[ovs-dev] [PATCH 1/2] ovs-monitor-ipsec: Various minor cleanups
Justin Pettit
jpettit at nicira.com
Wed Dec 29 00:31:40 UTC 2010
On Dec 28, 2010, at 4:12 PM, Ben Pfaff wrote:
> On Tue, Dec 28, 2010 at 04:07:29PM -0800, Justin Pettit wrote:
>> A few minor cleanups:
>>
>> - Clean out stale peer certs from previous runs
>> - Weakly attempt to verify that a certificate is valid, since Racoon
>> will refuse to start if it's not.
>> - Restart racoon if it can't be reloaded, since it's temperamental
>>
>> If these changes look good, I'll roll them into the commit that adds
>> support for certificates, since it hasn't been pushed yet.
>
> The only question I have is whether the code that cleans out stale peer
> certs should catch, log, and ignore errors. How bad is it if some files
> can't be deleted? (What if someone created a subdirectory in the
> directory that holds peer certs, or if there is a permissions problem?)
Good thought. I added a try/except block to handle that case and pushed.
Thanks for the quick review.
--Justin
More information about the dev
mailing list