External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-07 18:35:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

eliminate unnecessary labels and ret variables

Browse Source 
after making all virFirewall objects use g_autoptr().

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Laine Stump 2020-07-04 16:38:37 -04:00
parent cf1ec5daac
commit 310ce7cf7e
4 changed files with 22 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/network/bridge_driver_linux.c
View File

@ -839,7 +839,6 @@ int networkAddFirewallRules(virNetworkDefPtr def)
size_t i;
virNetworkIPDefPtr ipdef;
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
if (virOnce(&createdOnce, networkSetupPrivateChains) < 0)
return -1;
@ -869,11 +868,11 @@ int networkAddFirewallRules(virNetworkDefPtr def)
_("zone %s requested for network %s "
"but firewalld is not active"),
def->bridgeZone, def->name);
goto cleanup;
return -1;
}
if (virFirewallDInterfaceSetZone(def->bridge, def->bridgeZone) < 0)
goto cleanup;
return -1;
} else {
@ -893,13 +892,13 @@ int networkAddFirewallRules(virNetworkDefPtr def)
*/
if (virFirewallDZoneExists("libvirt")) {
if (virFirewallDInterfaceSetZone(def->bridge, "libvirt") < 0)
goto cleanup;
return -1;
} else {
unsigned long version;
int vresult = virFirewallDGetVersion(&version);
if (vresult < 0)
goto cleanup;
return -1;
/* Support for nftables backend was added in firewalld
* 0.6.0. Support for rule priorities (required by the
@ -919,7 +918,7 @@ int networkAddFirewallRules(virNetworkDefPtr def)
"version supporting rule priorities "
"(0.7.0+) and/or rebuilding "
"libvirt with --with-firewalld-zone"));
goto cleanup;
return -1;
}
}
}
@ -933,7 +932,7 @@ int networkAddFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) {
if (networkAddIPSpecificFirewallRules(fw, def, ipdef) < 0)
goto cleanup;
return -1;
}
virFirewallStartRollback(fw, 0);
@ -942,19 +941,14 @@ int networkAddFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) {
if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0)
goto cleanup;
return -1;
}
networkRemoveGeneralFirewallRules(fw, def);
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
networkAddChecksumFirewallRules(fw, def);
if (virFirewallApply(fw) < 0)
goto cleanup;
ret = 0;
cleanup:
return ret;
return virFirewallApply(fw);
}
/* Remove all rules for all ip addresses (and general rules) on a network */
@ -973,12 +967,9 @@ void networkRemoveFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) {
if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0)
goto cleanup;
return;
}
networkRemoveGeneralFirewallRules(fw, def);
virFirewallApply(fw);
cleanup:
return;
}

