2010-03-25 17:46:07 +00:00
|
|
|
/*
|
|
|
|
* nwfilter_params.c: parsing and data maintenance of filter parameters
|
|
|
|
*
|
2014-03-05 15:04:15 +00:00
|
|
|
* Copyright (C) 2011-2014 Red Hat, Inc.
|
2010-03-25 17:46:07 +00:00
|
|
|
* Copyright (C) 2010 IBM Corporation
|
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
2012-09-20 22:30:55 +00:00
|
|
|
* License along with this library. If not, see
|
2012-07-21 10:06:23 +00:00
|
|
|
* <http://www.gnu.org/licenses/>.
|
2010-03-25 17:46:07 +00:00
|
|
|
*
|
|
|
|
* Author: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
|
|
#include "internal.h"
|
|
|
|
|
2012-12-12 18:06:53 +00:00
|
|
|
#include "viralloc.h"
|
2012-12-13 18:21:53 +00:00
|
|
|
#include "virerror.h"
|
2010-03-25 17:46:07 +00:00
|
|
|
#include "datatypes.h"
|
|
|
|
#include "nwfilter_params.h"
|
|
|
|
#include "domain_conf.h"
|
2012-12-12 17:59:27 +00:00
|
|
|
#include "virlog.h"
|
2013-04-03 10:36:23 +00:00
|
|
|
#include "virstring.h"
|
2010-03-25 17:46:07 +00:00
|
|
|
|
|
|
|
#define VIR_FROM_THIS VIR_FROM_NWFILTER
|
|
|
|
|
2014-02-28 12:16:17 +00:00
|
|
|
VIR_LOG_INIT("conf.nwfilter_params");
|
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
static bool isValidVarValue(const char *value);
|
2012-01-11 11:42:37 +00:00
|
|
|
static void virNWFilterVarAccessSetIntIterId(virNWFilterVarAccessPtr,
|
|
|
|
unsigned int);
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
static unsigned int virNWFilterVarAccessGetIntIterId(const virNWFilterVarAccess *);
|
2011-11-18 16:58:18 +00:00
|
|
|
|
2011-11-23 00:05:45 +00:00
|
|
|
void
|
2011-11-18 16:58:18 +00:00
|
|
|
virNWFilterVarValueFree(virNWFilterVarValuePtr val)
|
|
|
|
{
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
if (!val)
|
|
|
|
return;
|
|
|
|
|
|
|
|
switch (val->valType) {
|
|
|
|
case NWFILTER_VALUE_TYPE_SIMPLE:
|
|
|
|
VIR_FREE(val->u.simple.value);
|
|
|
|
break;
|
|
|
|
case NWFILTER_VALUE_TYPE_ARRAY:
|
|
|
|
for (i = 0; i < val->u.array.nValues; i++)
|
|
|
|
VIR_FREE(val->u.array.values[i]);
|
|
|
|
VIR_FREE(val->u.array.values);
|
|
|
|
break;
|
|
|
|
case NWFILTER_VALUE_TYPE_LAST:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
VIR_FREE(val);
|
|
|
|
}
|
|
|
|
|
2011-11-23 00:05:45 +00:00
|
|
|
virNWFilterVarValuePtr
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarValueCopy(const virNWFilterVarValue *val)
|
2011-11-18 16:58:18 +00:00
|
|
|
{
|
|
|
|
virNWFilterVarValuePtr res;
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-11-18 16:58:18 +00:00
|
|
|
char *str;
|
|
|
|
|
2013-07-04 10:02:00 +00:00
|
|
|
if (VIR_ALLOC(res) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
|
|
|
res->valType = val->valType;
|
|
|
|
|
|
|
|
switch (res->valType) {
|
|
|
|
case NWFILTER_VALUE_TYPE_SIMPLE:
|
2013-05-03 12:40:46 +00:00
|
|
|
if (VIR_STRDUP(res->u.simple.value, val->u.simple.value) < 0)
|
|
|
|
goto err_exit;
|
2011-11-18 16:58:18 +00:00
|
|
|
break;
|
|
|
|
case NWFILTER_VALUE_TYPE_ARRAY:
|
2011-12-09 02:26:34 +00:00
|
|
|
if (VIR_ALLOC_N(res->u.array.values, val->u.array.nValues) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
goto err_exit;
|
|
|
|
res->u.array.nValues = val->u.array.nValues;
|
|
|
|
for (i = 0; i < val->u.array.nValues; i++) {
|
2013-05-03 12:40:46 +00:00
|
|
|
if (VIR_STRDUP(str, val->u.array.values[i]) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
goto err_exit;
|
|
|
|
res->u.array.values[i] = str;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case NWFILTER_VALUE_TYPE_LAST:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return res;
|
|
|
|
|
2014-03-25 06:48:31 +00:00
|
|
|
err_exit:
|
2011-11-18 16:58:18 +00:00
|
|
|
virNWFilterVarValueFree(res);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
virNWFilterVarValuePtr
|
|
|
|
virNWFilterVarValueCreateSimple(char *value)
|
|
|
|
{
|
|
|
|
virNWFilterVarValuePtr val;
|
|
|
|
|
|
|
|
if (!isValidVarValue(value)) {
|
maint: don't permit format strings without %
Any time we have a string with no % passed through gettext, a
translator can inject a % to cause a stack overread. When there
is nothing to format, it's easier to ask for a string that cannot
be used as a formatter, by using a trivial "%s" format instead.
In the past, we have used --disable-nls to catch some of the
offenders, but that doesn't get run very often, and many more
uses have crept in. Syntax check to the rescue!
The syntax check can catch uses such as
virReportError(code,
_("split "
"string"));
by using a sed script to fold context lines into one pattern
space before checking for a string without %.
This patch is just mechanical insertion of %s; there are probably
several messages touched by this patch where we would be better
off giving the user more information than a fixed string.
* cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
* src/datatypes.c (virUnrefConnect, virGetDomain)
(virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
(virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
(virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
(virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
(virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
* src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
(lxcDomainGetBlkioParameters): Likewise.
* src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
(virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
Likewise.
* src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
(virNetworkDefParseXML): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
(virNWFilterVarAccessParse): Likewise.
* src/libvirt.c (virDomainSave, virDomainSaveFlags)
(virDomainRestore, virDomainRestoreFlags)
(virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
(virDomainCoreDump, virDomainGetXMLDesc)
(virDomainMigrateVersion1, virDomainMigrateVersion2)
(virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
(virStreamSendAll, virStreamRecvAll)
(virDomainSnapshotGetXMLDesc): Likewise.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterDHCPSnoopReq): Likewise.
* src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
* src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
* src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
* src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
(qemuBuildCommandLine): Likewise.
* src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
* src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
Likewise.
* src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
(virNetSocketSendFD, virNetSocketRecvFD): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskBuildPool): Likewise.
* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemProbe)
(virStorageBackendFileSystemBuild): Likewise.
* src/storage/storage_backend_rbd.c
(virStorageBackendRBDOpenRADOSConn): Likewise.
* src/storage/storage_driver.c (storageVolumeResize): Likewise.
* src/test/test_driver.c (testInterfaceChangeBegin)
(testInterfaceChangeCommit, testInterfaceChangeRollback):
Likewise.
* src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
* src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
Likewise.
* src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
(xenFormatXM): Likewise.
