-/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
+/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
static void add_del_bridges(const struct ovsrec_open_vswitch *);
static void bridge_run__(void);
static void bridge_create(const struct ovsrec_bridge *);
-static void bridge_destroy(struct bridge *);
+static void bridge_destroy(struct bridge *, bool del);
static struct bridge *bridge_lookup(const char *name);
static unixctl_cb_func bridge_unixctl_dump_flows;
static unixctl_cb_func bridge_unixctl_reconnect;
if_notifier_destroy(ifnotifier);
HMAP_FOR_EACH_SAFE (br, next_br, node, &all_bridges) {
- bridge_destroy(br);
+ bridge_destroy(br, false);
}
ovsdb_idl_destroy(idl);
}
OFPROTO_FLOW_LIMIT_DEFAULT));
ofproto_set_max_idle(smap_get_int(&ovs_cfg->other_config, "max-idle",
OFPROTO_MAX_IDLE_DEFAULT));
- ofproto_set_n_dpdk_rxqs(smap_get_int(&ovs_cfg->other_config,
- "n-dpdk-rxqs", 0));
ofproto_set_cpu_mask(smap_get(&ovs_cfg->other_config, "pmd-cpu-mask"));
ofproto_set_threads(
VLOG_ERR("failed to create bridge %s: %s", br->name,
ovs_strerror(error));
shash_destroy(&br->wanted_ports);
- bridge_destroy(br);
+ bridge_destroy(br, true);
} else {
/* Trigger storing datapath version. */
seq_change(connectivity_seq_get());
static uint32_t
bridge_get_allowed_versions(struct bridge *br)
{
- if (!br->cfg->n_protocols)
+ if (!br->cfg->n_protocols) {
return 0;
+ }
return ofputil_versions_from_strings(br->cfg->protocols,
br->cfg->n_protocols);
add_del_bridges(const struct ovsrec_open_vswitch *cfg)
{
struct bridge *br, *next;
+ struct shash_node *node;
struct shash new_br;
size_t i;
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
const struct ovsrec_bridge *br_cfg = cfg->bridges[i];
- if (strchr(br_cfg->name, '/')) {
+ if (strchr(br_cfg->name, '/') || strchr(br_cfg->name, '\\')) {
/* Prevent remote ovsdb-server users from accessing arbitrary
- * directories, e.g. consider a bridge named "../../../etc/". */
+ * directories, e.g. consider a bridge named "../../../etc/".
+ *
+ * Prohibiting "\" is only necessary on Windows but it's no great
+ * loss elsewhere. */
VLOG_WARN_RL(&rl, "ignoring bridge with invalid name \"%s\"",
br_cfg->name);
} else if (!shash_add_once(&new_br, br_cfg->name, br_cfg)) {
br->cfg = shash_find_data(&new_br, br->name);
if (!br->cfg || strcmp(br->type, ofproto_normalize_type(
br->cfg->datapath_type))) {
- bridge_destroy(br);
+ bridge_destroy(br, true);
}
}
/* Add new bridges. */
- for (i = 0; i < cfg->n_bridges; i++) {
- const struct ovsrec_bridge *br_cfg = cfg->bridges[i];
+ SHASH_FOR_EACH(node, &new_br) {
+ const struct ovsrec_bridge *br_cfg = node->data;
struct bridge *br = bridge_lookup(br_cfg->name);
if (!br) {
bridge_create(br_cfg);
error = netdev_get_etheraddr(iface->netdev, &mac);
if (!error) {
- char mac_string[32];
+ char mac_string[ETH_ADDR_STRLEN + 1];
- sprintf(mac_string, ETH_ADDR_FMT, ETH_ADDR_ARGS(mac));
+ snprintf(mac_string, sizeof mac_string,
+ ETH_ADDR_FMT, ETH_ADDR_ARGS(mac));
ovsrec_interface_set_mac_in_use(iface->cfg, mac_string);
} else {
ovsrec_interface_set_mac_in_use(iface->cfg, NULL);
(long int) getpid());
HMAP_FOR_EACH_SAFE (br, next_br, node, &all_bridges) {
- bridge_destroy(br);
+ bridge_destroy(br, false);
}
/* Since we will not be running system_stats_run() in this process
* with the current situation of multiple ovs-vswitchd daemons,
}
static void
-bridge_destroy(struct bridge *br)
+bridge_destroy(struct bridge *br, bool del)
{
if (br) {
struct mirror *mirror, *next_mirror;
}
hmap_remove(&all_bridges, &br->node);
- ofproto_destroy(br->ofproto);
+ ofproto_destroy(br->ofproto, del);
hmap_destroy(&br->ifaces);
hmap_destroy(&br->ports);
hmap_destroy(&br->iface_by_name);
/* If there's no local interface or no IP address, give up. */
local_iface = iface_from_ofp_port(br, OFPP_LOCAL);
- if (!local_iface || !c->local_ip
- || !inet_pton(AF_INET, c->local_ip, &ip)) {
+ if (!local_iface || !c->local_ip || !ip_parse(c->local_ip, &ip.s_addr)) {
return;
}
/* Configure the IP address and netmask. */
if (!c->local_netmask
- || !inet_pton(AF_INET, c->local_netmask, &mask)
+ || !ip_parse(c->local_netmask, &mask.s_addr)
|| !mask.s_addr) {
mask.s_addr = guess_netmask(ip.s_addr);
}
/* Configure the default gateway. */
if (c->local_gateway
- && inet_pton(AF_INET, c->local_gateway, &gateway)
+ && ip_parse(c->local_gateway, &gateway.s_addr)
&& gateway.s_addr) {
if (!netdev_add_router(netdev, gateway)) {
VLOG_INFO("bridge %s: configured gateway "IP_FMT,
continue;
}
} else {
- whitelist = xasprintf("punix:%s/%s.controller",
+ whitelist = xasprintf("punix:%s/%s.",
ovs_rundir(), br->name);
- if (!equal_pathnames(c->target, whitelist, SIZE_MAX)) {
+ if (!equal_pathnames(c->target, whitelist, strlen(whitelist))
+ || strchr(c->target + strlen(whitelist), '/')) {
/* Prevent remote ovsdb-server users from accessing
* arbitrary Unix domain sockets and overwriting arbitrary
* local files. */
VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket "
"controller \"%s\" due to possibility of "
"overwriting local files. Instead, specify "
- "whitelisted \"%s\" or connect to "
- "\"unix:%s/%s.mgmt\" (which is always "
- "available without special configuration).",
+ "path in whitelisted format \"%s*\" or "
+ "connect to \"unix:%s/%s.mgmt\" (which is "
+ "always available without special "
+ "configuration).",
br->name, c->target, whitelist,
ovs_rundir(), br->name);
free(whitelist);