From 51af591bd37802a286b598ca6f63ced0bd18a673 Mon Sep 17 00:00:00 2001
From: Lance Richardson <lrichard@redhat.com>
Date: Wed, 7 Jun 2017 13:35:20 -0400
Subject: ovn: ssl proto/cipher configuration in nb/sb db

Add SSL protocol and cipher columns to SSL tables in northbound
and southbound databases. Start nb/sb ovsdb-server with command-
line options to use these columns. Add support to ovn-nbctl
and ovn-sbctl "set-ssl" commands for user-friendly management
of these settings.

Signed-off-by: Lance Richardson <lrichard@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
---
 tutorial/ovs-sandbox | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'tutorial')

diff --git a/tutorial/ovs-sandbox b/tutorial/ovs-sandbox
index 3da1c48a5..a03018a68 100755
--- a/tutorial/ovs-sandbox
+++ b/tutorial/ovs-sandbox
@@ -350,6 +350,8 @@ if $ovn; then
         --private-key=db:OVN_Northbound,SSL,private_key \
         --certificate=db:OVN_Northbound,SSL,certificate \
         --ca-cert=db:OVN_Northbound,SSL,ca_cert \
+        --ssl-protocols=db:OVN_Northbound,SSL,ssl_protocols \
+        --ssl-ciphers=db:OVN_Northbound,SSL,ssl_ciphers \
         --remote=punix:"$sandbox"/ovnnb_db.sock $ovsdb_nb_server_args
     rungdb $gdb_ovsdb $gdb_ovsdb_ex ovsdb-server --detach --no-chdir \
         --pidfile="$sandbox"/ovnsb_db.pid -vconsole:off \
@@ -358,6 +360,8 @@ if $ovn; then
         --private-key=db:OVN_Southbound,SSL,private_key \
         --certificate=db:OVN_Southbound,SSL,certificate \
         --ca-cert=db:OVN_Southbound,SSL,ca_cert \
+        --ssl-protocols=db:OVN_Southbound,SSL,ssl_protocols \
+        --ssl-ciphers=db:OVN_Southbound,SSL,ssl_ciphers \
         --remote=punix:"$sandbox"/ovnsb_db.sock $ovsdb_sb_server_args
     # Start SB back up server
     rungdb $gdb_ovsdb $gdb_ovsdb_ex ovsdb-server --detach --no-chdir \
-- 
cgit v1.2.1