summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorArturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>2013-09-13 14:05:51 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2013-09-16 12:47:41 +0200
commitf4befc129827632209779c71d804f6139ac03541 (patch)
treea6eee54267a676aed33de92089102cba694d2415 /src
parent8281648cab5a9189fdb0806c0f3801d6ffebef9a (diff)
src: xml: add parsing optional/mandatory flag
Add an optional/mandatory flag to XML parsing. In some elements (ie regs), no flag is used because is always mandatory. DATA_NONE is created to indicate a non-parsed data_reg. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/chain.c28
-rw-r--r--src/expr/bitwise.c10
-rw-r--r--src/expr/byteorder.c8
-rw-r--r--src/expr/cmp.c6
-rw-r--r--src/expr/counter.c4
-rw-r--r--src/expr/ct.c7
-rw-r--r--src/expr/data_reg.c11
-rw-r--r--src/expr/data_reg.h1
-rw-r--r--src/expr/exthdr.c7
-rw-r--r--src/expr/immediate.c5
-rw-r--r--src/expr/limit.c4
-rw-r--r--src/expr/log.c10
-rw-r--r--src/expr/lookup.c3
-rw-r--r--src/expr/match.c3
-rw-r--r--src/expr/meta.c3
-rw-r--r--src/expr/nat.c6
-rw-r--r--src/expr/payload.c8
-rw-r--r--src/expr/target.c3
-rw-r--r--src/internal.h10
-rw-r--r--src/mxml.c38
-rw-r--r--src/rule.c51
-rw-r--r--src/set.c29
-rw-r--r--src/set_elem.c37
-rw-r--r--src/table.c9
24 files changed, 171 insertions, 130 deletions
diff --git a/src/chain.c b/src/chain.c
index 94e0c69..09ab5e3 100644
--- a/src/chain.c
+++ b/src/chain.c
@@ -626,7 +626,8 @@ static int nft_chain_xml_parse(struct nft_chain *c, const char *xml)
if (strcmp(tree->value.opaque, "chain") != 0)
goto err;
- name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST);
+ name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (name == NULL)
goto err;
@@ -634,24 +635,25 @@ static int nft_chain_xml_parse(struct nft_chain *c, const char *xml)
c->flags |= (1 << NFT_CHAIN_ATTR_NAME);
if (nft_mxml_num_parse(tree, "handle", MXML_DESCEND_FIRST, BASE_DEC,
- &c->handle, NFT_TYPE_U64) != 0)
+ &c->handle, NFT_TYPE_U64, NFT_XML_MAND) != 0)
goto err;
c->flags |= (1 << NFT_CHAIN_ATTR_HANDLE);
if (nft_mxml_num_parse(tree, "bytes", MXML_DESCEND_FIRST, BASE_DEC,
- &c->bytes, NFT_TYPE_U64) != 0)
+ &c->bytes, NFT_TYPE_U64, NFT_XML_MAND) != 0)
goto err;
c->flags |= (1 << NFT_CHAIN_ATTR_BYTES);
if (nft_mxml_num_parse(tree, "packets", MXML_DESCEND_FIRST, BASE_DEC,
- &c->packets, NFT_TYPE_U64) != 0)
+ &c->packets, NFT_TYPE_U64, NFT_XML_MAND) != 0)
goto err;
c->flags |= (1 << NFT_CHAIN_ATTR_PACKETS);
- table = nft_mxml_str_parse(tree, "table", MXML_DESCEND_FIRST);
+ table = nft_mxml_str_parse(tree, "table", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (table == NULL)
goto err;
@@ -661,14 +663,16 @@ static int nft_chain_xml_parse(struct nft_chain *c, const char *xml)
c->table = strdup(table);
c->flags |= (1 << NFT_CHAIN_ATTR_TABLE);
- family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (family < 0)
goto err;
c->family = family;
c->flags |= (1 << NFT_CHAIN_ATTR_FAMILY);
- hooknum_str = nft_mxml_str_parse(tree, "hooknum", MXML_DESCEND_FIRST);
+ hooknum_str = nft_mxml_str_parse(tree, "hooknum", MXML_DESCEND_FIRST,
+ NFT_XML_OPT);
if (hooknum_str != NULL) {
hooknum = nft_str2hooknum(c->family, hooknum_str);
if (hooknum < 0)
@@ -677,7 +681,8 @@ static int nft_chain_xml_parse(struct nft_chain *c, const char *xml)
c->hooknum = hooknum;
c->flags |= (1 << NFT_CHAIN_ATTR_HOOKNUM);
- type = nft_mxml_str_parse(tree, "type", MXML_DESCEND_FIRST);