32
src/nwfilter/nwfilter_ebiptables_driver.c
View File

@ -2866,7 +2866,7 @@ ebtablesApplyBasicRules(const char *ifname,
virMacAddrFormat(macaddr, macaddr_str);
if (ebiptablesAllTeardown(ifname) < 0)
goto error;
return -1;
virFirewallStartTransaction(fw, 0);
@ -2899,7 +2899,6 @@ ebtablesApplyBasicRules(const char *ifname,
tear_down_tmpebchains:
ebtablesCleanAll(ifname);
error:
return -1;
}
@ -2937,7 +2936,7 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
virMacAddrFormat(macaddr, macaddr_str);
if (ebiptablesAllTeardown(ifname) < 0)
goto error;
return -1;
virFirewallStartTransaction(fw, 0);
@ -3016,7 +3015,6 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
tear_down_tmpebchains:
ebtablesCleanAll(ifname);
error:
return -1;
}
@ -3038,7 +3036,7 @@ ebtablesApplyDropAllRules(const char *ifname)
g_autoptr(virFirewall) fw = virFirewallNew();
if (ebiptablesAllTeardown(ifname) < 0)
goto error;
return -1;
virFirewallStartTransaction(fw, 0);
@ -3068,7 +3066,6 @@ ebtablesApplyDropAllRules(const char *ifname)
tear_down_tmpebchains:
ebtablesCleanAll(ifname);
error:
return -1;
}
@ -3084,7 +3081,6 @@ static int
ebtablesCleanAll(const char *ifname)
{
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@ -3100,8 +3096,7 @@ ebtablesCleanAll(const char *ifname)
ebtablesRemoveTmpRootChainFW(fw, true, ifname);
ebtablesRemoveTmpRootChainFW(fw, false, ifname);
ret = virFirewallApply(fw);
return ret;
return virFirewallApply(fw);
}
@ -3578,21 +3573,18 @@ static int
ebiptablesTearNewRules(const char *ifname)
{
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
ebiptablesTearNewRulesFW(fw, ifname);
ret = virFirewallApply(fw);
return ret;
return virFirewallApply(fw);
}
static int
ebiptablesTearOldRules(const char *ifname)
{
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@ -3611,8 +3603,7 @@ ebiptablesTearOldRules(const char *ifname)
ebtablesRemoveRootChainFW(fw, false, ifname);
ebtablesRenameTmpSubAndRootChainsFW(fw, ifname);
ret = virFirewallApply(fw);
return ret;
return virFirewallApply(fw);
}
@ -3629,7 +3620,6 @@ static int
ebiptablesAllTeardown(const char *ifname)
{
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@ -3651,8 +3641,7 @@ ebiptablesAllTeardown(const char *ifname)
ebtablesRemoveRootChainFW(fw, true, ifname);
ebtablesRemoveRootChainFW(fw, false, ifname);
ret = virFirewallApply(fw);
return ret;
return virFirewallApply(fw);
}
@ -3738,7 +3727,6 @@ ebiptablesDriverProbeStateMatch(void)
{
unsigned long version;
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, 0);
virFirewallAddRuleFull(fw, VIR_FIREWALL_LAYER_IPV4,
@ -3746,7 +3734,7 @@ ebiptablesDriverProbeStateMatch(void)
"--version", NULL);
if (virFirewallApply(fw) < 0)
goto cleanup;
return -1;
/*
* since version 1.4.16 '-m state --state ...' will be converted to
@ -3755,9 +3743,7 @@ ebiptablesDriverProbeStateMatch(void)
if (version >= 1 * 1000000 + 4 * 1000 + 16)
newMatchState = true;
ret = 0;
cleanup:
return ret;
return 0;
}
static int

16
src/util/virebtables.c
View File

@ -83,7 +83,6 @@ int
ebtablesAddForwardPolicyReject(ebtablesContext *ctx)
{
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET,
@ -98,12 +97,7 @@ ebtablesAddForwardPolicyReject(ebtablesContext *ctx)
"-P", ctx->chain, "DROP",
NULL);
if (virFirewallApply(fw) < 0)
goto cleanup;
ret = 0;
cleanup:
return ret;
return virFirewallApply(fw);
}
@ -117,7 +111,6 @@ ebtablesForwardAllowIn(ebtablesContext *ctx,
int action)
{
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, 0);
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET,
@ -128,12 +121,7 @@ ebtablesForwardAllowIn(ebtablesContext *ctx,
"--jump", "ACCEPT",
NULL);
if (virFirewallApply(fw) < 0)
goto cleanup;
ret = 0;
cleanup:
return ret;
return virFirewallApply(fw);
}
/**

8
src/util/viriptables.c
View File

@ -129,7 +129,6 @@ int
iptablesSetupPrivateChains(virFirewallLayer layer)
{
g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
iptablesGlobalChain filter_chains[] = {
{"INPUT", "LIBVIRT_INP"},
{"OUTPUT", "LIBVIRT_OUT"},
@ -160,12 +159,9 @@ iptablesSetupPrivateChains(virFirewallLayer layer)
"--list-rules", NULL);
if (virFirewallApply(fw) < 0)
goto cleanup;
return -1;
ret = changed ? 1 : 0;
cleanup:
return ret;
return changed ? 1 : 0;
}