrpc, - const struct ovsdb *db, struct shash *remotes) +reconfigure_from_db(struct ovsdb_jsonrpc_server *jsonrpc, + const struct ovsdb *db, struct shash *remotes) { struct shash resolved_remotes; struct shash_node *node; + /* Configure remotes. */ shash_init(&resolved_remotes); SHASH_FOR_EACH (node, remotes) { const char *name = node->name; @@ -222,8 +280,15 @@ set_remotes(struct ovsdb_jsonrpc_server *jsonrpc, } ovsdb_jsonrpc_server_set_remotes(jsonrpc, &resolved_remotes); shash_destroy(&resolved_remotes); -} +#if HAVE_OPENSSL + /* Configure SSL. */ + stream_ssl_set_key_and_cert(query_db_string(db, private_key_file), + query_db_string(db, certificate_file)); + stream_ssl_set_ca_cert_file(query_db_string(db, ca_cert_file), + bootstrap_ca_cert); +#endif +} static void ovsdb_server_exit(struct unixctl_conn *conn, const char *args OVS_UNUSED, @@ -234,6 +299,37 @@ ovsdb_server_exit(struct unixctl_conn *conn, const char *args OVS_UNUSED, unixctl_command_reply(conn, 200, NULL); } +static void +ovsdb_server_compact(struct unixctl_conn *conn, const char *args OVS_UNUSED, + void *file_) +{ + struct ovsdb_file *file = file_; + struct ovsdb_error *error; + + VLOG_INFO("compacting database by user request"); + error = ovsdb_file_compact(file); + if (!error) { + unixctl_command_reply(conn, 200, NULL); + } else { + char *s = ovsdb_error_to_string(error); + ovsdb_error_destroy(error); + unixctl_command_reply(conn, 503, s); + free(s); + } +} + +/* "ovsdb-server/reconnect": makes ovsdb-server drop all of its JSON-RPC + * connections and reconnect. */ +static void +ovsdb_server_reconnect(struct unixctl_conn *conn, const char *args OVS_UNUSED, + void *jsonrpc_) +{ + struct ovsdb_jsonrpc_server *jsonrpc = jsonrpc_; + + ovsdb_jsonrpc_server_reconnect(jsonrpc); + unixctl_command_reply(conn, 200, NULL); +} + static void parse_options(int argc, char *argv[], char **file_namep, struct shash *remotes, char **unixctl_pathp, @@ -259,7 +355,9 @@ parse_options(int argc, char *argv[], char **file_namep, LEAK_CHECKER_LONG_OPTIONS, #ifdef HAVE_OPENSSL {"bootstrap-ca-cert", required_argument, 0, OPT_BOOTSTRAP_CA_CERT}, - STREAM_SSL_LONG_OPTIONS + {"private-key", required_argument, 0, 'p'}, + {"certificate", required_argument, 0, 'c'}, + {"ca-cert", required_argument, 0, 'C'}, #endif {0, 0, 0, 0}, }; @@ -299,14 +397,25 @@ parse_options(int argc, char *argv[], char **file_namep, LEAK_CHECKER_OPTION_HANDLERS #ifdef HAVE_OPENSSL - STREAM_SSL_OPTION_HANDLERS + case 'p': + private_key_file = optarg; + break; + + case 'c': + certificate_file = optarg; + break; + + case 'C': + ca_cert_file = optarg; + bootstrap_ca_cert = false; + break; case OPT_BOOTSTRAP_CA_CERT: - stream_ssl_set_ca_cert_file(optarg, true); + ca_cert_file = optarg; + bootstrap_ca_cert = true; break; #endif - case '?': exit(EXIT_FAILURE); @@ -343,6 +452,7 @@ usage(void) vlog_usage(); printf("\nOther options:\n" " --run COMMAND run COMMAND as subprocess then exit\n" + " --unixctl=SOCKET override default control socket name\n" " -h, --help display this help message\n" " -V, --version display version information\n"); leak_checker_usage();