2012-07-23 20:33:08 +00:00
|
|
|
virReportError(VIR_ERR_INVALID_ARG, "%s",
|
2012-07-18 10:50:44 +00:00
|
|
|
_("Variable value contains invalid character"));
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2013-07-04 10:02:00 +00:00
|
|
|
if (VIR_ALLOC(val) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
val->valType = NWFILTER_VALUE_TYPE_SIMPLE;
|
|
|
|
val->u.simple.value = value;
|
|
|
|
|
|
|
|
return val;
|
|
|
|
}
|
|
|
|
|
|
|
|
virNWFilterVarValuePtr
|
|
|
|
virNWFilterVarValueCreateSimpleCopyValue(const char *value)
|
|
|
|
{
|
2013-05-03 12:40:46 +00:00
|
|
|
char *val;
|
2014-04-08 14:43:45 +00:00
|
|
|
virNWFilterVarValuePtr ret;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
2013-05-03 12:40:46 +00:00
|
|
|
if (VIR_STRDUP(val, value) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
2014-04-08 14:43:45 +00:00
|
|
|
ret = virNWFilterVarValueCreateSimple(val);
|
|
|
|
if (!ret)
|
|
|
|
VIR_FREE(val);
|
|
|
|
return ret;
|
2011-11-18 16:58:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
const char *
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarValueGetSimple(const virNWFilterVarValue *val)
|
2011-11-18 16:58:18 +00:00
|
|
|
{
|
|
|
|
if (val->valType == NWFILTER_VALUE_TYPE_SIMPLE)
|
|
|
|
return val->u.simple.value;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
const char *
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarValueGetNthValue(const virNWFilterVarValue* val, unsigned int idx)
|
2011-11-18 16:58:18 +00:00
|
|
|
{
|
|
|
|
const char *res = NULL;
|
|
|
|
|
2012-04-26 20:45:36 +00:00
|
|
|
if (!val)
|
|
|
|
return NULL;
|
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
switch (val->valType) {
|
|
|
|
case NWFILTER_VALUE_TYPE_SIMPLE:
|
|
|
|
if (idx == 0)
|
|
|
|
res = val->u.simple.value;
|
|
|
|
break;
|
|
|
|
case NWFILTER_VALUE_TYPE_ARRAY:
|
|
|
|
if (idx < val->u.array.nValues)
|
|
|
|
res = val->u.array.values[idx];
|
|
|
|
break;
|
|
|
|
case NWFILTER_VALUE_TYPE_LAST:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
|
|
|
unsigned int
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarValueGetCardinality(const virNWFilterVarValue *val)
|
2011-11-18 16:58:18 +00:00
|
|
|
{
|
|
|
|
switch (val->valType) {
|
|
|
|
case NWFILTER_VALUE_TYPE_SIMPLE:
|
|
|
|
return 1;
|
|
|
|
break;
|
|
|
|
case NWFILTER_VALUE_TYPE_ARRAY:
|
|
|
|
return val->u.array.nValues;
|
|
|
|
break;
|
|
|
|
case NWFILTER_VALUE_TYPE_LAST:
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2012-11-29 17:49:32 +00:00
|
|
|
bool
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarValueEqual(const virNWFilterVarValue *a,
|
|
|
|
const virNWFilterVarValue *b)
|
2012-11-29 17:49:32 +00:00
|
|
|
{
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
unsigned int card;
|
|
|
|
size_t i, j;
|
2012-11-29 17:49:32 +00:00
|
|
|
const char *s;
|
|
|
|
|
|
|
|
if (!a || !b)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
card = virNWFilterVarValueGetCardinality(a);
|
|
|
|
if (card != virNWFilterVarValueGetCardinality(b))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* brute force O(n^2) comparison */
|
|
|
|
for (i = 0; i < card; i++) {
|
|
|
|
bool eq = false;
|
|
|
|
|
|
|
|
s = virNWFilterVarValueGetNthValue(a, i);
|
|
|
|
for (j = 0; j < card; j++) {
|
|
|
|
if (STREQ_NULLABLE(s, virNWFilterVarValueGetNthValue(b, j))) {
|
|
|
|
eq = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!eq)
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
int
|
|
|
|
virNWFilterVarValueAddValue(virNWFilterVarValuePtr val, char *value)
|
|
|
|
{
|
|
|
|
char *tmp;
|
|
|
|
int rc = -1;
|
|
|
|
|
|
|
|
switch (val->valType) {
|
|
|
|
case NWFILTER_VALUE_TYPE_SIMPLE:
|
|
|
|
/* switch to array */
|
|
|
|
tmp = val->u.simple.value;
|
|
|
|
if (VIR_ALLOC_N(val->u.array.values, 2) < 0) {
|
|
|
|
val->u.simple.value = tmp;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
val->valType = NWFILTER_VALUE_TYPE_ARRAY;
|
|
|
|
val->u.array.nValues = 2;
|
|
|
|
val->u.array.values[0] = tmp;
|
|
|
|
val->u.array.values[1] = value;
|
|
|
|
rc = 0;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case NWFILTER_VALUE_TYPE_ARRAY:
|
|
|
|
if (VIR_EXPAND_N(val->u.array.values,
|
2013-07-04 10:02:00 +00:00
|
|
|
val->u.array.nValues, 1) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
return -1;
|
|
|
|
val->u.array.values[val->u.array.nValues - 1] = value;
|
|
|
|
rc = 0;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case NWFILTER_VALUE_TYPE_LAST:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2014-04-01 06:19:38 +00:00
|
|
|
|
|
|
|
int
|
|
|
|
virNWFilterVarValueAddValueCopy(virNWFilterVarValuePtr val, const char *value)
|
|
|
|
{
|
|
|
|
char *valdup;
|
|
|
|
if (VIR_STRDUP(valdup, value) < 0)
|
|
|
|
return -1;
|
|
|
|
if (virNWFilterVarValueAddValue(val, valdup) < 0) {
|
|
|
|
VIR_FREE(valdup);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2011-11-23 00:05:45 +00:00
|
|
|
static int
|
|
|
|
virNWFilterVarValueDelNthValue(virNWFilterVarValuePtr val, unsigned int pos)
|
|
|
|
{
|
|
|
|
switch (val->valType) {
|
|
|
|
case NWFILTER_VALUE_TYPE_SIMPLE:
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
case NWFILTER_VALUE_TYPE_ARRAY:
|
|
|
|
if (pos < val->u.array.nValues) {
|
|
|
|
VIR_FREE(val->u.array.values[pos]);
|
2014-03-07 08:33:31 +00:00
|
|
|
VIR_DELETE_ELEMENT(val->u.array.values, pos, val->u.array.nValues);
|
2011-11-23 00:05:45 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case NWFILTER_VALUE_TYPE_LAST:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
virNWFilterVarValueDelValue(virNWFilterVarValuePtr val, const char *value)
|
|
|
|
{
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-11-23 00:05:45 +00:00
|
|
|
|
|
|
|
switch (val->valType) {
|
|
|
|
case NWFILTER_VALUE_TYPE_SIMPLE:
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
case NWFILTER_VALUE_TYPE_ARRAY:
|
|
|
|
for (i = 0; i < val->u.array.nValues; i++)
|
|
|
|
if (STREQ(value, val->u.array.values[i]))
|
|
|
|
return virNWFilterVarValueDelNthValue(val, i);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case NWFILTER_VALUE_TYPE_LAST:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
void
|
|
|
|
virNWFilterVarCombIterFree(virNWFilterVarCombIterPtr ci)
|
|
|
|
{
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
if (!ci)
|
|
|
|
return;
|
|
|
|
|
|
|
|
for (i = 0; i < ci->nIter; i++)
|
|
|
|
VIR_FREE(ci->iter[i].varNames);
|
|
|
|
|
|
|
|
VIR_FREE(ci);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
virNWFilterVarCombIterGetIndexByIterId(virNWFilterVarCombIterPtr ci,
|
|
|
|
unsigned int iterId)
|
|
|
|
{
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
for (i = 0; i < ci->nIter; i++)
|
|
|
|
if (ci->iter[i].iterId == iterId)
|
|
|
|
return i;
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
virNWFilterVarCombIterEntryInit(virNWFilterVarCombIterEntryPtr cie,
|
|
|
|
unsigned int iterId)
|
|
|
|
{
|
|
|
|
memset(cie, 0, sizeof(*cie));
|
|
|
|
cie->iterId = iterId;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
virNWFilterVarCombIterAddVariable(virNWFilterVarCombIterEntryPtr cie,
|
|
|
|
virNWFilterHashTablePtr hash,
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
const virNWFilterVarAccess *varAccess)
|
2011-11-18 16:58:18 +00:00
|
|
|
{
|
|
|
|
virNWFilterVarValuePtr varValue;
|
2012-01-11 13:32:52 +00:00
|
|
|
unsigned int maxValue = 0, minValue = 0;
|
2012-01-11 11:42:37 +00:00
|
|
|
const char *varName = virNWFilterVarAccessGetVarName(varAccess);
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
varValue = virHashLookup(hash->hashTable, varName);
|
|
|
|
if (varValue == NULL) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
_("Could not find value for variable '%s'"),
|
|
|
|
varName);
|
2011-11-18 16:58:18 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2012-01-11 11:42:37 +00:00
|
|
|
switch (virNWFilterVarAccessGetType(varAccess)) {
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ELEMENT:
|
|
|
|
maxValue = virNWFilterVarAccessGetIndex(varAccess);
|
|
|
|
minValue = maxValue;
|
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ITERATOR:
|
|
|
|
maxValue = virNWFilterVarValueGetCardinality(varValue) - 1;
|
|
|
|
minValue = 0;
|
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_LAST:
|
|
|
|
return -1;
|
|
|
|
}
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
if (cie->nVarNames == 0) {
|
2012-01-11 11:42:37 +00:00
|
|
|
cie->maxValue = maxValue;
|
|
|
|
cie->minValue = minValue;
|
|
|
|
cie->curValue = minValue;
|
2011-11-18 16:58:18 +00:00
|
|
|
} else {
|
2012-01-11 11:42:37 +00:00
|
|
|
if (cie->maxValue != maxValue) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
_("Cardinality of list items must be "
|
|
|
|
"the same for processing them in "
|
|
|
|
"parallel"));
|
2011-11-18 16:58:18 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-07-04 10:02:00 +00:00
|
|
|
if (VIR_EXPAND_N(cie->varNames, cie->nVarNames, 1) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
return -1;
|
|
|
|
|
|
|
|
cie->varNames[cie->nVarNames - 1] = varName;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:
list1 = [1,2,1]
list2 = [1,3,1]
The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration
Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 11:42:37 +00:00
|
|
|
/*
|
|
|
|
* Test whether the iterator entry points to a distinguished set of entries
|
|
|
|
* that have not been seen before at one of the previous iterations.
