diff options
author | Ben Pfaff <blp@nicira.com> | 2011-05-10 09:17:37 -0700 |
---|---|---|
committer | Ben Pfaff <blp@nicira.com> | 2011-05-10 09:17:37 -0700 |
commit | bf8f2167fd3107f5513d487a69a6568cf51afd68 (patch) | |
tree | fe1e3fda9d4a8cb105a6e562099ea14bc913e617 /lib/stream-nossl.c | |
parent | be55976089659d082834aae58acd1173f10004e7 (diff) |
stream-ssl: Improve messages when configuring SSL if it is unsupported.
Previously, if --private-key or another option that requires SSL support
was used, but OVS was built without OpenSSL support, then OVS would fail
with an error message that the specified option was not supported. This
confused users because it made them think that the option had been removed:
http://openvswitch.org/pipermail/discuss/2011-April/005034.html
This commit improves the error message: OVS will now report that it was
built without SSL support. This should be make the problem clear to users.
Reported-by: Aaron Rosen <arosen@clemson.edu>
Feature #5325.
Diffstat (limited to 'lib/stream-nossl.c')
-rw-r--r-- | lib/stream-nossl.c | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/lib/stream-nossl.c b/lib/stream-nossl.c new file mode 100644 index 00000000..cdbbf5d7 --- /dev/null +++ b/lib/stream-nossl.c @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2011 Nicira Networks. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <config.h> +#include "stream-ssl.h" +#include "vlog.h" + +VLOG_DEFINE_THIS_MODULE(stream_nossl); + +/* Dummy function definitions, used when OVS is built without OpenSSL. */ + +bool +stream_ssl_is_configured(void) +{ + return false; +} + +static void NO_RETURN +nossl_option(const char *detail) +{ + VLOG_FATAL("%s specified but Open vSwitch was built without SSL support", + detail); +} + +void +stream_ssl_set_private_key_file(const char *file_name) +{ + if (file_name != NULL) { + nossl_option("Private key"); + } +} + +void +stream_ssl_set_certificate_file(const char *file_name) +{ + if (file_name != NULL) { + nossl_option("Certificate"); + } +} + +void +stream_ssl_set_ca_cert_file(const char *file_name, bool bootstrap OVS_UNUSED) +{ + if (file_name != NULL) { + nossl_option("CA certificate"); + } +} + +void +stream_ssl_set_peer_ca_cert_file(const char *file_name) +{ + if (file_name != NULL) { + nossl_option("Peer CA certificate"); + } +} + +void +stream_ssl_set_key_and_cert(const char *private_key_file, + const char *certificate_file) +{ + stream_ssl_set_private_key_file(private_key_file); + stream_ssl_set_certificate_file(certificate_file); +} |