diff options
author | Lance Richardson <lrichard@redhat.com> | 2017-06-07 13:35:20 -0400 |
---|---|---|
committer | Ben Pfaff <blp@ovn.org> | 2017-06-07 11:33:24 -0700 |
commit | 51af591bd37802a286b598ca6f63ced0bd18a673 (patch) | |
tree | 8629a06458dc1f9d4d19abf220f7d9f712b0c764 /ovn/utilities/ovn-sbctl.c | |
parent | 6cf5c521474e2b85c5f7d2a76af8d37c6a2d0d8f (diff) | |
download | openvswitch-51af591bd37802a286b598ca6f63ced0bd18a673.tar.gz |
ovn: ssl proto/cipher configuration in nb/sb db
Add SSL protocol and cipher columns to SSL tables in northbound
and southbound databases. Start nb/sb ovsdb-server with command-
line options to use these columns. Add support to ovn-nbctl
and ovn-sbctl "set-ssl" commands for user-friendly management
of these settings.
Signed-off-by: Lance Richardson <lrichard@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'ovn/utilities/ovn-sbctl.c')
-rw-r--r-- | ovn/utilities/ovn-sbctl.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/ovn/utilities/ovn-sbctl.c b/ovn/utilities/ovn-sbctl.c index 716289e9f..a82b04776 100644 --- a/ovn/utilities/ovn-sbctl.c +++ b/ovn/utilities/ovn-sbctl.c @@ -319,7 +319,8 @@ Connection commands:\n\ SSL commands:\n\ get-ssl print the SSL configuration\n\ del-ssl delete the SSL configuration\n\ - set-ssl PRIV-KEY CERT CA-CERT set the SSL configuration\n\ + set-ssl PRIV-KEY CERT CA-CERT [SSL-PROTOS [SSL-CIPHERS]] \ +set the SSL configuration\n\ \n\ %s\ \n\ @@ -1114,6 +1115,13 @@ cmd_set_ssl(struct ctl_context *ctx) sbrec_ssl_set_bootstrap_ca_cert(ssl, bootstrap); + if (ctx->argc == 5) { + sbrec_ssl_set_ssl_protocols(ssl, ctx->argv[4]); + } else if (ctx->argc == 6) { + sbrec_ssl_set_ssl_protocols(ssl, ctx->argv[4]); + sbrec_ssl_set_ssl_ciphers(ssl, ctx->argv[5]); + } + sbrec_sb_global_set_ssl(sb_global, ssl); } @@ -1407,8 +1415,9 @@ static const struct ctl_command_syntax sbctl_commands[] = { /* SSL commands. */ {"get-ssl", 0, 0, "", pre_cmd_get_ssl, cmd_get_ssl, NULL, "", RO}, {"del-ssl", 0, 0, "", pre_cmd_del_ssl, cmd_del_ssl, NULL, "", RW}, - {"set-ssl", 3, 3, "PRIVATE-KEY CERTIFICATE CA-CERT", pre_cmd_set_ssl, - cmd_set_ssl, NULL, "--bootstrap", RW}, + {"set-ssl", 3, 5, + "PRIVATE-KEY CERTIFICATE CA-CERT [SSL-PROTOS [SSL-CIPHERS]]", + pre_cmd_set_ssl, cmd_set_ssl, NULL, "--bootstrap", RW}, {NULL, 0, 0, NULL, NULL, NULL, NULL, NULL, RO}, }; |