|
|
|
|
*
|
|
|
|
* The point of this function is to eliminate duplicates.
|
|
|
|
* Example with two lists:
|
|
|
|
*
|
|
|
|
* list1 = [1,2,1]
|
|
|
|
* list2 = [1,3,1]
|
|
|
|
*
|
|
|
|
* The 1st iteration would take the 1st items of each list -> 1,1
|
|
|
|
* The 2nd iteration would take the 2nd items of each list -> 2,3
|
|
|
|
* The 3rd iteration would take the 3rd items of each list -> 1,1 but
|
|
|
|
* skip them since this pair has already been encountered in the 1st iteration
|
|
|
|
*/
|
|
|
|
static bool
|
|
|
|
virNWFilterVarCombIterEntryAreUniqueEntries(virNWFilterVarCombIterEntryPtr cie,
|
|
|
|
virNWFilterHashTablePtr hash)
|
|
|
|
{
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i, j;
|
Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:
list1 = [1,2,1]
list2 = [1,3,1]
The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration
Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 11:42:37 +00:00
|
|
|
virNWFilterVarValuePtr varValue, tmp;
|
|
|
|
const char *value;
|
|
|
|
|
|
|
|
varValue = virHashLookup(hash->hashTable, cie->varNames[0]);
|
2012-04-26 20:45:36 +00:00
|
|
|
if (!varValue) {
|
|
|
|
/* caller's error */
|
|
|
|
VIR_ERROR(_("hash lookup resulted in NULL pointer"));
|
|
|
|
return true;
|
|
|
|
}
|
Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:
list1 = [1,2,1]
list2 = [1,3,1]
The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration
Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 11:42:37 +00:00
|
|
|
|
|
|
|
value = virNWFilterVarValueGetNthValue(varValue, cie->curValue);
|
2012-04-26 20:45:36 +00:00
|
|
|
if (!value) {
|
|
|
|
VIR_ERROR(_("Lookup of value at index %u resulted in a NULL "
|
|
|
|
"pointer"), cie->curValue);
|
|
|
|
return true;
|
|
|
|
}
|
Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:
list1 = [1,2,1]
list2 = [1,3,1]
The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration
Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 11:42:37 +00:00
|
|
|
|
|
|
|
for (i = 0; i < cie->curValue; i++) {
|
|
|
|
if (STREQ(value, virNWFilterVarValueGetNthValue(varValue, i))) {
|
|
|
|
bool isSame = true;
|
|
|
|
for (j = 1; j < cie->nVarNames; j++) {
|
|
|
|
tmp = virHashLookup(hash->hashTable, cie->varNames[j]);
|
2012-04-26 20:45:36 +00:00
|
|
|
if (!tmp) {
|
|
|
|
/* should never occur to step on a NULL here */
|
|
|
|
return true;
|
|
|
|
}
|
2015-10-20 16:15:12 +00:00
|
|
|
if (STRNEQ(virNWFilterVarValueGetNthValue(tmp, cie->curValue),
|
Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:
list1 = [1,2,1]
list2 = [1,3,1]
The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration
Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 11:42:37 +00:00
|
|
|
virNWFilterVarValueGetNthValue(tmp, i))) {
|
|
|
|
isSame = false;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (isSame)
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
/*
|
|
|
|
* Create an iterator over the contents of the given variables. All variables
|
|
|
|
* must have entries in the hash table.
|
|
|
|
* The iterator that is created processes all given variables in parallel,
|
|
|
|
* meaning it will access $ITEM1[0] and $ITEM2[0] then $ITEM1[1] and $ITEM2[1]
|
|
|
|
* up to $ITEM1[n] and $ITEM2[n]. For this to work, the cardinality of all
|
|
|
|
* processed lists must be the same.
|
|
|
|
* The notation $ITEM1 and $ITEM2 (in one rule) therefore will always have to
|
|
|
|
* process the items in parallel. This will be an implicit notation for
|
|
|
|
* $ITEM1[@0] and $ITEM2[@0] to 'lock' the two together. Future notations of
|
|
|
|
* $ITEM1[@1] and $ITEM2[@2] will make them be processed independently,
|
|
|
|
* which then would cause all combinations of the items of the two lists to
|
|
|
|
* be created.
|
|
|
|
*/
|
|
|
|
virNWFilterVarCombIterPtr
|
|
|
|
virNWFilterVarCombIterCreate(virNWFilterHashTablePtr hash,
|
2012-01-11 11:42:37 +00:00
|
|
|
virNWFilterVarAccessPtr *varAccess,
|
2012-01-11 11:42:37 +00:00
|
|
|
size_t nVarAccess)
|
2011-11-18 16:58:18 +00:00
|
|
|
{
|
|
|
|
virNWFilterVarCombIterPtr res;
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
|
|
|
unsigned int iterId;
|
2012-01-11 11:42:37 +00:00
|
|
|
int iterIndex = -1;
|
2012-01-11 11:42:37 +00:00
|
|
|
unsigned int nextIntIterId = VIR_NWFILTER_MAX_ITERID + 1;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
2013-07-04 10:02:00 +00:00
|
|
|
if (VIR_ALLOC_VAR(res, virNWFilterVarCombIterEntry, 1 + nVarAccess) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
res->hashTable = hash;
|
|
|
|
|
|
|
|
/* create the default iterator to support @0 */
|
|
|
|
iterId = 0;
|
|
|
|
|
|
|
|
res->nIter = 1;
|
|
|
|
virNWFilterVarCombIterEntryInit(&res->iter[0], iterId);
|
|
|
|
|
2012-01-11 11:42:37 +00:00
|
|
|
for (i = 0; i < nVarAccess; i++) {
|
|
|
|
switch (virNWFilterVarAccessGetType(varAccess[i])) {
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ITERATOR:
|
|
|
|
iterId = virNWFilterVarAccessGetIterId(varAccess[i]);
|
|
|
|
iterIndex = virNWFilterVarCombIterGetIndexByIterId(res, iterId);
|
|
|
|
if (iterIndex < 0) {
|
|
|
|
iterIndex = res->nIter;
|
|
|
|
virNWFilterVarCombIterEntryInit(&res->iter[iterIndex], iterId);
|
|
|
|
res->nIter++;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ELEMENT:
|
2012-01-11 11:42:37 +00:00
|
|
|
iterIndex = res->nIter;
|
|
|
|
virNWFilterVarAccessSetIntIterId(varAccess[i], nextIntIterId);
|
|
|
|
virNWFilterVarCombIterEntryInit(&res->iter[iterIndex],
|
|
|
|
nextIntIterId);
|
|
|
|
nextIntIterId++;
|
|
|
|
res->nIter++;
|
|
|
|
break;
|
2012-01-11 11:42:37 +00:00
|
|
|
case VIR_NWFILTER_VAR_ACCESS_LAST:
|
2012-04-26 20:45:36 +00:00
|
|
|
goto err_exit;
|
2011-11-18 16:58:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (virNWFilterVarCombIterAddVariable(&res->iter[iterIndex],
|
2012-01-11 11:42:37 +00:00
|
|
|
hash, varAccess[i]) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
goto err_exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
return res;
|
|
|
|
|
2014-03-25 06:48:31 +00:00
|
|
|
err_exit:
|
2011-11-18 16:58:18 +00:00
|
|
|
virNWFilterVarCombIterFree(res);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
virNWFilterVarCombIterPtr
|
|
|
|
