@@ -40,6 +40,8 @@ import ovs.db.idl
import ovs.unixctl
import ovs.unixctl.server
import ovs.vlog
+import six
+from six.moves import range
vlog = ovs.vlog.Vlog("ovs-monitor-ipsec")
root_prefix = '' # Prefix for absolute file names, for testing.
@@ -152,7 +154,7 @@ path certificate "%s";
conf_file = open(root_prefix + self.conf_file, 'w')
conf_file.write(Racoon.conf_header % (self.psk_file, self.cert_dir))
- for host, vals in self.cert_hosts.iteritems():
+ for host, vals in six.iteritems(self.cert_hosts):
conf_file.write(Racoon.cert_entry % (host, vals["certificate"],
vals["private_key"], vals["peer_cert_file"]))
@@ -163,13 +165,13 @@ path certificate "%s";
conf_file.close()
# Rewrite the pre-shared keys file; it must only be readable by root.
- orig_umask = os.umask(0077)
+ orig_umask = os.umask(0o077)
psk_file = open(root_prefix + Racoon.psk_file, 'w')
os.umask(orig_umask)
psk_file.write("# Generated by Open vSwitch...do not modify by hand!")
psk_file.write("\n\n")
- for host, vals in self.psk_hosts.iteritems():
+ for host, vals in six.iteritems(self.psk_hosts):
psk_file.write("%s %s\n" % (host, vals["psk"]))
psk_file.close()
@@ -277,6 +279,8 @@ class IPsec:
# xxx It is safer to pass the string into the communicate()
# xxx method, but it didn't work for slightly longer commands.
# xxx An alternative may need to be found.
+ if sys.version_info[0] >= 3 and not isinstance(cmds, six.binary_type):
+ cmds = six.binary_type(cmds, 'utf-8')
p.stdin.write(cmds)
return p.communicate()[0]
@@ -354,11 +358,11 @@ class IPsec:
def update_ipsec(ipsec, interfaces, new_interfaces):
- for name, vals in interfaces.iteritems():
+ for name, vals in six.iteritems(interfaces):
if name not in new_interfaces:
ipsec.del_entry(vals["local_ip"], vals["remote_ip"])
- for name, vals in new_interfaces.iteritems():
+ for name, vals in six.iteritems(new_interfaces):
orig_vals = interfaces.get(name)
if orig_vals:
# Configuration for this host already exists. Check if it's
@@ -372,12 +376,12 @@ def update_ipsec(ipsec, interfaces, new_interfaces):
try:
ipsec.add_entry(vals["local_ip"], vals["remote_ip"], vals)
- except error.Error, msg:
+ except error.Error as msg:
vlog.warn("skipping ipsec config for %s: %s" % (name, msg))
def get_ssl_cert(data):
- for ovs_rec in data["Open_vSwitch"].rows.itervalues():
+ for ovs_rec in six.itervalues(data["Open_vSwitch"].rows):
if ovs_rec.ssl:
ssl = ovs_rec.ssl[0]
if ssl.certificate and ssl.private_key:
@@ -440,7 +444,7 @@ def main():
ssl_cert = get_ssl_cert(idl.tables)
new_interfaces = {}
- for rec in idl.tables["Interface"].rows.itervalues():
+ for rec in six.itervalues(idl.tables["Interface"].rows):
if rec.type == "ipsec_gre":
name = rec.name
options = rec.options
Signed-off-by: Russell Bryant <russell@ovn.org> --- debian/ovs-monitor-ipsec | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-)