python: Fix exception handler compatibility.

[cascardo/ovs.git] / debian / ovs-monitor-ipsec

diff --git a/debian/ovs-monitor-ipsec b/debian/ovs-monitor-ipsec
index 87a1491..efab91b 100755 (executable)
--- a/debian/ovs-monitor-ipsec
+++ b/debian/ovs-monitor-ipsec
@@ -1,5 +1,5 @@
-#!/usr/bin/python
-# Copyright (c) 2009, 2010, 2011 Nicira Networks
+#! /usr/bin/env python
+# Copyright (c) 2009, 2010, 2011, 2012 Nicira, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -33,16 +33,16 @@ import sys
 
 import ovs.dirs
 from ovs.db import error
-from ovs.db import types
 import ovs.util
 import ovs.daemon
 import ovs.db.idl
 import ovs.unixctl
+import ovs.unixctl.server
 import ovs.vlog
 
 vlog = ovs.vlog.Vlog("ovs-monitor-ipsec")
 root_prefix = ''                # Prefix for absolute file names, for testing.
-setkey = "/usr/sbin/setkey"
+SETKEY = "/usr/sbin/setkey"
 exiting = False
 
 
@@ -209,9 +209,9 @@ path certificate "%s";
         if host in self.psk_hosts:
             raise error.Error("host %s already defined for psk" % host)
 
-        if vals["certificate"] == None:
+        if vals["certificate"] is None:
             raise error.Error("'certificate' not defined for %s" % host)
-        elif vals["private_key"] == None:
+        elif vals["private_key"] is None:
             # Assume the private key is stored in the same PEM file as
             # the certificate.  We make a copy of "vals" so that we don't
             # modify the original "vals", which would cause the script
@@ -266,11 +266,11 @@ class IPsec:
 
     def call_setkey(self, cmds):
         try:
-            p = subprocess.Popen([root_prefix + setkey, "-c"],
+            p = subprocess.Popen([root_prefix + SETKEY, "-c"],
                                  stdin=subprocess.PIPE,
                                  stdout=subprocess.PIPE)
         except:
-            vlog.err("could not call %s%s" % (root_prefix, setkey))
+            vlog.err("could not call %s%s" % (root_prefix, SETKEY))
             sys.exit(1)
 
         # xxx It is safer to pass the string into the communicate()
@@ -371,7 +371,7 @@ def update_ipsec(ipsec, interfaces, new_interfaces):
 
         try:
             ipsec.add_entry(vals["local_ip"], vals["remote_ip"], vals)
-        except error.Error, msg:
+        except error.Error as msg:
             vlog.warn("skipping ipsec config for %s: %s" % (name, msg))
 
 
@@ -414,24 +414,27 @@ def main():
     ovs.daemon.daemonize()
 
     ovs.unixctl.command_register("exit", "", 0, 0, unixctl_exit, None)
-    error, unixctl_server = ovs.unixctl.UnixctlServer.create(None)
+    error, unixctl_server = ovs.unixctl.server.UnixctlServer.create(None)
     if error:
         ovs.util.ovs_fatal(error, "could not create unixctl server", vlog)
 
     ipsec = IPsec()
 
     interfaces = {}
+    seqno = idl.change_seqno    # Sequence number when we last processed the db
     while True:
         unixctl_server.run()
         if exiting:
             break
 
-        if not idl.run():
+        idl.run()
+        if seqno == idl.change_seqno:
             poller = ovs.poller.Poller()
             unixctl_server.wait(poller)
             idl.wait(poller)
             poller.block()
             continue
+        seqno = idl.change_seqno
 
         ssl_cert = get_ssl_cert(idl.tables)