virNWFilterVarCombIterNext(virNWFilterVarCombIterPtr ci)
|
|
|
|
{
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
for (i = 0; i < ci->nIter; i++) {
|
2014-03-25 06:48:31 +00:00
|
|
|
next:
|
2011-11-18 16:58:18 +00:00
|
|
|
ci->iter[i].curValue++;
|
Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:
list1 = [1,2,1]
list2 = [1,3,1]
The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration
Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 11:42:37 +00:00
|
|
|
if (ci->iter[i].curValue <= ci->iter[i].maxValue) {
|
|
|
|
if (!virNWFilterVarCombIterEntryAreUniqueEntries(
|
|
|
|
&ci->iter[i], ci->hashTable))
|
|
|
|
goto next;
|
2011-11-18 16:58:18 +00:00
|
|
|
break;
|
Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:
list1 = [1,2,1]
list2 = [1,3,1]
The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration
Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 11:42:37 +00:00
|
|
|
} else {
|
2012-01-11 11:42:37 +00:00
|
|
|
ci->iter[i].curValue = ci->iter[i].minValue;
|
Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:
list1 = [1,2,1]
list2 = [1,3,1]
The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration
Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 11:42:37 +00:00
|
|
|
}
|
2011-11-18 16:58:18 +00:00
|
|
|
}
|
|
|
|
|
2014-03-17 11:38:20 +00:00
|
|
|
if (ci->nIter == i)
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
return ci;
|
|
|
|
}
|
|
|
|
|
|
|
|
const char *
|
|
|
|
virNWFilterVarCombIterGetVarValue(virNWFilterVarCombIterPtr ci,
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
const virNWFilterVarAccess *vap)
|
2011-11-18 16:58:18 +00:00
|
|
|
{
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
|
|
|
unsigned int iterId;
|
2011-11-18 16:58:18 +00:00
|
|
|
bool found = false;
|
|
|
|
const char *res = NULL;
|
|
|
|
virNWFilterVarValuePtr value;
|
2012-01-11 11:42:37 +00:00
|
|
|
int iterIndex = -1;
|
|
|
|
const char *varName = virNWFilterVarAccessGetVarName(vap);
|
2011-11-18 16:58:18 +00:00
|
|
|
|
2012-01-11 11:42:37 +00:00
|
|
|
switch (virNWFilterVarAccessGetType(vap)) {
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ITERATOR:
|
|
|
|
iterId = virNWFilterVarAccessGetIterId(vap);
|
|
|
|
iterIndex = virNWFilterVarCombIterGetIndexByIterId(ci, iterId);
|
|
|
|
if (iterIndex < 0) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
_("Could not get iterator index for "
|
|
|
|
"iterator ID %u"), iterId);
|
2012-01-11 11:42:37 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ELEMENT:
|
2012-01-11 11:42:37 +00:00
|
|
|
iterId = virNWFilterVarAccessGetIntIterId(vap);
|
|
|
|
iterIndex = virNWFilterVarCombIterGetIndexByIterId(ci, iterId);
|
|
|
|
if (iterIndex < 0) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
_("Could not get iterator index for "
|
|
|
|
"(internal) iterator ID %u"), iterId);
|
2012-01-11 11:42:37 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
break;
|
2012-01-11 11:42:37 +00:00
|
|
|
case VIR_NWFILTER_VAR_ACCESS_LAST:
|
|
|
|
return NULL;
|
|
|
|
}
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
for (i = 0; i < ci->iter[iterIndex].nVarNames; i++) {
|
|
|
|
if (STREQ(ci->iter[iterIndex].varNames[i], varName)) {
|
|
|
|
found = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!found) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
_("Could not find variable '%s' in iterator"),
|
|
|
|
varName);
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
value = virHashLookup(ci->hashTable->hashTable, varName);
|
|
|
|
if (!value) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
_("Could not find value for variable '%s'"),
|
|
|
|
varName);
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
res = virNWFilterVarValueGetNthValue(value, ci->iter[iterIndex].curValue);
|
|
|
|
if (!res) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
_("Could not get nth (%u) value of "
|
|
|
|
"variable '%s'"),
|
|
|
|
ci->iter[iterIndex].curValue, varName);
|
2011-11-18 16:58:18 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
2010-03-25 17:46:07 +00:00
|
|
|
static void
|
Allow hash tables to use generic pointers as keys
Relax the restriction that the hash table key must be a string
by allowing an arbitrary hash code generator + comparison func
to be provided
* util/hash.c, util/hash.h: Allow any pointer as a key
* internal.h: Include stdbool.h as standard.
* conf/domain_conf.c, conf/domain_conf.c,
conf/nwfilter_params.c, nwfilter/nwfilter_gentech_driver.c,
nwfilter/nwfilter_gentech_driver.h, nwfilter/nwfilter_learnipaddr.c,
qemu/qemu_command.c, qemu/qemu_driver.c,
qemu/qemu_process.c, uml/uml_driver.c,
xen/xm_internal.c: s/char */void */ in hash callbacks
2011-02-22 15:11:59 +00:00
|
|
|
hashDataFree(void *payload, const void *name ATTRIBUTE_UNUSED)
|
2010-03-25 17:46:07 +00:00
|
|
|
{
|
2011-11-18 16:58:18 +00:00
|
|
|
virNWFilterVarValueFree(payload);
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* virNWFilterHashTablePut:
|
|
|
|
* @table: Pointer to a virNWFilterHashTable
|
|
|
|
* @name: name of the key to enter
|
|
|
|
* @val: The value associated with the key
|
|
|
|
* @freeName: Whether the name must be freed on table destruction
|
|
|
|
*
|
2011-12-09 02:26:34 +00:00
|
|
|
* Returns 0 on success, -1 on failure.
|
2010-03-25 17:46:07 +00:00
|
|
|
*
|
|
|
|
* Put an entry into the hashmap replacing and freeing an existing entry
|
|
|
|
* if one existed.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
virNWFilterHashTablePut(virNWFilterHashTablePtr table,
|
|
|
|
const char *name,
|
2014-03-24 16:35:23 +00:00
|
|
|
virNWFilterVarValuePtr val)
|
2010-03-25 17:46:07 +00:00
|
|
|
{
|
|
|
|
if (!virHashLookup(table->hashTable, name)) {
|
2014-03-24 16:35:23 +00:00
|
|
|
if (virHashAddEntry(table->hashTable, name, val) < 0)
|
2011-12-09 02:26:34 +00:00
|
|
|
return -1;
|
2010-03-25 17:46:07 +00:00
|
|
|
} else {
|
2014-03-24 16:35:23 +00:00
|
|
|
if (virHashUpdateEntry(table->hashTable, name, val) < 0)
|
2011-12-09 02:26:34 +00:00
|
|
|
return -1;
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* virNWFilterHashTableFree:
|
|
|
|
* @table: Pointer to virNWFilterHashTable
|
|
|
|
*
|
|
|
|
* Free a hashtable de-allocating memory for all its entries.
