OPT_ONELINE,
OPT_NO_SYSLOG,
OPT_NO_WAIT,
- OPT_DRY_RUN
+ OPT_DRY_RUN,
+ VLOG_OPTION_ENUMS
};
static struct option long_options[] = {
{"db", required_argument, 0, OPT_DB},
{"dry-run", no_argument, 0, OPT_DRY_RUN},
{"oneline", no_argument, 0, OPT_ONELINE},
{"timeout", required_argument, 0, 't'},
- {"verbose", optional_argument, 0, 'v'},
{"help", no_argument, 0, 'h'},
{"version", no_argument, 0, 'V'},
+ VLOG_LONG_OPTIONS,
{0, 0, 0, 0},
};
}
break;
- case 'v':
- vlog_set_verbosity(optarg);
- break;
+ VLOG_OPTION_HANDLERS
case '?':
exit(EXIT_FAILURE);
"print the controller for BRIDGE\n"
" del-controller [BRIDGE] "
"delete the controller for BRIDGE\n"
- " set-controller [BRIDGE] TARGET "
+ " set-controller [BRIDGE] TARGET "
"set the controller for BRIDGE to TARGET\n"
" get-fail-mode [BRIDGE] "
"print the fail-mode for BRIDGE\n"
" del-fail-mode [BRIDGE] "
"delete the fail-mode for BRIDGE\n"
- " set-fail-mode [BRIDGE] MODE "
+ " set-fail-mode [BRIDGE] MODE "
"set the fail-mode for BRIDGE to MODE\n"
);
+ printf("\nSSL commands:\n"
+ " get-ssl "
+ "print the SSL configuration\n"
+ " del-ssl "
+ "delete the SSL configuration\n"
+ " set-ssl PRIV-KEY CERT CA-CERT "
+ "set the SSL configuration\n"
+ );
printf("\nOptions:\n"
" --db=DATABASE "
"connect to DATABASE\n"
return br;
}
+static struct vsctl_bridge *
+find_real_bridge(struct vsctl_info *info, const char *name, bool must_exist)
+{
+ struct vsctl_bridge *br = find_bridge(info, name, must_exist);
+ if (br && br->parent) {
+ vsctl_fatal("%s is a fake bridge", name);
+ }
+ return br;
+}
+
static struct vsctl_port *
find_port(struct vsctl_info *info, const char *name, bool must_exist)
{
ovsrec_open_vswitch_set_controller(ctx->ovs, NULL);
}
} else {
- struct vsctl_bridge *br = find_bridge(&info, ctx->argv[1], true);
+ struct vsctl_bridge *br = find_real_bridge(&info, ctx->argv[1], true);
if (br->ctrl) {
ovsrec_controller_delete(br->ctrl);
ovsrec_open_vswitch_set_controller(ctx->ovs, ctrl);
} else {
/* Set the controller for a particular bridge. */
- struct vsctl_bridge *br = find_bridge(&info, ctx->argv[1], true);
+ struct vsctl_bridge *br = find_real_bridge(&info, ctx->argv[1], true);
if (br->ctrl) {
ovsrec_controller_delete(br->ctrl);
ovsrec_controller_set_fail_mode(info.ctrl, NULL);
}
} else {
- struct vsctl_bridge *br = find_bridge(&info, ctx->argv[1], true);
+ struct vsctl_bridge *br = find_real_bridge(&info, ctx->argv[1], true);
if (br->ctrl && br->ctrl->fail_mode) {
ovsrec_controller_set_fail_mode(br->ctrl, NULL);
}
ovsrec_controller_set_fail_mode(info.ctrl, fail_mode);
} else {
- struct vsctl_bridge *br = find_bridge(&info, ctx->argv[1], true);
+ struct vsctl_bridge *br = find_real_bridge(&info, ctx->argv[1], true);
if (!br->ctrl) {
vsctl_fatal("no controller declared for %s", br->name);
free_info(&info);
}
+
+static void
+cmd_get_ssl(struct vsctl_context *ctx)
+{
+ struct ovsrec_ssl *ssl = ctx->ovs->ssl;
+
+ if (ssl) {
+ ds_put_format(&ctx->output, "Private key: %s\n", ssl->private_key);
+ ds_put_format(&ctx->output, "Certificate: %s\n", ssl->certificate);
+ ds_put_format(&ctx->output, "CA Certificate: %s\n", ssl->ca_cert);
+ ds_put_format(&ctx->output, "Bootstrap: %s\n",
+ ssl->bootstrap_ca_cert ? "true" : "false");
+ }
+}
+
+static void
+cmd_del_ssl(struct vsctl_context *ctx)
+{
+ struct ovsrec_ssl *ssl = ctx->ovs->ssl;
+
+ if (ssl) {
+ ovsrec_ssl_delete(ssl);
+ ovsrec_open_vswitch_set_ssl(ctx->ovs, NULL);
+ }
+}
+
+static void
+cmd_set_ssl(struct vsctl_context *ctx)
+{
+ bool bootstrap = shash_find(&ctx->options, "--bootstrap");
+ struct ovsrec_ssl *ssl = ctx->ovs->ssl;
+
+ if (ssl) {
+ ovsrec_ssl_delete(ssl);
+ }
+ ssl = ovsrec_ssl_insert(txn_from_openvswitch(ctx->ovs));
+
+ ovsrec_ssl_set_private_key(ssl, ctx->argv[1]);
+ ovsrec_ssl_set_certificate(ssl, ctx->argv[2]);
+ ovsrec_ssl_set_ca_cert(ssl, ctx->argv[3]);
+
+ ovsrec_ssl_set_bootstrap_ca_cert(ssl, bootstrap);
+
+ ovsrec_open_vswitch_set_ssl(ctx->ovs, ssl);
+}
\f
typedef void vsctl_handler_func(struct vsctl_context *);
{"get-fail-mode", 0, 1, cmd_get_fail_mode, ""},
{"del-fail-mode", 0, 1, cmd_del_fail_mode, ""},
{"set-fail-mode", 1, 2, cmd_set_fail_mode, ""},
+
+ /* SSL commands. */
+ {"get-ssl", 0, 0, cmd_get_ssl, ""},
+ {"del-ssl", 0, 0, cmd_del_ssl, ""},
+ {"set-ssl", 3, 3, cmd_set_ssl, "--bootstrap"},
};
const struct vsctl_command *p;