])
AT_CLEANUP
+
+dnl ----------------------------------------------------------------------
+AT_SETUP([ovs-vswitchd -- set service controller])
+AT_SKIP_IF([test "$IS_WIN32" = "yes"])
+OVS_VSWITCHD_START
+
+AT_CHECK([ovs-vsctl set-controller br0 punix:$(pwd)/br0.void])
+OVS_WAIT_UNTIL([test -e br0.void])
+
+AT_CHECK([ovs-vsctl set-controller br0 punix:$(pwd)/br0.void/../overwrite.file])
+OVS_WAIT_UNTIL([test -n "`grep ERR ovs-vswitchd.log | grep overwrite.file`"])
+
+OVS_VSWITCHD_STOP(["/Not adding Unix domain socket controller/d"])
+AT_CLEANUP
continue;
}
} else {
- whitelist = xasprintf("punix:%s/%s.controller",
+ whitelist = xasprintf("punix:%s/%s.",
ovs_rundir(), br->name);
- if (!equal_pathnames(c->target, whitelist, SIZE_MAX)) {
+ if (!equal_pathnames(c->target, whitelist, strlen(whitelist))
+ || strchr(c->target + strlen(whitelist), '/')) {
/* Prevent remote ovsdb-server users from accessing
* arbitrary Unix domain sockets and overwriting arbitrary
* local files. */
VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket "
"controller \"%s\" due to possibility of "
"overwriting local files. Instead, specify "
- "whitelisted \"%s\" or connect to "
- "\"unix:%s/%s.mgmt\" (which is always "
- "available without special configuration).",
+ "path in whitelisted format \"%s*\" or "
+ "connect to \"unix:%s/%s.mgmt\" (which is "
+ "always available without special "
+ "configuration).",
br->name, c->target, whitelist,
ovs_rundir(), br->name);
free(whitelist);
projects / cascardo / ovs.git / commitdiff