|
|
|
|
*
|
|
|
|
* All hash tables within the NWFilter driver must use this
|
|
|
|
* function to deallocate and free their content.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
virNWFilterHashTableFree(virNWFilterHashTablePtr table)
|
|
|
|
{
|
|
|
|
if (!table)
|
|
|
|
return;
|
2011-02-18 21:30:24 +00:00
|
|
|
virHashFree(table->hashTable);
|
2010-03-25 17:46:07 +00:00
|
|
|
|
|
|
|
VIR_FREE(table);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
virNWFilterHashTablePtr
|
2014-03-18 08:15:05 +00:00
|
|
|
virNWFilterHashTableCreate(int n)
|
|
|
|
{
|
2010-03-25 17:46:07 +00:00
|
|
|
virNWFilterHashTablePtr ret;
|
|
|
|
|
2013-07-04 10:02:00 +00:00
|
|
|
if (VIR_ALLOC(ret) < 0)
|
2010-03-25 17:46:07 +00:00
|
|
|
return NULL;
|
2011-02-22 15:11:59 +00:00
|
|
|
ret->hashTable = virHashCreate(n, hashDataFree);
|
2010-03-25 17:46:07 +00:00
|
|
|
if (!ret->hashTable) {
|
|
|
|
VIR_FREE(ret);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2011-11-23 00:05:45 +00:00
|
|
|
void *
|
2010-03-25 17:46:07 +00:00
|
|
|
virNWFilterHashTableRemoveEntry(virNWFilterHashTablePtr ht,
|
|
|
|
const char *entry)
|
|
|
|
{
|
2014-03-24 16:35:23 +00:00
|
|
|
return virHashSteal(ht->hashTable, entry);
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
struct addToTableStruct {
|
|
|
|
virNWFilterHashTablePtr target;
|
|
|
|
int errOccurred;
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
Allow hash tables to use generic pointers as keys
Relax the restriction that the hash table key must be a string
by allowing an arbitrary hash code generator + comparison func
to be provided
* util/hash.c, util/hash.h: Allow any pointer as a key
* internal.h: Include stdbool.h as standard.
* conf/domain_conf.c, conf/domain_conf.c,
conf/nwfilter_params.c, nwfilter/nwfilter_gentech_driver.c,
nwfilter/nwfilter_gentech_driver.h, nwfilter/nwfilter_learnipaddr.c,
qemu/qemu_command.c, qemu/qemu_driver.c,
qemu/qemu_process.c, uml/uml_driver.c,
xen/xm_internal.c: s/char */void */ in hash callbacks
2011-02-22 15:11:59 +00:00
|
|
|
addToTable(void *payload, const void *name, void *data)
|
2010-03-25 17:46:07 +00:00
|
|
|
{
|
|
|
|
struct addToTableStruct *atts = (struct addToTableStruct *)data;
|
2011-11-18 16:58:18 +00:00
|
|
|
virNWFilterVarValuePtr val;
|
2010-03-25 17:46:07 +00:00
|
|
|
|
|
|
|
if (atts->errOccurred)
|
|
|
|
return;
|
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
val = virNWFilterVarValueCopy((virNWFilterVarValuePtr)payload);
|
2010-03-25 17:46:07 +00:00
|
|
|
if (!val) {
|
|
|
|
atts->errOccurred = 1;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2014-08-20 11:00:30 +00:00
|
|
|
if (virNWFilterHashTablePut(atts->target, (const char *)name, val) < 0) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
_("Could not put variable '%s' into hashmap"),
|
|
|
|
(const char *)name);
|
2010-03-25 17:46:07 +00:00
|
|
|
atts->errOccurred = 1;
|
2011-11-18 16:58:18 +00:00
|
|
|
virNWFilterVarValueFree(val);
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int
|
2010-04-05 16:34:55 +00:00
|
|
|
virNWFilterHashTablePutAll(virNWFilterHashTablePtr src,
|
2010-03-25 17:46:07 +00:00
|
|
|
virNWFilterHashTablePtr dest)
|
|
|
|
{
|
|
|
|
struct addToTableStruct atts = {
|
|
|
|
.target = dest,
|
|
|
|
.errOccurred = 0,
|
|
|
|
};
|
|
|
|
|
|
|
|
virHashForEach(src->hashTable, addToTable, &atts);
|
|
|
|
if (atts.errOccurred)
|
|
|
|
goto err_exit;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
2014-03-25 06:48:31 +00:00
|
|
|
err_exit:
|
2011-12-09 02:26:34 +00:00
|
|
|
return -1;
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
|
|
|
|
2012-11-12 16:21:10 +00:00
|
|
|
/* The general purpose function virNWFilterVarValueEqual returns a
|
|
|
|
* bool, but the comparison callback for virHashEqual (called below)
|
|
|
|
* needs to return an int of 0 for == and non-0 for !=
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
virNWFilterVarValueCompare(const void *a, const void *b)
|
|
|
|
{
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
return virNWFilterVarValueEqual((const virNWFilterVarValue *) a,
|
|
|
|
(const virNWFilterVarValue *) b) ? 0 : 1;
|
2012-11-12 16:21:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
bool
|
|
|
|
virNWFilterHashTableEqual(virNWFilterHashTablePtr a,
|
|
|
|
virNWFilterHashTablePtr b)
|
|
|
|
{
|
|
|
|
if (!(a || b))
|
|
|
|
return true;
|
|
|
|
if (!(a && b))
|
|
|
|
return false;
|
|
|
|
return virHashEqual(a->hashTable, b->hashTable, virNWFilterVarValueCompare);
|
|
|
|
}
|
2010-03-25 17:46:07 +00:00
|
|
|
|
2010-04-04 14:34:52 +00:00
|
|
|
static bool
|
|
|
|
isValidVarName(const char *var)
|
|
|
|
{
|
|
|
|
return var[strspn(var, VALID_VARNAME)] == 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static bool
|
|
|
|
isValidVarValue(const char *value)
|
|
|
|
{
|
2011-11-18 16:58:18 +00:00
|
|
|
return (value[strspn(value, VALID_VARVALUE)] == 0) && (strlen(value) != 0);
|
2010-04-04 14:34:52 +00:00
|
|
|
}
|
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
static virNWFilterVarValuePtr
|
|
|
|
virNWFilterParseVarValue(const char *val)
|
|
|
|
{
|
|
|
|
return virNWFilterVarValueCreateSimpleCopyValue(val);
|
|
|
|
}
|
2010-04-04 14:34:52 +00:00
|
|
|
|
2010-03-25 17:46:07 +00:00
|
|
|
virNWFilterHashTablePtr
|
|
|
|
virNWFilterParseParamAttributes(xmlNodePtr cur)
|
|
|
|
{
|
|
|
|
char *nam, *val;
|
2011-11-18 16:58:18 +00:00
|
|
|
virNWFilterVarValuePtr value;
|
2010-03-25 17:46:07 +00:00
|
|
|
|
|
|
|
virNWFilterHashTablePtr table = virNWFilterHashTableCreate(0);
|
2013-07-04 10:02:00 +00:00
|
|
|
if (!table)
|
2010-03-25 17:46:07 +00:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
cur = cur->children;
|
|
|
|
|
|
|
|
while (cur != NULL) {
|
|
|
|
if (cur->type == XML_ELEMENT_NODE) {
|
|
|
|
if (xmlStrEqual(cur->name, BAD_CAST "parameter")) {
|
|
|
|
nam = virXMLPropString(cur, "name");
|
|
|
|
val = virXMLPropString(cur, "value");
|
2011-11-18 16:58:18 +00:00
|
|
|
value = NULL;
|
2010-03-25 17:46:07 +00:00
|
|
|
if (nam != NULL && val != NULL) {
|
2010-04-04 14:34:52 +00:00
|
|
|
if (!isValidVarName(nam))
|
2010-03-25 17:46:07 +00:00
|
|
|
goto skip_entry;
|
2011-11-18 16:58:18 +00:00
|
|
|
if (!isValidVarValue(val))
|
2010-03-25 17:46:07 +00:00
|
|
|
goto skip_entry;
|
2011-11-18 16:58:18 +00:00
|
|
|
value = virHashLookup(table->hashTable, nam);
|
|
|
|
if (value) {
|
|
|
|
/* add value to existing value -> list */
|
|
|
|
if (virNWFilterVarValueAddValue(value, val) < 0) {
|
|
|
|
value = NULL;
|
|
|
|
goto err_exit;
|
|
|
|
}
|
|
|
|
val = NULL;
|
|
|
|
} else {
|
|
|
|
value = virNWFilterParseVarValue(val);
|
|
|
|
if (!value)
|
|
|
|
goto skip_entry;
|
2014-03-24 16:35:23 +00:00
|
|
|
if (virNWFilterHashTablePut(table, nam, value) < 0)
|
2011-11-18 16:58:18 +00:00
|
|
|
goto err_exit;
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
2011-11-18 16:58:18 +00:00
|
|
|
value = NULL;
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
2014-03-25 06:48:31 +00:00
|
|
|
skip_entry:
|
2011-11-18 16:58:18 +00:00
|
|
|
virNWFilterVarValueFree(value);
|
2010-03-25 17:46:07 +00:00
|
|
|
VIR_FREE(nam);
|
|
|
|
VIR_FREE(val);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
cur = cur->next;
|
|
|
|
}
|
|
|
|
return table;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
2014-03-25 06:48:31 +00:00
|
|
|
err_exit:
|
2011-11-18 16:58:18 +00:00
|
|
|
VIR_FREE(nam);
|
|
|
|
VIR_FREE(val);
|
|
|
|
virNWFilterVarValueFree(value);
|
|
|
|
virNWFilterHashTableFree(table);
|
|
|
|
return NULL;
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
static int
|
maint: avoid 'const fooPtr' in hashes
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up virhash to provide a const-correct interface: all actions
that don't modify the table take a const table. Note that in
one case (virHashSearch), we actually strip const away - we aren't
modifying the contents of the table, so much as associated data
for ensuring that the code uses the table correctly (if this were
C++, it would be a case for the 'mutable' keyword).
