[ovs-dev] [PATCH 09/15] ovs-vsctl: Add SSL support.

Ben Pfaff blp at nicira.com
Wed Mar 24 20:18:12 UTC 2010


Normally ovs-vsctl is run locally, with a Unix domain socket as target, but
it can be useful over SSL as well from a remote host, so this commit
enables that use.
---
 utilities/ovs-vsctl.c |   14 ++++++++++++++
 1 files changed, 14 insertions(+), 0 deletions(-)

diff --git a/utilities/ovs-vsctl.c b/utilities/ovs-vsctl.c
index 4ca737e..d991e91 100644
--- a/utilities/ovs-vsctl.c
+++ b/utilities/ovs-vsctl.c
@@ -36,6 +36,7 @@
 #include "ovsdb-idl.h"
 #include "poll-loop.h"
 #include "process.h"
+#include "stream-ssl.h"
 #include "svec.h"
 #include "vswitchd/vswitch-idl.h"
 #include "timeval.h"
@@ -169,6 +170,7 @@ parse_options(int argc, char *argv[])
         OPT_NO_SYSLOG,
         OPT_NO_WAIT,
         OPT_DRY_RUN,
+        OPT_PEER_CA_CERT,
         VLOG_OPTION_ENUMS
     };
     static struct option long_options[] = {
@@ -181,6 +183,10 @@ parse_options(int argc, char *argv[])
         {"help", no_argument, 0, 'h'},
         {"version", no_argument, 0, 'V'},
         VLOG_LONG_OPTIONS,
+#ifdef HAVE_OPENSSL
+        STREAM_SSL_LONG_OPTIONS
+        {"peer-ca-cert", required_argument, 0, OPT_PEER_CA_CERT},
+#endif
         {0, 0, 0, 0},
     };
 
@@ -231,6 +237,14 @@ parse_options(int argc, char *argv[])
 
         VLOG_OPTION_HANDLERS
 
+#ifdef HAVE_OPENSSL
+        STREAM_SSL_OPTION_HANDLERS
+
+        case OPT_PEER_CA_CERT:
+            stream_ssl_set_peer_ca_cert_file(optarg);
+            break;
+#endif
+
         case '?':
             exit(EXIT_FAILURE);
 
-- 
1.6.6.1





More information about the dev mailing list