[nft PATCH v2 3/4] xt: Put match/target translation into own functions

Phil Sutter <phil@xxxxxx> · Thu, 17 Nov 2022 18:45:45 +0100

Reduce the size and indenting level of xt_stmt_xlate() a bit, also fix
for error printing to stderr irrespective of octx->error_fp value.

Signed-off-by: Phil Sutter <phil@xxxxxx>
---
Changes since v1:
- Change fprintf() calls to respect octx.
---
 src/xt.c | 144 ++++++++++++++++++++++++++++++-------------------------
 1 file changed, 78 insertions(+), 66 deletions(-)

diff --git a/src/xt.c b/src/xt.c
index 9a326fd313233..e3063612c353e 100644
--- a/src/xt.c
+++ b/src/xt.c
@@ -104,6 +104,75 @@ int xt_stmt_blob_decode(struct stmt *stmt, const char *b64_string,
 	return ret;
 }
 
+#ifdef HAVE_LIBXTABLES
+static bool xt_stmt_xlate_match(const struct stmt *stmt, void *entry,
+				struct xt_xlate *xl, struct output_ctx *octx)
+{
+	size_t size = XT_ALIGN(sizeof(struct xt_entry_match))
+			+ stmt->xt.infolen;
+	struct xt_xlate_mt_params params = {
+		.ip		= entry,
+		.numeric        = 1,
+	};
+	struct xtables_match *mt;
+	struct xt_entry_match *m;
+
+	mt = xtables_find_match(stmt->xt.name, XTF_TRY_LOAD, NULL);
+	if (!mt) {
+		fprintf(octx->error_fp,
+			"XT match %s not found\n", stmt->xt.name);
+		return false;
+	}
+	if (!mt->xlate)
+		return false;
+
+	m = xzalloc(size);
+	m->u.match_size = size;
+	m->u.user.revision = stmt->xt.rev;
+	memcpy(&m->data, stmt->xt.info, stmt->xt.infolen);
+
+	params.match = m;
+	mt->xlate(xl, &params);
+
+	xfree(m);
+	return true;
+}
+
+static bool xt_stmt_xlate_target(const struct stmt *stmt, void *entry,
+				 struct xt_xlate *xl, struct output_ctx *octx)
+{
+	size_t size = XT_ALIGN(sizeof(struct xt_entry_target))
+			+ stmt->xt.infolen;
+	struct xt_xlate_tg_params params = {
+		.ip		= entry,
+		.numeric        = 1,
+	};
+	struct xtables_target *tg;
+	struct xt_entry_target *t;
+
+	tg = xtables_find_target(stmt->xt.name, XTF_TRY_LOAD);
+	if (!tg) {
+		fprintf(octx->error_fp,
+			"XT target %s not found\n", stmt->xt.name);
+		return false;
+	}
+	if (!tg->xlate)
+		return false;
+
+	t = xzalloc(size);
+	t->u.target_size = size;
+	t->u.user.revision = stmt->xt.rev;
+	memcpy(&t->data, stmt->xt.info, stmt->xt.infolen);
+	strcpy(t->u.user.name, tg->name);
+
+	params.target = t;
+	tg->xlate(xl, &params);
+
+	xfree(t);
+	return true;
+}
+#endif
+
 void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx)
 {
 	static const char *xt_typename[] = {
@@ -115,11 +184,7 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx)
 	unsigned char *b64_buf;
 #ifdef HAVE_LIBXTABLES
 	struct xt_xlate *xl = xt_xlate_alloc(10240);
-	struct xtables_target *tg;
-	struct xt_entry_target *t;
-	struct xtables_match *mt;
-	struct xt_entry_match *m;
-	size_t size;
+	bool xlated = false;
 	void *entry;
 
 	xtables_set_nfproto(stmt->xt.family);
@@ -127,76 +192,23 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx)
 
 	switch (stmt->xt.type) {
 	case NFT_XT_MATCH:
-		mt = xtables_find_match(stmt->xt.name, XTF_TRY_LOAD, NULL);
-		if (!mt) {
-			fprintf(stderr, "XT match %s not found\n",
-				stmt->xt.name);
-			return;
-		}
-		size = XT_ALIGN(sizeof(*m)) + stmt->xt.infolen;
-
-		m = xzalloc(size);
-		memcpy(&m->data, stmt->xt.info, stmt->xt.infolen);
-
-		m->u.match_size = size;
-		m->u.user.revision = stmt->xt.rev;
-
-		if (mt->xlate) {
-			struct xt_xlate_mt_params params = {
-				.ip		= entry,
-				.match		= m,
-				.numeric        = 1,
-			};
-
-			mt->xlate(xl, &params);
-			nft_print(octx, "%s", xt_xlate_get(xl));
-			xfree(m);
-			xfree(entry);
-			xt_xlate_free(xl);
-			return;
-		}
-		xfree(m);
+		xlated = xt_stmt_xlate_match(stmt, entry, xl, octx);
 		break;
 	case NFT_XT_WATCHER:
 	case NFT_XT_TARGET:
-		tg = xtables_find_target(stmt->xt.name, XTF_TRY_LOAD);
-		if (!tg) {
-			fprintf(stderr, "XT target %s not found\n",
-				stmt->xt.name);
-			return;
-		}
-		size = XT_ALIGN(sizeof(*t)) + stmt->xt.infolen;
-
-		t = xzalloc(size);
-		memcpy(&t->data, stmt->xt.info, stmt->xt.infolen);
-
-		t->u.target_size = size;
-		t->u.user.revision = stmt->xt.rev;
-
-		strcpy(t->u.user.name, tg->name);
-
-		if (tg->xlate) {
-			struct xt_xlate_tg_params params = {
-				.ip		= entry,
-				.target		= t,
-				.numeric        = 1,
-			};
-
-			tg->xlate(xl, &params);
-			nft_print(octx, "%s", xt_xlate_get(xl));
-			xfree(t);
-			xfree(entry);
-			xt_xlate_free(xl);
-			return;
-		}
-		xfree(t);
+		xlated = xt_stmt_xlate_target(stmt, entry, xl, octx);
 		break;
 	default:
 		break;
 	}
 
-	xt_xlate_free(xl);
 	xfree(entry);
+	if (xlated) {
+		nft_print(octx, "%s", xt_xlate_get(xl));
+		xt_xlate_free(xl);
+		return;
+	}
+	xt_xlate_free(xl);
 #endif
 	b64_buf = xt_stmt_blob_encode(stmt);
 	nft_print(octx, "xt %s %s %s",
-- 
2.38.0