* src/util/virhash.h (virHashKeyComparator, virHashEqual): Use
intended type.
(virHashSize, virHashTableSize, virHashLookup, virHashSearch):
Make const-correct.
* src/util/virhash.c (virHashEqualData, virHashEqual)
(virHashLookup, virHashSize, virHashTableSize, virHashSearch)
(virHashComputeKey): Fix fallout.
* src/conf/nwfilter_params.c
(virNWFilterFormatParameterNameSorter): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c
(ebiptablesFilterOrderSort): Likewise.
* tests/virhashtest.c (testHashGetItemsCompKey)
(testHashGetItemsCompValue): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-05 02:30:35 +00:00
|
|
|
virNWFilterFormatParameterNameSorter(const virHashKeyValuePair *a,
|
|
|
|
const virHashKeyValuePair *b)
|
2010-03-25 17:46:07 +00:00
|
|
|
{
|
maint: avoid 'const fooPtr' in hashes
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up virhash to provide a const-correct interface: all actions
that don't modify the table take a const table. Note that in
one case (virHashSearch), we actually strip const away - we aren't
modifying the contents of the table, so much as associated data
for ensuring that the code uses the table correctly (if this were
C++, it would be a case for the 'mutable' keyword).
* src/util/virhash.h (virHashKeyComparator, virHashEqual): Use
intended type.
(virHashSize, virHashTableSize, virHashLookup, virHashSearch):
Make const-correct.
* src/util/virhash.c (virHashEqualData, virHashEqual)
(virHashLookup, virHashSize, virHashTableSize, virHashSearch)
(virHashComputeKey): Fix fallout.
* src/conf/nwfilter_params.c
(virNWFilterFormatParameterNameSorter): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c
(ebiptablesFilterOrderSort): Likewise.
* tests/virhashtest.c (testHashGetItemsCompKey)
(testHashGetItemsCompValue): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-05 02:30:35 +00:00
|
|
|
return strcmp(a->key, b->key);
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
|
|
|
|
2011-09-22 19:05:03 +00:00
|
|
|
int
|
|
|
|
virNWFilterFormatParamAttributes(virBufferPtr buf,
|
|
|
|
virNWFilterHashTablePtr table,
|
|
|
|
const char *filterref)
|
2010-03-25 17:46:07 +00:00
|
|
|
{
|
2011-11-18 16:58:18 +00:00
|
|
|
virHashKeyValuePairPtr items;
|
Convert 'int i' to 'size_t i' in src/conf/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i, j;
|
|
|
|
int card, numKeys;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
numKeys = virHashSize(table->hashTable);
|
2010-03-25 17:46:07 +00:00
|
|
|
|
2011-11-18 16:58:18 +00:00
|
|
|
if (numKeys < 0) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
_("missing filter parameter table"));
|
2011-09-22 19:05:03 +00:00
|
|
|
return -1;
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
items = virHashGetItems(table->hashTable,
|
|
|
|
virNWFilterFormatParameterNameSorter);
|
|
|
|
if (!items)
|
|
|
|
return -1;
|
|
|
|
|
2011-09-22 19:05:03 +00:00
|
|
|
virBufferAsprintf(buf, "<filterref filter='%s'", filterref);
|
2011-11-18 16:58:18 +00:00
|
|
|
if (numKeys) {
|
2011-09-22 19:05:03 +00:00
|
|
|
virBufferAddLit(buf, ">\n");
|
2014-03-05 15:04:15 +00:00
|
|
|
virBufferAdjustIndent(buf, 2);
|
2011-11-18 16:58:18 +00:00
|
|
|
for (i = 0; i < numKeys; i++) {
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
const virNWFilterVarValue *value = items[i].value;
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
card = virNWFilterVarValueGetCardinality(value);
|
|
|
|
|
|
|
|
for (j = 0; j < card; j++)
|
|
|
|
virBufferAsprintf(buf,
|
2014-03-05 15:04:15 +00:00
|
|
|
"<parameter name='%s' value='%s'/>\n",
|
2011-11-18 16:58:18 +00:00
|
|
|
(const char *)items[i].key,
|
|
|
|
virNWFilterVarValueGetNthValue(value, j));
|
|
|
|
|
|
|
|
}
|
2014-03-05 15:04:15 +00:00
|
|
|
virBufferAdjustIndent(buf, -2);
|
2011-09-22 19:05:03 +00:00
|
|
|
virBufferAddLit(buf, "</filterref>\n");
|
|
|
|
} else {
|
|
|
|
virBufferAddLit(buf, "/>\n");
|
|
|
|
}
|
2011-11-18 16:58:18 +00:00
|
|
|
|
|
|
|
VIR_FREE(items);
|
|
|
|
|
2011-09-22 19:05:03 +00:00
|
|
|
return 0;
|
2010-03-25 17:46:07 +00:00
|
|
|
}
|
2012-01-11 11:42:37 +00:00
|
|
|
|
|
|
|
void
|
|
|
|
virNWFilterVarAccessFree(virNWFilterVarAccessPtr varAccess)
|
|
|
|
{
|
|
|
|
if (!varAccess)
|
|
|
|
return;
|
|
|
|
|
|
|
|
VIR_FREE(varAccess->varName);
|
|
|
|
VIR_FREE(varAccess);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarAccessEqual(const virNWFilterVarAccess *a,
|
|
|
|
const virNWFilterVarAccess *b)
|
2012-01-11 11:42:37 +00:00
|
|
|
{
|
|
|
|
if (a->accessType != b->accessType)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
if (STRNEQ(a->varName, b->varName))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
switch (a->accessType) {
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ELEMENT:
|
2015-04-14 11:36:23 +00:00
|
|
|
return (a->u.index.idx == b->u.index.idx &&
|
2012-01-11 11:42:37 +00:00
|
|
|
a->u.index.intIterId == b->u.index.intIterId);
|
2012-01-11 11:42:37 +00:00
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ITERATOR:
|
2012-03-22 11:33:35 +00:00
|
|
|
return a->u.iterId == b->u.iterId;
|
2012-01-11 11:42:37 +00:00
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_LAST:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Parse a variable access like
|
|
|
|
* IP, IP[@2], IP[3]
|
|
|
|
*/
|
|
|
|
virNWFilterVarAccessPtr
|
|
|
|
virNWFilterVarAccessParse(const char *varAccess)
|
|
|
|
{
|
|
|
|
size_t idx, varNameLen;
|
|
|
|
virNWFilterVarAccessPtr dest;
|
|
|
|
const char *input = varAccess;
|
|
|
|
|
2013-07-04 10:02:00 +00:00
|
|
|
if (VIR_ALLOC(dest) < 0)
|
2012-01-11 11:42:37 +00:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
idx = strspn(input, VALID_VARNAME);
|
|
|
|
|
|
|
|
if (input[idx] == '\0') {
|
|
|
|
/* in the form 'IP', which is equivalent to IP[@0] */
|
2013-05-03 12:40:46 +00:00
|
|
|
if (VIR_STRNDUP(dest->varName, input, idx) < 0)
|
2012-01-11 11:42:37 +00:00
|
|
|
goto err_exit;
|
|
|
|
dest->accessType = VIR_NWFILTER_VAR_ACCESS_ITERATOR;
|
|
|
|
dest->u.iterId = 0;
|
|
|
|
return dest;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (input[idx] == '[') {
|
|
|
|
char *end_ptr;
|
|
|
|
unsigned int result;
|
|
|
|
bool parseError = false;
|
|
|
|
|
|
|
|
varNameLen = idx;
|
|
|
|
|
2013-05-03 12:40:46 +00:00
|
|
|
if (VIR_STRNDUP(dest->varName, input, varNameLen) < 0)
|
2012-01-11 11:42:37 +00:00
|
|
|
goto err_exit;
|
|
|
|
|
|
|
|
input += idx + 1;
|
|
|
|
virSkipSpaces(&input);
|
|
|
|
|
|
|
|
if (*input == '@') {
|
|
|
|
/* in the form 'IP[@<number>] -> iterator */
|
|
|
|
dest->accessType = VIR_NWFILTER_VAR_ACCESS_ITERATOR;
|
|
|
|
input++;
|
|
|
|
} else {
|
|
|
|
/* in the form 'IP[<number>] -> element */
|
|
|
|
dest->accessType = VIR_NWFILTER_VAR_ACCESS_ELEMENT;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (virStrToLong_ui(input, &end_ptr, 10, &result) < 0)
|
|
|
|
parseError = true;
|
|
|
|
if (!parseError) {
|
|
|
|
input = end_ptr;
|
|
|
|
virSkipSpaces(&input);
|
|
|
|
if (*input != ']')
|
|
|
|
parseError = true;
|
|
|
|
}
|
|
|
|
if (parseError) {
|
|
|
|
if (dest->accessType == VIR_NWFILTER_VAR_ACCESS_ELEMENT)
|
maint: don't permit format strings without %
Any time we have a string with no % passed through gettext, a
translator can inject a % to cause a stack overread. When there
is nothing to format, it's easier to ask for a string that cannot
be used as a formatter, by using a trivial "%s" format instead.