+ type = nft_mxml_str_parse(tree, "type", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (type == NULL)
goto err;
@@ -689,12 +694,15 @@ static int nft_chain_xml_parse(struct nft_chain *c, const char *xml)
if (nft_mxml_num_parse(tree, "prio", MXML_DESCEND, BASE_DEC,
- &c->prio, NFT_TYPE_S32) != 0)
+ &c->prio, NFT_TYPE_S32,
+ NFT_XML_MAND) != 0)
goto err;
c->flags |= (1 << NFT_CHAIN_ATTR_PRIO);
- policy_str = nft_mxml_str_parse(tree, "policy", MXML_DESCEND);
+ policy_str = nft_mxml_str_parse(tree, "policy",
+ MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (policy_str == NULL)
goto err;
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index 11738a7..9d521b1 100644
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -246,18 +246,20 @@ nft_rule_expr_bitwise_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
e->flags |= (1 << NFT_EXPR_BITWISE_DREG);
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST,
- BASE_DEC, &bitwise->len, NFT_TYPE_U8) != 0)
+ BASE_DEC, &bitwise->len, NFT_TYPE_U8,
+ NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_BITWISE_LEN);
- if (nft_mxml_data_reg_parse(tree, "mask",
- &bitwise->mask) != DATA_VALUE)
+ if (nft_mxml_data_reg_parse(tree, "mask", &bitwise->mask,
+ NFT_XML_MAND) != DATA_VALUE)
return -1;
e->flags |= (1 << NFT_EXPR_BITWISE_MASK);
- if (nft_mxml_data_reg_parse(tree, "xor", &bitwise->xor) != DATA_VALUE)
+ if (nft_mxml_data_reg_parse(tree, "xor", &bitwise->xor,
+ NFT_XML_MAND) != DATA_VALUE)
return -1;
e->flags |= (1 << NFT_EXPR_BITWISE_XOR);
diff --git a/src/expr/byteorder.c b/src/expr/byteorder.c
index 0277812..1034a31 100644
--- a/src/expr/byteorder.c
+++ b/src/expr/byteorder.c
@@ -260,7 +260,7 @@ nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
byteorder->dreg = reg;
e->flags |= (1 << NFT_EXPR_BYTEORDER_DREG);
- op = nft_mxml_str_parse(tree, "op", MXML_DESCEND_FIRST);
+ op = nft_mxml_str_parse(tree, "op", MXML_DESCEND_FIRST, NFT_XML_MAND);
if (op == NULL)
return -1;
@@ -272,13 +272,15 @@ nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
e->flags |= (1 << NFT_EXPR_BYTEORDER_OP);
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
- &byteorder->len, NFT_TYPE_U8) != 0)
+ &byteorder->len, NFT_TYPE_U8,
+ NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_BYTEORDER_LEN);
if (nft_mxml_num_parse(tree, "size", MXML_DESCEND_FIRST, BASE_DEC,
- &byteorder->size, NFT_TYPE_U8) != 0)
+ &byteorder->size, NFT_TYPE_U8,
+ NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_BYTEORDER_SIZE);
diff --git a/src/expr/cmp.c b/src/expr/cmp.c
index 543f774..b9f0f6a 100644
--- a/src/expr/cmp.c
+++ b/src/expr/cmp.c
@@ -224,7 +224,7 @@ static int nft_rule_expr_cmp_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
cmp->sreg = reg;
e->flags |= (1 << NFT_EXPR_CMP_SREG);
- op = nft_mxml_str_parse(tree, "op", MXML_DESCEND_FIRST);
+ op = nft_mxml_str_parse(tree, "op", MXML_DESCEND_FIRST, NFT_XML_MAND);
if (op == NULL)
return -1;
@@ -236,9 +236,9 @@ static int nft_rule_expr_cmp_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
e->flags |= (1 << NFT_EXPR_CMP_OP);
if (nft_mxml_data_reg_parse(tree, "cmpdata",
- &cmp->data) != DATA_VALUE) {
+ &cmp->data, NFT_XML_MAND) != DATA_VALUE)
return -1;
- }
+
e->flags |= (1 << NFT_EXPR_CMP_DATA);
return 0;
diff --git a/src/expr/counter.c b/src/expr/counter.c
index 53dc526..971b5b1 100644
--- a/src/expr/counter.c
+++ b/src/expr/counter.c
@@ -148,13 +148,13 @@ nft_rule_expr_counter_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
