From 8e63e483240687ee4c4325073d84926e39416bc9 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 4 Jan 2012 17:16:39 +0100
Subject: expect: add nfexp_cmp

This patch adds nfexp_cmp that allows you to compare two expectation
objects.

This includes the extension of test_api for this new function.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack/compare.c | 10 ++++-----
 src/expect/Makefile.am  |  1 +
 src/expect/api.c        | 34 ++++++++++++++++++++++++++++
 src/expect/compare.c    | 59 +++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 99 insertions(+), 5 deletions(-)
 create mode 100644 src/expect/compare.c

(limited to 'src')

diff --git a/src/conntrack/compare.c b/src/conntrack/compare.c
index f94f1b9..830195f 100644
--- a/src/conntrack/compare.c
+++ b/src/conntrack/compare.c
@@ -144,9 +144,9 @@ cmp_orig_ipv6_dst(const struct nf_conntrack *ct1,
 		sizeof(struct in6_addr)) == 0);
 }
 
-static int cmp_orig(const struct nf_conntrack *ct1,
-		    const struct nf_conntrack *ct2,
-		    unsigned int flags)
+int __cmp_orig(const struct nf_conntrack *ct1,
+	       const struct nf_conntrack *ct2,
+	       unsigned int flags)
 {
 	if (!__cmp(ATTR_ORIG_L3PROTO, ct1, ct2, flags, cmp_orig_l3proto))
 		return 0;
@@ -399,10 +399,10 @@ int __compare(const struct nf_conntrack *ct1,
 {
 	if ((flags & ~(NFCT_CMP_MASK|NFCT_CMP_STRICT)) == NFCT_CMP_ALL)
 		return cmp_meta(ct1, ct2, flags) &&
-		       cmp_orig(ct1, ct2, flags) &&
+		       __cmp_orig(ct1, ct2, flags) &&
 		       cmp_repl(ct1, ct2, flags);
 
-	if (flags & NFCT_CMP_ORIG && !cmp_orig(ct1, ct2, flags))
+	if (flags & NFCT_CMP_ORIG && !__cmp_orig(ct1, ct2, flags))
 		return 0;
 
 	if (flags & NFCT_CMP_REPL && !cmp_repl(ct1, ct2, flags))
diff --git a/src/expect/Makefile.am b/src/expect/Makefile.am
index 8adf740..977a359 100644
--- a/src/expect/Makefile.am
+++ b/src/expect/Makefile.am
@@ -3,6 +3,7 @@ include $(top_srcdir)/Make_global.am
 noinst_LTLIBRARIES = libnfexpect.la 
 
 libnfexpect_la_SOURCES = api.c \
+			 compare.c \
 			 getter.c setter.c \
 			 parse.c build.c \
 			 snprintf.c \
diff --git a/src/expect/api.c b/src/expect/api.c
index cf45091..4da44a0 100644
--- a/src/expect/api.c
+++ b/src/expect/api.c
@@ -98,6 +98,40 @@ struct nf_expect *nfexp_clone(const struct nf_expect *exp)
 	return clone;
 }
 
+/**
+ * nfexp_cmp - compare two expectation objects
+ * \param exp1 pointer to a valid expectation object
+ * \param exp2 pointer to a valid expectation object
+ * \param flags flags
+ *
+ * This function only compare attribute set in both objects, by default
+ * the comparison is not strict, ie. if a certain attribute is not set in one
+ * of the objects, then such attribute is not used in the comparison.
+ * If you want more strict comparisons, you can use the appropriate flags
+ * to modify this behaviour (see NFCT_CMP_STRICT and NFCT_CMP_MASK).
+ *
+ * The available flags are:
+ *      - NFCT_CMP_STRICT: the compared objects must have the same attributes
+ *      and the same values, otherwise it returns that the objects are
+ *      different.
+ *      - NFCT_CMP_MASK: the first object is used as mask, this means that
+ *      if an attribute is present in exp1 but not in exp2, this function
+ *      returns that the objects are different.
+ *
+ * Other existing flags that are used by nfct_cmp() are ignored.
+ *
+ * If both conntrack object are equal, this function returns 1, otherwise
+ * 0 is returned.
+ */
+int nfexp_cmp(const struct nf_expect *exp1, const struct nf_expect *exp2,
+	      unsigned int flags)
+{
+        assert(exp1 != NULL);
+        assert(exp2 != NULL);
+
+        return __cmp_expect(exp1, exp2, flags);
+}
+
 /**
  * @}
  */
diff --git a/src/expect/compare.c b/src/expect/compare.c
new file mode 100644
index 0000000..65ec9c2
--- /dev/null
+++ b/src/expect/compare.c
@@ -0,0 +1,59 @@
+/*
+ * (C) 2005-2012 by Pablo Neira Ayuso <pablo@netfilter.org>
+ * (C) 2012 by Vyatta Inc. <http://www.vyatta.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ */
+
+#include "internal/internal.h"
+
+static int exp_cmp(int attr,
+		   const struct nf_expect *exp1,
+		   const struct nf_expect *exp2,
+		   unsigned int flags,
+		   int (*cmp)(const struct nf_expect *exp1,
+			      const struct nf_expect *exp2,
+			      unsigned int flags))
+{
+	if (test_bit(attr, exp1->set) && test_bit(attr, exp2->set)) {
+		return cmp(exp1, exp2, flags);
+	} else if (flags & NFCT_CMP_MASK &&
+		   test_bit(attr, exp1->set)) {
+		return 0;
+	} else if (flags & NFCT_CMP_STRICT) {
+		return 0;
+	}
+	return 1;
+}
+
+static int
+cmp_exp_flags(const struct nf_expect *exp1, const struct nf_expect *exp,
+	      unsigned int flags)
+{
+	return (exp->flags == exp->flags);
+}
+
+int __cmp_expect(const struct nf_expect *exp1,
+		 const struct nf_expect *exp2,
+		 unsigned int flags)
+{
+	if (!__cmp_orig((struct nf_conntrack *)&exp1->master,
+			(struct nf_conntrack *)&exp2->master, flags)) {
+		return 0;
+	}
+	if (!__cmp_orig((struct nf_conntrack *)&exp1->expected,
+			(struct nf_conntrack *)&exp2->expected, flags)) {
+		return 0;
+	}
+	if (!__cmp_orig((struct nf_conntrack *)&exp1->mask,
+			(struct nf_conntrack *)&exp2->mask, flags)) {
+		return 0;
+	}
+	if (!exp_cmp(ATTR_EXP_FLAGS, exp1, exp2, flags, cmp_exp_flags))
+		return 0;
+
+	return 1;
+}
-- 
cgit v1.2.3