Many Open vSwitch tests fail on Debian's automatic build machines because
the builds occur in deeply nested directories with long names. OVS tries
to bind and connect to Unix domain sockets using absolute path names, which
in combination with long directory names means that the socket's name
exceeds the limit for Unix domain socket names (108 bytes on Linux).
This commit works around the problem on Linux by indirecting through
/proc/self/fd/<dirfd>/<basename> when names exceed the maximum that can be
used directly.
Reported-by: Hector Oron <hector.oron@gmail.com>
Reported-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reported-by: Roger Leigh <rleigh@codelibre.net>
Debian bug #602891.
Debian bug #602911.
Adding a macro to define the vlog module in use adds a level of
indirection, which makes it easier to change how the vlog module must be
defined. A followup commit needs to do that, so getting these widespread
changes out of the way first should make that commit easier to review.
The test-vconn program binds a socket to a nonspecific port number. To
add SSL support to this program, it needs to be able to use SSL, and the
stream library is the easiest way to do that. But the stream library
can't bind to a nonspecific port. This commit adds that feature, by adding
it to the function that the stream SSL library uses as a building block.
make_unix_socket() can return EAGAIN in rare circumstances, e.g. when the
server's socket listen queue is full. A lot of OVS callers interpret
EAGAIN as a "try again" error code, but in this case it means that the
attempt to create the socket failed. So munge EAGAIN into another error
code to prevent that misinterpretation.
The tcp_open_active() and tcp_open_passive() functions don't really have
any strong dependencies on TCP. With a couple of simple changes they
can be used for UDP also. Since this is useful for Netflow, this commit
does so.
Until now, tcp_open_active() and tcp_open_passive() have only been used
in situations where there is a reasonable default port, e.g. OFP_TCP_PORT.
But for NetFlow there is no universal default, so enhance these functions
so that they can require the user to specify a port explicitly.
Crossported from the 'db' branch, where this is useful for JSON-RPC, which
also has no widely known port.
Until now, setting a netflow collector to a DNS name would cause
secchan to attempt to resolve that DNS name each time that the set of
netflow collectors is re-set. For the vswitch, this is every time that
the vswitch reconfigures itself.
Unfortunately, DNS lookup within secchan cannot work as currently
implemented, because it needs both an asynchronous DNS resolver library
and in-band control updates. Currently we have neither. Attempting to
look up DNS anyway just hangs.
This commit disables DNS lookup entirely, and updates the documentation to
change user expectations. DNS still won't work, but at least it won't
hang.
Bug #1609.
The TCP and SSL vconn implementations had a lot of common code to make
and accept TCP connections, which this commit factors out into common
functions in socket-util.c.
Also adds the ability to bind ptcp and pssl vconns to a particular IP
address instead of the wildcard address.
