X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=vswitchd%2Fbridge.c;h=1f446db040b04f98619e36c25d256ed0bb028035;hb=b29ba12809fc48d1b4e417c7444e53d984292a5f;hp=0236f14cbffbac823a65dd1cbb1074997c451fd9;hpb=5eccf359391f7fe2cdb0edbaaf5680895c115218;p=openvswitch diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c index 0236f14c..1f446db0 100644 --- a/vswitchd/bridge.c +++ b/vswitchd/bridge.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include "bitmap.h" #include "cfg.h" @@ -258,8 +259,8 @@ bridge_get_ifaces(struct svec *svec) for (j = 0; j < port->n_ifaces; j++) { struct iface *iface = port->ifaces[j]; if (iface->dp_ifidx < 0) { - VLOG_ERR("%s interface not in dp%u, ignoring", - iface->name, dpif_id(&br->dpif)); + VLOG_ERR("%s interface not in datapath %s, ignoring", + iface->name, dpif_name(&br->dpif)); } else { if (iface->dp_ifidx != ODPP_LOCAL) { svec_add(svec, iface->name); @@ -287,7 +288,8 @@ bridge_init(void) retval = dpif_open(devname, &dpif); if (!retval) { char dpif_name[IF_NAMESIZE]; - if (dpif_get_name(&dpif, dpif_name, sizeof dpif_name) + if (dpif_port_get_name(&dpif, ODPP_LOCAL, + dpif_name, sizeof dpif_name) || !cfg_has("bridge.%s.port", dpif_name)) { dpif_delete(&dpif); } @@ -323,6 +325,7 @@ bridge_configure_ssl(void) static char *private_key_file; static char *certificate_file; static char *cacert_file; + struct stat s; if (config_string_change("ssl.private-key", &private_key_file)) { vconn_ssl_set_private_key_file(private_key_file); @@ -332,7 +335,13 @@ bridge_configure_ssl(void) vconn_ssl_set_certificate_file(certificate_file); } - if (config_string_change("ssl.ca-cert", &cacert_file)) { + /* We assume that even if the filename hasn't changed, if the CA cert + * file has been removed, that we want to move back into + * boot-strapping mode. This opens a small security hole, because + * the old certificate will still be trusted until vSwitch is + * restarted. We may want to address this in vconn's SSL library. */ + if (config_string_change("ssl.ca-cert", &cacert_file) + || (stat(cacert_file, &s) && errno == ENOENT)) { vconn_ssl_set_ca_cert_file(cacert_file, cfg_get_bool(0, "ssl.bootstrap-ca-cert")); } @@ -417,8 +426,9 @@ bridge_reconfigure(void) && strcmp(p->devname, br->name)) { int retval = dpif_port_del(&br->dpif, p->port); if (retval) { - VLOG_ERR("failed to remove %s interface from dp%u: %s", - p->devname, dpif_id(&br->dpif), strerror(retval)); + VLOG_ERR("failed to remove %s interface from %s: %s", + p->devname, dpif_name(&br->dpif), + strerror(retval)); } } } @@ -450,13 +460,14 @@ bridge_reconfigure(void) internal ? ODP_PORT_INTERNAL : 0); if (error != EEXIST) { if (next_port_no >= 256) { - VLOG_ERR("ran out of valid port numbers on dp%u", - dpif_id(&br->dpif)); + VLOG_ERR("ran out of valid port numbers on %s", + dpif_name(&br->dpif)); goto out; } if (error) { - VLOG_ERR("failed to add %s interface to dp%u: %s", - if_name, dpif_id(&br->dpif), strerror(error)); + VLOG_ERR("failed to add %s interface to %s: %s", + if_name, dpif_name(&br->dpif), + strerror(error)); } break; } @@ -472,8 +483,7 @@ bridge_reconfigure(void) uint64_t dpid; struct iface *local_iface = NULL; const char *devname; - uint8_t engine_type = br->dpif.minor; - uint8_t engine_id = br->dpif.minor; + uint8_t engine_type, engine_id; bool add_id_to_iface = false; struct svec nf_hosts; @@ -484,15 +494,16 @@ bridge_reconfigure(void) for (j = 0; j < port->n_ifaces; ) { struct iface *iface = port->ifaces[j]; if (iface->dp_ifidx < 0) { - VLOG_ERR("%s interface not in dp%u, dropping", - iface->name, dpif_id(&br->dpif)); + VLOG_ERR("%s interface not in %s, dropping", + iface->name, dpif_name(&br->dpif)); iface_destroy(iface); } else { if (iface->dp_ifidx == ODPP_LOCAL) { local_iface = iface; } - VLOG_DBG("dp%u has interface %s on port %d", - dpif_id(&br->dpif), iface->name, iface->dp_ifidx); + VLOG_DBG("%s has interface %s on port %d", + dpif_name(&br->dpif), + iface->name, iface->dp_ifidx); j++; } } @@ -520,6 +531,7 @@ bridge_reconfigure(void) ofproto_set_datapath_id(br->ofproto, dpid); /* Set NetFlow configuration on this bridge. */ + dpif_get_netflow_ids(&br->dpif, &engine_type, &engine_id); if (cfg_has("netflow.%s.engine-type", br->name)) { engine_type = cfg_get_int(0, "netflow.%s.engine-type", br->name); @@ -828,7 +840,7 @@ bridge_create(const char *name) list_push_back(&all_bridges, &br->node); - VLOG_INFO("created bridge %s on dp%u", br->name, dpif_id(&br->dpif)); + VLOG_INFO("created bridge %s on %s", br->name, dpif_name(&br->dpif)); return br; } @@ -845,8 +857,8 @@ bridge_destroy(struct bridge *br) list_remove(&br->node); error = dpif_delete(&br->dpif); if (error && error != ENOENT) { - VLOG_ERR("failed to delete dp%u: %s", - dpif_id(&br->dpif), strerror(error)); + VLOG_ERR("failed to delete %s: %s", + dpif_name(&br->dpif), strerror(error)); } dpif_close(&br->dpif); ofproto_destroy(br->ofproto); @@ -1123,8 +1135,13 @@ bridge_reconfigure_controller(struct bridge *br) || !strcmp(fail_mode, "open"))); probe = cfg_get_int(0, "%s.inactivity-probe", pfx); - ofproto_set_probe_interval(br->ofproto, - probe ? probe : cfg_get_int(0, "mgmt.inactivity-probe")); + if (probe < 5) { + probe = cfg_get_int(0, "mgmt.inactivity-probe"); + if (probe < 5) { + probe = 15; + } + } + ofproto_set_probe_interval(br->ofproto, probe); max_backoff = cfg_get_int(0, "%s.max-backoff", pfx); if (!max_backoff) { @@ -1237,11 +1254,11 @@ bridge_fetch_dp_ifaces(struct bridge *br) struct iface *iface = iface_lookup(br, p->devname); if (iface) { if (iface->dp_ifidx >= 0) { - VLOG_WARN("dp%u reported interface %s twice", - dpif_id(&br->dpif), p->devname); + VLOG_WARN("%s reported interface %s twice", + dpif_name(&br->dpif), p->devname); } else if (iface_from_dp_ifidx(br, p->port)) { - VLOG_WARN("dp%u reported interface %"PRIu16" twice", - dpif_id(&br->dpif), p->port); + VLOG_WARN("%s reported interface %"PRIu16" twice", + dpif_name(&br->dpif), p->port); } else { port_array_set(&br->ifaces, p->port, iface); iface->dp_ifidx = p->port;