In the past, we have used --disable-nls to catch some of the
offenders, but that doesn't get run very often, and many more
uses have crept in. Syntax check to the rescue!
The syntax check can catch uses such as
virReportError(code,
_("split "
"string"));
by using a sed script to fold context lines into one pattern
space before checking for a string without %.
This patch is just mechanical insertion of %s; there are probably
several messages touched by this patch where we would be better
off giving the user more information than a fixed string.
* cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
* src/datatypes.c (virUnrefConnect, virGetDomain)
(virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
(virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
(virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
(virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
(virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
* src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
(lxcDomainGetBlkioParameters): Likewise.
* src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
(virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
Likewise.
* src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
(virNetworkDefParseXML): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
(virNWFilterVarAccessParse): Likewise.
* src/libvirt.c (virDomainSave, virDomainSaveFlags)
(virDomainRestore, virDomainRestoreFlags)
(virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
(virDomainCoreDump, virDomainGetXMLDesc)
(virDomainMigrateVersion1, virDomainMigrateVersion2)
(virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
(virStreamSendAll, virStreamRecvAll)
(virDomainSnapshotGetXMLDesc): Likewise.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterDHCPSnoopReq): Likewise.
* src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
* src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
* src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
* src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
(qemuBuildCommandLine): Likewise.
* src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
* src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
Likewise.
* src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
(virNetSocketSendFD, virNetSocketRecvFD): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskBuildPool): Likewise.
* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemProbe)
(virStorageBackendFileSystemBuild): Likewise.
* src/storage/storage_backend_rbd.c
(virStorageBackendRBDOpenRADOSConn): Likewise.
* src/storage/storage_driver.c (storageVolumeResize): Likewise.
* src/test/test_driver.c (testInterfaceChangeBegin)
(testInterfaceChangeCommit, testInterfaceChangeRollback):
Likewise.
* src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
* src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
Likewise.
* src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
(xenFormatXM): Likewise.
2012-07-23 20:33:08 +00:00
|
|
|
virReportError(VIR_ERR_INVALID_ARG, "%s",
|
2012-07-18 10:50:44 +00:00
|
|
|
_("Malformatted array index"));
|
2012-01-11 11:42:37 +00:00
|
|
|
else
|
maint: don't permit format strings without %
Any time we have a string with no % passed through gettext, a
translator can inject a % to cause a stack overread. When there
is nothing to format, it's easier to ask for a string that cannot
be used as a formatter, by using a trivial "%s" format instead.
In the past, we have used --disable-nls to catch some of the
offenders, but that doesn't get run very often, and many more
uses have crept in. Syntax check to the rescue!
The syntax check can catch uses such as
virReportError(code,
_("split "
"string"));
by using a sed script to fold context lines into one pattern
space before checking for a string without %.
This patch is just mechanical insertion of %s; there are probably
several messages touched by this patch where we would be better
off giving the user more information than a fixed string.
* cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
* src/datatypes.c (virUnrefConnect, virGetDomain)
(virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
(virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
(virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
(virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
(virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
* src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
(lxcDomainGetBlkioParameters): Likewise.
* src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
(virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
Likewise.
* src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
(virNetworkDefParseXML): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
(virNWFilterVarAccessParse): Likewise.
* src/libvirt.c (virDomainSave, virDomainSaveFlags)
(virDomainRestore, virDomainRestoreFlags)
(virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
(virDomainCoreDump, virDomainGetXMLDesc)
(virDomainMigrateVersion1, virDomainMigrateVersion2)
(virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
(virStreamSendAll, virStreamRecvAll)
(virDomainSnapshotGetXMLDesc): Likewise.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterDHCPSnoopReq): Likewise.
* src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
* src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
* src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
* src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
(qemuBuildCommandLine): Likewise.
* src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
* src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
Likewise.
* src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
(virNetSocketSendFD, virNetSocketRecvFD): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskBuildPool): Likewise.
* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemProbe)
(virStorageBackendFileSystemBuild): Likewise.
* src/storage/storage_backend_rbd.c
(virStorageBackendRBDOpenRADOSConn): Likewise.
* src/storage/storage_driver.c (storageVolumeResize): Likewise.
* src/test/test_driver.c (testInterfaceChangeBegin)
(testInterfaceChangeCommit, testInterfaceChangeRollback):
Likewise.
* src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
* src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
Likewise.
* src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
(xenFormatXM): Likewise.
2012-07-23 20:33:08 +00:00
|
|
|
virReportError(VIR_ERR_INVALID_ARG, "%s",
|
2012-07-18 10:50:44 +00:00
|
|
|
_("Malformatted iterator id"));
|
2012-01-11 11:42:37 +00:00
|
|
|
goto err_exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (dest->accessType) {
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ELEMENT:
|
2015-04-14 11:36:23 +00:00
|
|
|
dest->u.index.idx = result;
|
2012-01-11 11:42:37 +00:00
|
|
|
dest->u.index.intIterId = ~0;
|
2012-01-11 11:42:37 +00:00
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ITERATOR:
|
|
|
|
if (result > VIR_NWFILTER_MAX_ITERID) {
|
2012-07-18 10:50:44 +00:00
|
|
|
virReportError(VIR_ERR_INVALID_ARG,
|
|
|
|
_("Iterator ID exceeds maximum ID "
|
|
|
|
"of %u"), VIR_NWFILTER_MAX_ITERID);
|
2012-01-11 11:42:37 +00:00
|
|
|
goto err_exit;
|
|
|
|
}
|
|
|
|
dest->u.iterId = result;
|
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_LAST:
|
|
|
|
goto err_exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
return dest;
|
|
|
|
} else {
|
maint: don't permit format strings without %
Any time we have a string with no % passed through gettext, a
translator can inject a % to cause a stack overread. When there
is nothing to format, it's easier to ask for a string that cannot
be used as a formatter, by using a trivial "%s" format instead.
In the past, we have used --disable-nls to catch some of the
offenders, but that doesn't get run very often, and many more
uses have crept in. Syntax check to the rescue!
The syntax check can catch uses such as
virReportError(code,
_("split "
"string"));
by using a sed script to fold context lines into one pattern
space before checking for a string without %.
This patch is just mechanical insertion of %s; there are probably
several messages touched by this patch where we would be better
off giving the user more information than a fixed string.
* cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
* src/datatypes.c (virUnrefConnect, virGetDomain)
(virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
(virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
(virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
(virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
(virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
* src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
(lxcDomainGetBlkioParameters): Likewise.
* src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
(virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
Likewise.
* src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
(virNetworkDefParseXML): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
(virNWFilterVarAccessParse): Likewise.
* src/libvirt.c (virDomainSave, virDomainSaveFlags)
(virDomainRestore, virDomainRestoreFlags)
(virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
(virDomainCoreDump, virDomainGetXMLDesc)
(virDomainMigrateVersion1, virDomainMigrateVersion2)
(virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
(virStreamSendAll, virStreamRecvAll)
(virDomainSnapshotGetXMLDesc): Likewise.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterDHCPSnoopReq): Likewise.
* src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
* src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
* src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
* src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
(qemuBuildCommandLine): Likewise.
* src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
* src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
Likewise.
* src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
(virNetSocketSendFD, virNetSocketRecvFD): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskBuildPool): Likewise.
* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemProbe)
(virStorageBackendFileSystemBuild): Likewise.
* src/storage/storage_backend_rbd.c
(virStorageBackendRBDOpenRADOSConn): Likewise.
* src/storage/storage_driver.c (storageVolumeResize): Likewise.
* src/test/test_driver.c (testInterfaceChangeBegin)
(testInterfaceChangeCommit, testInterfaceChangeRollback):
Likewise.
* src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
* src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
Likewise.
* src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
(xenFormatXM): Likewise.
2012-07-23 20:33:08 +00:00
|
|
|
virReportError(VIR_ERR_INVALID_ARG, "%s",
|
2012-07-18 10:50:44 +00:00
|
|
|
_("Malformatted variable"));
|
2012-01-11 11:42:37 +00:00
|
|
|
}
|
|
|
|
|
2014-03-25 06:48:31 +00:00
|
|
|
err_exit:
|
2012-01-11 11:42:37 +00:00
|
|
|
virNWFilterVarAccessFree(dest);
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
virNWFilterVarAccessPrint(virNWFilterVarAccessPtr vap, virBufferPtr buf)
|
|
|
|
{
|
|
|
|
virBufferAdd(buf, vap->varName, -1);
|
|
|
|
switch (vap->accessType) {
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ELEMENT:
|
2015-04-14 11:36:23 +00:00
|
|
|
virBufferAsprintf(buf, "[%u]", vap->u.index.idx);
|
2012-01-11 11:42:37 +00:00
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ITERATOR:
|
|
|
|
if (vap->u.iterId != 0)
|
|
|
|
virBufferAsprintf(buf, "[@%u]", vap->u.iterId);
|
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_LAST:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
const char *
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarAccessGetVarName(const virNWFilterVarAccess *vap)
|
2012-01-11 11:42:37 +00:00
|
|
|
{
|
|
|
|
return vap->varName;
|
|
|
|
}
|
|
|
|
|
2014-05-11 15:08:48 +00:00
|
|
|
virNWFilterVarAccessType
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarAccessGetType(const virNWFilterVarAccess *vap)
|
2012-01-11 11:42:37 +00:00
|
|
|
{
|
|
|
|
return vap->accessType;
|
|
|
|
}
|
|
|
|
|
|
|
|
unsigned int
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarAccessGetIterId(const virNWFilterVarAccess *vap)
|
2012-01-11 11:42:37 +00:00
|
|
|
{
|
|
|
|
return vap->u.iterId;
|
|
|
|
}
|
2012-01-11 11:42:37 +00:00
|
|
|
|
|
|
|
unsigned int
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarAccessGetIndex(const virNWFilterVarAccess *vap)
|
2012-01-11 11:42:37 +00:00
|
|
|
{
|
2015-04-14 11:36:23 +00:00
|
|
|
return vap->u.index.idx;
|
2012-01-11 11:42:37 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
virNWFilterVarAccessSetIntIterId(virNWFilterVarAccessPtr vap,
|
|
|
|
unsigned int intIterId)
|
|
|
|
{
|
|
|
|
vap->u.index.intIterId = intIterId;
|
|
|
|
}
|
|
|
|
|
|
|
|
static unsigned int
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarAccessGetIntIterId(const virNWFilterVarAccess *vap)
|
2012-01-11 11:42:37 +00:00
|
|
|
{
|
|
|
|
return vap->u.index.intIterId;
|
|
|
|
}
|
2012-01-11 11:42:37 +00:00
|
|
|
|
|
|
|
bool
|
maint: avoid 'const fooPtr' in nwfilter files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can). But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).
Fix up offenders in nwfilter code.
This patch does nothing about the stupidity evident in having
__virNWFilterInstantiateFilter, _virNWFilterInstantiateFilter,
and virNWFilterInstantiateFilter, which differ only by leading
underscores, and which infringes on the namespace reserved to
the implementation - that would need to be a separate cleanup.
* src/nwfilter/nwfilter_dhcpsnoop.h (virNWFilterDHCPSnoopReq): Use
intended type.
* src/nwfilter/nwfilter_gentech_driver.h
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterInstantiataeFilterLate, virNWFilterTeardownFilter)
(virNWFilterCreateVarHashmap): Likewise.
* src/nwfilter/nwfilter_learnipaddr.h (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_conf.h (virNWFilterApplyBasicRules)
(virNWFilterApplyDHCPOnlyRules): Likewise.
(virNWFilterDefFormat): Make const-correct.
* src/conf/nwfilter_params.h (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple, virNWFilterVarValueGetCardinality)
(virNWFilterVarValueEqual, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarCombIterGetVarValue): Use intended type.
(virNWFilterVarValueGetNthValue): Make const-correct.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterSnoopIFKeyFMT, virNWFilterDHCPSnoopReq)
(virNWFilterSnoopPruneIter, virNWFilterSnoopRemAllReqIter)
(virNWFilterDHCPSnoopReq): Fix fallout.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterVarHashmapAddStdValues, virNWFilterCreateVarHashmap)
(virNWFilterInstantiate, __virNWFilterInstantiateFilter)
(_virNWFilterInstantiateFilter, virNWFilterInstantiateFilterLate)
(virNWFilterInstantiateFilter)
(virNWFilterUpdateInstantiateFilter)
(virNWFilterRollbackUpdateFilter, virNWFilterTeardownFilter):
Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnIPAddress):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCopy)
(virNWFilterVarValueGetSimple)
(virNWFilterVarValueGetCardinality, virNWFilterVarValueEqual)
(virNWFilterVarCombIterAddVariable)
(virNWFilterVarCombIterGetVarValue, virNWFilterVarValueCompare)
(virNWFilterFormatParamAttributes, virNWFilterVarAccessEqual)
(virNWFilterVarAccessGetVarName, virNWFilterVarAccessGetType)
(virNWFilterVarAccessGetIterId, virNWFilterVarAccessGetIndex)
(virNWFilterVarAccessGetIntIterId)
(virNWFilterVarAccessIsAvailable)
(virNWFilterVarValueGetNthValue): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebtablesApplyBasicRules)
(ebtablesApplyDHCPOnlyRules, ebiptablesRuleOrderSort)
(ebiptablesRuleOrderSortPtr): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterDefEqual)
(virNWFilterDefFormat): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-07 16:55:22 +00:00
|
|
|
virNWFilterVarAccessIsAvailable(const virNWFilterVarAccess *varAccess,
|
|
|
|
const virNWFilterHashTable *hash)
|
2012-01-11 11:42:37 +00:00
|
|
|
{
|
|
|
|
const char *varName = virNWFilterVarAccessGetVarName(varAccess);
|
|
|
|
const char *res;
|
|
|
|
unsigned int idx;
|
|
|
|
virNWFilterVarValuePtr varValue;
|
|
|
|
|
|
|
|
varValue = virHashLookup(hash->hashTable, varName);
|
|
|
|
if (!varValue)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
switch (virNWFilterVarAccessGetType(varAccess)) {
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ELEMENT:
|
|
|
|
idx = virNWFilterVarAccessGetIndex(varAccess);
|
|
|
|
res = virNWFilterVarValueGetNthValue(varValue, idx);
|
|
|
|
if (res == NULL)
|
|
|
|
return false;
|
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_ITERATOR:
|
|
|
|
break;
|
|
|
|
case VIR_NWFILTER_VAR_ACCESS_LAST:
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|