From 6d1b6c378b40dfb29490d397979df329e25089a3 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 22 Feb 2011 13:09:56 +0100
Subject: src: deprecate low level API

This patch deprecates the low level API. This API is not currently
used by any known clients (at least, at a quick glance at google).

These functions are a problem if we plan to port libnetfilter_conntrack
upon libmnl since they contain specific libnfnetlink bits.

I have also added __build_query_[ct|exp] to avoid compilation warnings.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 .../libnetfilter_conntrack.h                       | 18 +++--
 src/conntrack/api.c                                | 92 ++++++++++++----------
 src/expect/api.c                                   | 70 ++++++++--------
 3 files changed, 101 insertions(+), 79 deletions(-)

diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 5fe2bc7..011e344 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -472,18 +472,21 @@ extern int nfct_filter_detach(int fd);
 
 /* low level API: netlink functions */
 
-extern int nfct_build_conntrack(struct nfnl_subsys_handle *ssh,
+extern __attribute__((deprecated)) int
+nfct_build_conntrack(struct nfnl_subsys_handle *ssh,
 				void *req,
 				size_t size,
 				u_int16_t type,
 				u_int16_t flags,
 				const struct nf_conntrack *ct);
 
-extern int nfct_parse_conntrack(enum nf_conntrack_msg_type msg,
+extern __attribute__((deprecated))
+int nfct_parse_conntrack(enum nf_conntrack_msg_type msg,
 				const struct nlmsghdr *nlh, 
 				struct nf_conntrack *ct);
 
-extern int nfct_build_query(struct nfnl_subsys_handle *ssh,
+extern __attribute__((deprecated))
+int nfct_build_query(struct nfnl_subsys_handle *ssh,
 			    const enum nf_conntrack_query query,
 			    const void *data,
 			    void *req,
@@ -596,18 +599,21 @@ extern int nfexp_snprintf(char *buf,
 extern int nfexp_catch(struct nfct_handle *h);
 
 /* low level API */
-extern int nfexp_build_expect(struct nfnl_subsys_handle *ssh,
+extern __attribute__((deprecated))
+int nfexp_build_expect(struct nfnl_subsys_handle *ssh,
 			      void *req,
 			      size_t size,
 			      u_int16_t type,
 			      u_int16_t flags,
 			      const struct nf_expect *exp);
 
-extern int nfexp_parse_expect(enum nf_conntrack_msg_type type,
+extern __attribute__((deprecated))
+int nfexp_parse_expect(enum nf_conntrack_msg_type type,
 			      const struct nlmsghdr *nlh,
 			      struct nf_expect *exp);
 
-extern int nfexp_build_query(struct nfnl_subsys_handle *ssh,
+extern __attribute__((deprecated))
+int nfexp_build_query(struct nfnl_subsys_handle *ssh,
 			     const enum nf_conntrack_query qt,
 			     const void *data,
 			     void *buffer,
diff --git a/src/conntrack/api.c b/src/conntrack/api.c
index c0d3deb..a6f1089 100644
--- a/src/conntrack/api.c
+++ b/src/conntrack/api.c
@@ -725,6 +725,53 @@ int nfct_build_conntrack(struct nfnl_subsys_handle *ssh,
 	return __build_conntrack(ssh, req, size, type, flags, ct);
 }
 
+static int
+__build_query_ct(struct nfnl_subsys_handle *ssh,
+		 const enum nf_conntrack_query qt,
+		 const void *data, void *buffer, unsigned int size)
+{
+	struct nfnlhdr *req = buffer;
+	const u_int32_t *family = data;
+
+	assert(ssh != NULL);
+	assert(data != NULL);
+	assert(req != NULL);
+
+	memset(req, 0, size);
+
+	switch(qt) {
+	case NFCT_Q_CREATE:
+		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK|NLM_F_EXCL, data);
+		break;
+	case NFCT_Q_UPDATE:
+		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_ACK, data);
+		break;
+	case NFCT_Q_DESTROY:
+		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST|NLM_F_ACK, data);
+		break;
+	case NFCT_Q_GET:
+		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_ACK, data);
+		break;
+	case NFCT_Q_FLUSH:
+		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST|NLM_F_ACK);
+		break;
+	case NFCT_Q_DUMP:
+		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_DUMP);
+		break;
+	case NFCT_Q_DUMP_RESET:
+		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_REQUEST|NLM_F_DUMP);
+		break;
+	case NFCT_Q_CREATE_UPDATE:
+		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK, data);
+		break;
+
+	default:
+		errno = ENOTSUP;
+		return -1;
+	}
+	return 1;
+}
+
 /**
  * nfct_build_query - build a query in netlink message format for ctnetlink
  * \param ssh nfnetlink subsystem handler
@@ -765,46 +812,7 @@ int nfct_build_query(struct nfnl_subsys_handle *ssh,
 		     void *buffer,
 		     unsigned int size)
 {
-	struct nfnlhdr *req = buffer;
-	const u_int32_t *family = data;
-
-	assert(ssh != NULL);
-	assert(data != NULL);
-	assert(req != NULL);
-
-	memset(req, 0, size);
-
-	switch(qt) {
-	case NFCT_Q_CREATE:
-		nfct_build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK|NLM_F_EXCL, data);
-		break;
-	case NFCT_Q_UPDATE:
-		nfct_build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_ACK, data);
-		break;
-	case NFCT_Q_DESTROY:
-		nfct_build_conntrack(ssh, req, size, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST|NLM_F_ACK, data);
-		break;
-	case NFCT_Q_GET:
-		nfct_build_conntrack(ssh, req, size, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_ACK, data);
-		break;
-	case NFCT_Q_FLUSH:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST|NLM_F_ACK);
-		break;
-	case NFCT_Q_DUMP:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_DUMP);
-		break;
-	case NFCT_Q_DUMP_RESET:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_REQUEST|NLM_F_DUMP);
-		break;
-	case NFCT_Q_CREATE_UPDATE:
-		nfct_build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK, data);
-		break;
-
-	default:
-		errno = ENOTSUP;
-		return -1;
-	}
-	return 1;
+	return __build_query_ct(ssh, qt, data, buffer, size);
 }
 
