INSTALL.md: Fix shell command line formatting.

[cascardo/ovs.git] / vswitchd / bridge.c
diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c

index 19ec857..25a0663 100644 (file)
--- a/vswitchd/bridge.c
+++ b/vswitchd/bridge.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
+/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
@@ -227,7 +227,7 @@ static bool ifaces_changed = false;
  static void add_del_bridges(const struct ovsrec_open_vswitch *);
  static void bridge_run__(void);
  static void bridge_create(const struct ovsrec_bridge *);
-static void bridge_destroy(struct bridge *);
+static void bridge_destroy(struct bridge *, bool del);
  static struct bridge *bridge_lookup(const char *name);
  static unixctl_cb_func bridge_unixctl_dump_flows;
  static unixctl_cb_func bridge_unixctl_reconnect;
@@ -500,7 +500,7 @@ bridge_exit(void)
  
      if_notifier_destroy(ifnotifier);
      HMAP_FOR_EACH_SAFE (br, next_br, node, &all_bridges) {
-        bridge_destroy(br);
+        bridge_destroy(br, false);
      }
      ovsdb_idl_destroy(idl);
  }
@@ -581,8 +581,6 @@ bridge_reconfigure(const struct ovsrec_open_vswitch *ovs_cfg)
                                          OFPROTO_FLOW_LIMIT_DEFAULT));
      ofproto_set_max_idle(smap_get_int(&ovs_cfg->other_config, "max-idle",
                                        OFPROTO_MAX_IDLE_DEFAULT));
-    ofproto_set_n_dpdk_rxqs(smap_get_int(&ovs_cfg->other_config,
-                                         "n-dpdk-rxqs", 0));
      ofproto_set_cpu_mask(smap_get(&ovs_cfg->other_config, "pmd-cpu-mask"));
  
      ofproto_set_threads(
@@ -635,7 +633,7 @@ bridge_reconfigure(const struct ovsrec_open_vswitch *ovs_cfg)
                  VLOG_ERR("failed to create bridge %s: %s", br->name,
                           ovs_strerror(error));
                  shash_destroy(&br->wanted_ports);
-                bridge_destroy(br);
+                bridge_destroy(br, true);
              } else {
                  /* Trigger storing datapath version. */
                  seq_change(connectivity_seq_get());
@@ -1046,8 +1044,9 @@ bridge_configure_datapath_id(struct bridge *br)
  static uint32_t
  bridge_get_allowed_versions(struct bridge *br)
  {
-    if (!br->cfg->n_protocols)
+    if (!br->cfg->n_protocols) {
          return 0;
+    }
  
      return ofputil_versions_from_strings(br->cfg->protocols,
                                           br->cfg->n_protocols);
@@ -1685,6 +1684,7 @@ static void
  add_del_bridges(const struct ovsrec_open_vswitch *cfg)
  {
      struct bridge *br, *next;
+    struct shash_node *node;
      struct shash new_br;
      size_t i;
  
@@ -1694,9 +1694,12 @@ add_del_bridges(const struct ovsrec_open_vswitch *cfg)
          static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
          const struct ovsrec_bridge *br_cfg = cfg->bridges[i];
  
-        if (strchr(br_cfg->name, '/')) {
+        if (strchr(br_cfg->name, '/') || strchr(br_cfg->name, '\\')) {
              /* Prevent remote ovsdb-server users from accessing arbitrary
-             * directories, e.g. consider a bridge named "../../../etc/". */
+             * directories, e.g. consider a bridge named "../../../etc/".
+             *
+             * Prohibiting "\" is only necessary on Windows but it's no great
+             * loss elsewhere. */
              VLOG_WARN_RL(&rl, "ignoring bridge with invalid name \"%s\"",
                           br_cfg->name);
          } else if (!shash_add_once(&new_br, br_cfg->name, br_cfg)) {
@@ -1710,13 +1713,13 @@ add_del_bridges(const struct ovsrec_open_vswitch *cfg)
          br->cfg = shash_find_data(&new_br, br->name);
          if (!br->cfg || strcmp(br->type, ofproto_normalize_type(
                                     br->cfg->datapath_type))) {
-            bridge_destroy(br);
+            bridge_destroy(br, true);
          }
      }
  
