External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-17 07:07:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

eliminate unnecessary labels and ret variables

Browse Source 
after making all virFirewall objects use g_autoptr().

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Laine Stump 2020-07-04 16:38:37 -04:00
parent cf1ec5daac
commit 310ce7cf7e
4 changed files with 22 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/network/bridge_driver_linux.c
View File

@ -839,7 +839,6 @@ int networkAddFirewallRules(virNetworkDefPtr def)
size_t i; size_t i;
virNetworkIPDefPtr ipdef; virNetworkIPDefPtr ipdef;
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
if (virOnce(&createdOnce, networkSetupPrivateChains) < 0) if (virOnce(&createdOnce, networkSetupPrivateChains) < 0)
return -1; return -1;
@ -869,11 +868,11 @@ int networkAddFirewallRules(virNetworkDefPtr def)
_("zone %s requested for network %s " _("zone %s requested for network %s "
"but firewalld is not active"), "but firewalld is not active"),
def->bridgeZone, def->name); def->bridgeZone, def->name);
goto cleanup; return -1;
} }
if (virFirewallDInterfaceSetZone(def->bridge, def->bridgeZone) < 0) if (virFirewallDInterfaceSetZone(def->bridge, def->bridgeZone) < 0)
goto cleanup; return -1;
} else { } else {
@ -893,13 +892,13 @@ int networkAddFirewallRules(virNetworkDefPtr def)
*/ */
if (virFirewallDZoneExists("libvirt")) { if (virFirewallDZoneExists("libvirt")) {
if (virFirewallDInterfaceSetZone(def->bridge, "libvirt") < 0) if (virFirewallDInterfaceSetZone(def->bridge, "libvirt") < 0)
goto cleanup; return -1;
} else { } else {
unsigned long version; unsigned long version;
int vresult = virFirewallDGetVersion(&version); int vresult = virFirewallDGetVersion(&version);
if (vresult < 0) if (vresult < 0)
goto cleanup; return -1;
/* Support for nftables backend was added in firewalld /* Support for nftables backend was added in firewalld
* 0.6.0. Support for rule priorities (required by the * 0.6.0. Support for rule priorities (required by the
@ -919,7 +918,7 @@ int networkAddFirewallRules(virNetworkDefPtr def)
"version supporting rule priorities " "version supporting rule priorities "
"(0.7.0+) and/or rebuilding " "(0.7.0+) and/or rebuilding "
"libvirt with --with-firewalld-zone")); "libvirt with --with-firewalld-zone"));
goto cleanup; return -1;
} }
} }
} }
@ -933,7 +932,7 @@ int networkAddFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i)); (ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) { i++) {
if (networkAddIPSpecificFirewallRules(fw, def, ipdef) < 0) if (networkAddIPSpecificFirewallRules(fw, def, ipdef) < 0)
goto cleanup; return -1;
} }
virFirewallStartRollback(fw, 0); virFirewallStartRollback(fw, 0);
@ -942,19 +941,14 @@ int networkAddFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i)); (ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) { i++) {
if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0) if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0)
goto cleanup; return -1;
} }
networkRemoveGeneralFirewallRules(fw, def); networkRemoveGeneralFirewallRules(fw, def);
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
networkAddChecksumFirewallRules(fw, def); networkAddChecksumFirewallRules(fw, def);
if (virFirewallApply(fw) < 0) return virFirewallApply(fw);
goto cleanup;
ret = 0;
cleanup:
return ret;
} }
/* Remove all rules for all ip addresses (and general rules) on a network */ /* Remove all rules for all ip addresses (and general rules) on a network */
@ -973,12 +967,9 @@ void networkRemoveFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i)); (ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) { i++) {
if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0) if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0)
goto cleanup; return;
} }
networkRemoveGeneralFirewallRules(fw, def); networkRemoveGeneralFirewallRules(fw, def);
virFirewallApply(fw); virFirewallApply(fw);
cleanup:
return;
} }