 /**
@@ -891,7 +899,7 @@ int nfct_query(struct nfct_handle *h,
 	assert(h != NULL);
 	assert(data != NULL);
 
-	if (nfct_build_query(h->nfnlssh_ct, qt, data, &u.req, size) == -1)
+	if (__build_query_ct(h->nfnlssh_ct, qt, data, &u.req, size) == -1)
 		return -1;
 
 	return nfnl_query(h->nfnlh, &u.req.nlh);
@@ -923,7 +931,7 @@ int nfct_send(struct nfct_handle *h,
 	assert(h != NULL);
 	assert(data != NULL);
 
-	if (nfct_build_query(h->nfnlssh_ct, qt, data, &u.req, size) == -1)
+	if (__build_query_ct(h->nfnlssh_ct, qt, data, &u.req, size) == -1)
 		return -1;
 
 	return nfnl_send(h->nfnlh, &u.req.nlh);
diff --git a/src/expect/api.c b/src/expect/api.c
index 35aaac9..2daa15a 100644
--- a/src/expect/api.c
+++ b/src/expect/api.c
@@ -479,6 +479,43 @@ int nfexp_build_expect(struct nfnl_subsys_handle *ssh,
 	return __build_expect(ssh, req, size, type, flags, exp);
 }
 
+static int
+__build_query_exp(struct nfnl_subsys_handle *ssh,
+		  const enum nf_conntrack_query qt,
+		  const void *data, void *buffer, unsigned int size)
+{
+	struct nfnlhdr *req = buffer;
+	const u_int8_t *family = data;
+
+	assert(ssh != NULL);
+	assert(data != NULL);
+	assert(req != NULL);
+
+	memset(req, 0, size);
+
+	switch(qt) {
+	case NFCT_Q_CREATE:
+		__build_expect(ssh, req, size, IPCTNL_MSG_EXP_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK|NLM_F_EXCL, data);
+		break;
+	case NFCT_Q_GET:
+		__build_expect(ssh, req, size, IPCTNL_MSG_EXP_GET, NLM_F_REQUEST|NLM_F_ACK, data);
+		break;
+	case NFCT_Q_DESTROY:
+		__build_expect(ssh, req, size, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK, data);
+		break;
+	case NFCT_Q_FLUSH:
+		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK);
+		break;
+	case NFCT_Q_DUMP:
+		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_EXP_GET, NLM_F_REQUEST|NLM_F_DUMP);
+		break;
+	default:
+		errno = ENOTSUP;
+		return -1;
+	}
+	return 1;
+}
+
 /**
  * nfexp_build_query - build a query in netlink message format for ctnetlink
  * \param ssh nfnetlink subsystem handler
@@ -515,36 +552,7 @@ int nfexp_build_query(struct nfnl_subsys_handle *ssh,
 		      void *buffer,
 		      unsigned int size)
 {
-	struct nfnlhdr *req = buffer;
-	const u_int8_t *family = data;
-
-	assert(ssh != NULL);
-	assert(data != NULL);
-	assert(req != NULL);
-
-	memset(req, 0, size);
-
-	switch(qt) {
-	case NFCT_Q_CREATE:
-		nfexp_build_expect(ssh, req, size, IPCTNL_MSG_EXP_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK|NLM_F_EXCL, data);
-		break;
-	case NFCT_Q_GET:
-		nfexp_build_expect(ssh, req, size, IPCTNL_MSG_EXP_GET, NLM_F_REQUEST|NLM_F_ACK, data);
-		break;
-	case NFCT_Q_DESTROY:
-		nfexp_build_expect(ssh, req, size, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK, data);
-		break;
-	case NFCT_Q_FLUSH:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK);
-		break;
-	case NFCT_Q_DUMP:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_EXP_GET, NLM_F_REQUEST|NLM_F_DUMP);
-		break;
-	default:
-		errno = ENOTSUP;
-		return -1;
-	}
-	return 1;
+	return __build_query_exp(ssh, qt, data, buffer, size);
 }
 
 /**
@@ -631,7 +639,7 @@ int nfexp_query(struct nfct_handle *h,
 	assert(h != NULL);
 	assert(data != NULL);
 
-	if (nfexp_build_query(h->nfnlssh_exp, qt, data, &u.req, size) == -1)
+	if (__build_query_exp(h->nfnlssh_exp, qt, data, &u.req, size) == -1)
 		return -1;
 
 	return nfnl_query(h->nfnlh, &u.req.nlh);
-- 
cgit v1.2.3