      /* Add new bridges. */
-    for (i = 0; i < cfg->n_bridges; i++) {
-        const struct ovsrec_bridge *br_cfg = cfg->bridges[i];
+    SHASH_FOR_EACH(node, &new_br) {
+        const struct ovsrec_bridge *br_cfg = node->data;
          struct bridge *br = bridge_lookup(br_cfg->name);
          if (!br) {
              bridge_create(br_cfg);
@@ -2219,9 +2222,10 @@ iface_refresh_netdev_status(struct iface *iface)
  
      error = netdev_get_etheraddr(iface->netdev, &mac);
      if (!error) {
-        char mac_string[32];
+        char mac_string[ETH_ADDR_STRLEN + 1];
  
-        sprintf(mac_string, ETH_ADDR_FMT, ETH_ADDR_ARGS(mac));
+        snprintf(mac_string, sizeof mac_string,
+                 ETH_ADDR_FMT, ETH_ADDR_ARGS(mac));
          ovsrec_interface_set_mac_in_use(iface->cfg, mac_string);
      } else {
          ovsrec_interface_set_mac_in_use(iface->cfg, NULL);
@@ -2905,7 +2909,7 @@ bridge_run(void)
                      (long int) getpid());
  
          HMAP_FOR_EACH_SAFE (br, next_br, node, &all_bridges) {
-            bridge_destroy(br);
+            bridge_destroy(br, false);
          }
          /* Since we will not be running system_stats_run() in this process
           * with the current situation of multiple ovs-vswitchd daemons,
@@ -3190,7 +3194,7 @@ bridge_create(const struct ovsrec_bridge *br_cfg)
  }
  
  static void
-bridge_destroy(struct bridge *br)
+bridge_destroy(struct bridge *br, bool del)
  {
      if (br) {
          struct mirror *mirror, *next_mirror;
@@ -3204,7 +3208,7 @@ bridge_destroy(struct bridge *br)
          }
  
          hmap_remove(&all_bridges, &br->node);
-        ofproto_destroy(br->ofproto);
+        ofproto_destroy(br->ofproto, del);
          hmap_destroy(&br->ifaces);
          hmap_destroy(&br->ports);
          hmap_destroy(&br->iface_by_name);
@@ -3437,8 +3441,7 @@ bridge_configure_local_iface_netdev(struct bridge *br,
  
      /* If there's no local interface or no IP address, give up. */
      local_iface = iface_from_ofp_port(br, OFPP_LOCAL);
-    if (!local_iface || !c->local_ip
-        || !inet_pton(AF_INET, c->local_ip, &ip)) {
+    if (!local_iface || !c->local_ip || !ip_parse(c->local_ip, &ip.s_addr)) {
          return;
      }
  
@@ -3448,7 +3451,7 @@ bridge_configure_local_iface_netdev(struct bridge *br,
  
      /* Configure the IP address and netmask. */
      if (!c->local_netmask
-        || !inet_pton(AF_INET, c->local_netmask, &mask)
+        || !ip_parse(c->local_netmask, &mask.s_addr)
          || !mask.s_addr) {
          mask.s_addr = guess_netmask(ip.s_addr);
      }
@@ -3459,7 +3462,7 @@ bridge_configure_local_iface_netdev(struct bridge *br,
  
      /* Configure the default gateway. */
      if (c->local_gateway
-        && inet_pton(AF_INET, c->local_gateway, &gateway)
+        && ip_parse(c->local_gateway, &gateway.s_addr)
          && gateway.s_addr) {
          if (!netdev_add_router(netdev, gateway)) {
              VLOG_INFO("bridge %s: configured gateway "IP_FMT,
@@ -3561,18 +3564,20 @@ bridge_configure_remotes(struct bridge *br,
                      continue;
                  }
              } else {
-               whitelist = xasprintf("punix:%s/%s.controller",
+               whitelist = xasprintf("punix:%s/%s.",
                                       ovs_rundir(), br->name);
-               if (!equal_pathnames(c->target, whitelist, SIZE_MAX)) {
+               if (!equal_pathnames(c->target, whitelist, strlen(whitelist))
+                   || strchr(c->target + strlen(whitelist), '/')) {
                     /* Prevent remote ovsdb-server users from accessing
                      * arbitrary Unix domain sockets and overwriting arbitrary
                      * local files. */
                     VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket "
                                    "controller \"%s\" due to possibility of "
                                    "overwriting local files. Instead, specify "
-                                  "whitelisted \"%s\" or connect to "
-                                  "\"unix:%s/%s.mgmt\" (which is always "
-                                  "available without special configuration).",
+                                  "path in whitelisted format \"%s*\" or "
+                                  "connect to \"unix:%s/%s.mgmt\" (which is "
+                                  "always available without special "
+                                  "configuration).",
                                    br->name, c->target, whitelist,
                                    ovs_rundir(), br->name);
                     free(whitelist);