32
src/nwfilter/nwfilter_ebiptables_driver.c
View File

@ -2866,7 +2866,7 @@ ebtablesApplyBasicRules(const char *ifname,
virMacAddrFormat(macaddr, macaddr_str); virMacAddrFormat(macaddr, macaddr_str);
if (ebiptablesAllTeardown(ifname) < 0) if (ebiptablesAllTeardown(ifname) < 0)
goto error; return -1;
virFirewallStartTransaction(fw, 0); virFirewallStartTransaction(fw, 0);
@ -2899,7 +2899,6 @@ ebtablesApplyBasicRules(const char *ifname,
tear_down_tmpebchains: tear_down_tmpebchains:
ebtablesCleanAll(ifname); ebtablesCleanAll(ifname);
error:
return -1; return -1;
} }
@ -2937,7 +2936,7 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
virMacAddrFormat(macaddr, macaddr_str); virMacAddrFormat(macaddr, macaddr_str);
if (ebiptablesAllTeardown(ifname) < 0) if (ebiptablesAllTeardown(ifname) < 0)
goto error; return -1;
virFirewallStartTransaction(fw, 0); virFirewallStartTransaction(fw, 0);
@ -3016,7 +3015,6 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
tear_down_tmpebchains: tear_down_tmpebchains:
ebtablesCleanAll(ifname); ebtablesCleanAll(ifname);
error:
return -1; return -1;
} }
@ -3038,7 +3036,7 @@ ebtablesApplyDropAllRules(const char *ifname)
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
if (ebiptablesAllTeardown(ifname) < 0) if (ebiptablesAllTeardown(ifname) < 0)
goto error; return -1;
virFirewallStartTransaction(fw, 0); virFirewallStartTransaction(fw, 0);
@ -3068,7 +3066,6 @@ ebtablesApplyDropAllRules(const char *ifname)
tear_down_tmpebchains: tear_down_tmpebchains:
ebtablesCleanAll(ifname); ebtablesCleanAll(ifname);
error:
return -1; return -1;
} }
@ -3084,7 +3081,6 @@ static int
ebtablesCleanAll(const char *ifname) ebtablesCleanAll(const char *ifname)
{ {
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@ -3100,8 +3096,7 @@ ebtablesCleanAll(const char *ifname)
ebtablesRemoveTmpRootChainFW(fw, true, ifname); ebtablesRemoveTmpRootChainFW(fw, true, ifname);
ebtablesRemoveTmpRootChainFW(fw, false, ifname); ebtablesRemoveTmpRootChainFW(fw, false, ifname);
ret = virFirewallApply(fw); return virFirewallApply(fw);
return ret;
} }
@ -3578,21 +3573,18 @@ static int
ebiptablesTearNewRules(const char *ifname) ebiptablesTearNewRules(const char *ifname)
{ {
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
ebiptablesTearNewRulesFW(fw, ifname); ebiptablesTearNewRulesFW(fw, ifname);
ret = virFirewallApply(fw); return virFirewallApply(fw);
return ret;
} }
static int static int
ebiptablesTearOldRules(const char *ifname) ebiptablesTearOldRules(const char *ifname)
{ {
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@ -3611,8 +3603,7 @@ ebiptablesTearOldRules(const char *ifname)
ebtablesRemoveRootChainFW(fw, false, ifname); ebtablesRemoveRootChainFW(fw, false, ifname);
ebtablesRenameTmpSubAndRootChainsFW(fw, ifname); ebtablesRenameTmpSubAndRootChainsFW(fw, ifname);
ret = virFirewallApply(fw); return virFirewallApply(fw);
return ret;
} }
@ -3629,7 +3620,6 @@ static int
ebiptablesAllTeardown(const char *ifname) ebiptablesAllTeardown(const char *ifname)
{ {
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@ -3651,8 +3641,7 @@ ebiptablesAllTeardown(const char *ifname)
ebtablesRemoveRootChainFW(fw, true, ifname); ebtablesRemoveRootChainFW(fw, true, ifname);
ebtablesRemoveRootChainFW(fw, false, ifname); ebtablesRemoveRootChainFW(fw, false, ifname);
ret = virFirewallApply(fw); return virFirewallApply(fw);
return ret;
} }
@ -3738,7 +3727,6 @@ ebiptablesDriverProbeStateMatch(void)
{ {
unsigned long version; unsigned long version;
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, 0); virFirewallStartTransaction(fw, 0);
virFirewallAddRuleFull(fw, VIR_FIREWALL_LAYER_IPV4, virFirewallAddRuleFull(fw, VIR_FIREWALL_LAYER_IPV4,
@ -3746,7 +3734,7 @@ ebiptablesDriverProbeStateMatch(void)
"--version", NULL); "--version", NULL);
if (virFirewallApply(fw) < 0) if (virFirewallApply(fw) < 0)
goto cleanup; return -1;
/* /*
* since version 1.4.16 '-m state --state ...' will be converted to * since version 1.4.16 '-m state --state ...' will be converted to
@ -3755,9 +3743,7 @@ ebiptablesDriverProbeStateMatch(void)
if (version >= 1 * 1000000 + 4 * 1000 + 16) if (version >= 1 * 1000000 + 4 * 1000 + 16)
newMatchState = true; newMatchState = true;
ret = 0; return 0;
cleanup:
return ret;
} }
static int static int

16
src/util/virebtables.c
View File

@ -83,7 +83,6 @@ int
ebtablesAddForwardPolicyReject(ebtablesContext *ctx) ebtablesAddForwardPolicyReject(ebtablesContext *ctx)
{ {
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET, virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET,
@ -98,12 +97,7 @@ ebtablesAddForwardPolicyReject(ebtablesContext *ctx)
"-P", ctx->chain, "DROP", "-P", ctx->chain, "DROP",
NULL); NULL);
if (virFirewallApply(fw) < 0) return virFirewallApply(fw);
goto cleanup;
ret = 0;
cleanup:
return ret;
} }
@ -117,7 +111,6 @@ ebtablesForwardAllowIn(ebtablesContext *ctx,
int action) int action)
{ {
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
virFirewallStartTransaction(fw, 0); virFirewallStartTransaction(fw, 0);
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET, virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET,
@ -128,12 +121,7 @@ ebtablesForwardAllowIn(ebtablesContext *ctx,
"--jump", "ACCEPT", "--jump", "ACCEPT",
NULL); NULL);
if (virFirewallApply(fw) < 0) return virFirewallApply(fw);
goto cleanup;
ret = 0;
cleanup:
return ret;
} }
/** /**

8
src/util/viriptables.c
View File

@ -129,7 +129,6 @@ int
iptablesSetupPrivateChains(virFirewallLayer layer) iptablesSetupPrivateChains(virFirewallLayer layer)
{ {
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
int ret = -1;
iptablesGlobalChain filter_chains[] = { iptablesGlobalChain filter_chains[] = {
{"INPUT", "LIBVIRT_INP"}, {"INPUT", "LIBVIRT_INP"},
{"OUTPUT", "LIBVIRT_OUT"}, {"OUTPUT", "LIBVIRT_OUT"},
@ -160,12 +159,9 @@ iptablesSetupPrivateChains(virFirewallLayer layer)
"--list-rules", NULL); "--list-rules", NULL);
if (virFirewallApply(fw) < 0) if (virFirewallApply(fw) < 0)
goto cleanup; return -1;
ret = changed ? 1 : 0; return changed ? 1 : 0;
cleanup:
return ret;
} }