#
PKG_NAME:=openvswitch
PKG_VERSION:=$(ovs_version)
-PKG_RELEASE:=5
+PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.openvswitch.org/releases/
PKG_HASH:=7d5797f2bf2449c6a266149e88f72123540f7fe7f31ad52902057ae8d8f88c38
Each of these supports a disabled option, which should be
set to 0 to launch the respective daemons.
+The ovs section section also supports the options below, to configure a set of
+SSL CA, certificate and private key. After adding these to Open vSwitch, you
+may specify ssl: connection methods for e.g. the OpenFlow controller. Note that
+Open vSwitch only reads these files during startup, so it needs to be restarted
+after adding or changing these options.
+
+| Name | Type | Required | Default | Description |
+|----------|---------|----------|---------|-----------------------------------|
+| disabled | boolean | no | 0 | If set to 1, do not configure SSL |
+| ca | string | no | (none) | Path to CA certificate |
+| cert | string | no | (none) | Path to certificate |
+| key | string | no | (none) | Path to private key |
+
The ovs_bridge section also supports the options below,
for initialising a virtual bridge with an OpenFlow controller.
ovs)
"$ovs_ctl" "$action" \
--system-id=random 1000>&-
+ ovs_set_ssl
;;
ovn_*)
"$ovn_ctl" "${action}_${cfgtype#ovn_}"
[ -n "$controller" ] && \
ovs-vsctl set-controller "$name" "$controller"
}
+
+ovs_set_ssl() {
+ local ca="$(uci -q get openvswitch.ovs.ca)"
+ [ -f "$ca" ] || return
+ local cert="$(uci get openvswitch.ovs.cert)"
+ [ -f "$cert" ] || return
+ local key="$(uci get openvswitch.ovs.key)"
+ [ -f "$key" ] || return
+
+ ovs-vsctl set-ssl "$key" "$cert" "$ca"
+}