struct nft_expr_counter *ctr = nft_expr_data(e);
if (nft_mxml_num_parse(tree, "pkts", MXML_DESCEND_FIRST, BASE_DEC,
- &ctr->pkts, NFT_TYPE_U64) != 0)
+ &ctr->pkts, NFT_TYPE_U64, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_CTR_PACKETS);
if (nft_mxml_num_parse(tree, "bytes", MXML_DESCEND_FIRST, BASE_DEC,
- &ctr->bytes, NFT_TYPE_U64) != 0)
+ &ctr->bytes, NFT_TYPE_U64, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_CTR_BYTES);
diff --git a/src/expr/ct.c b/src/expr/ct.c
index 4655a96..2fc6629 100644
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -241,7 +241,8 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree
ct->dreg = reg;
e->flags |= (1 << NFT_EXPR_CT_DREG);
- key_str = nft_mxml_str_parse(tree, "key", MXML_DESCEND_FIRST);
+ key_str = nft_mxml_str_parse(tree, "key", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (key_str == NULL)
return -1;
@@ -252,8 +253,8 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree
ct->key = key;
e->flags |= (1 << NFT_EXPR_CT_KEY);
- if (nft_mxml_num_parse(tree, "dir", MXML_DESCEND_FIRST, BASE_DEC, &dir,
- NFT_TYPE_U8) != 0)
+ if (nft_mxml_num_parse(tree, "dir", MXML_DESCEND_FIRST, BASE_DEC,
+ &dir, NFT_TYPE_U8, NFT_XML_MAND) != 0)
return -1;
if (dir != IP_CT_DIR_ORIGINAL && dir != IP_CT_DIR_REPLY)
diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c
index 34537a7..fd1dd2e 100644
--- a/src/expr/data_reg.c
+++ b/src/expr/data_reg.c
@@ -133,7 +133,8 @@ static int nft_data_reg_verdict_xml_parse(union nft_data_reg *reg, char *xml)
}
/* Get and set <verdict> */
- verdict_str = nft_mxml_str_parse(tree, "verdict", MXML_DESCEND);
+ verdict_str = nft_mxml_str_parse(tree, "verdict", MXML_DESCEND,
+ NFT_XML_MAND);
if (verdict_str == NULL) {
mxmlDelete(tree);
return -1;
@@ -183,7 +184,8 @@ static int nft_data_reg_chain_xml_parse(union nft_data_reg *reg, char *xml)
if (reg->chain)
xfree(reg->chain);
- reg->chain = nft_mxml_str_parse(tree, "chain", MXML_DESCEND);
+ reg->chain = nft_mxml_str_parse(tree, "chain", MXML_DESCEND,
+ NFT_XML_MAND);
if (reg->chain == NULL) {
mxmlDelete(tree);
return -1;
@@ -234,7 +236,7 @@ static int nft_data_reg_value_xml_parse(union nft_data_reg *reg, char *xml)
}
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND, BASE_DEC, &reg->len,
- NFT_TYPE_U8) != 0) {
+ NFT_TYPE_U8, NFT_XML_MAND) != 0) {
mxmlDelete(tree);
return -1;
}
@@ -244,7 +246,8 @@ static int nft_data_reg_value_xml_parse(union nft_data_reg *reg, char *xml)
sprintf(node_name, "data%d", i);
if (nft_mxml_num_parse(tree, node_name, MXML_DESCEND, BASE_HEX,
- &reg->val[i], NFT_TYPE_U32) != 0) {
+ &reg->val[i], NFT_TYPE_U32,
+ NFT_XML_MAND) != 0) {
mxmlDelete(tree);
return -1;
}
diff --git a/src/expr/data_reg.h b/src/expr/data_reg.h
index 7819919..3e0217d 100644
--- a/src/expr/data_reg.h
+++ b/src/expr/data_reg.h
@@ -2,6 +2,7 @@
#define _DATA_H_
enum {
+ DATA_NONE,
DATA_VALUE,
DATA_VERDICT,
DATA_CHAIN,
diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c
index af9d6bf..9ca66e5 100644
--- a/src/expr/exthdr.c
+++ b/src/expr/exthdr.c
@@ -249,7 +249,7 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
e->flags |= (1 << NFT_EXPR_EXTHDR_DREG);
exthdr_type = nft_mxml_str_parse(tree, "exthdr_type",
- MXML_DESCEND_FIRST);
+ MXML_DESCEND_FIRST, NFT_XML_MAND);
if (exthdr_type == NULL)
return -1;
@@ -262,14 +262,15 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
/* Get and set <offset> */
if (nft_mxml_num_parse(tree, "offset", MXML_DESCEND_FIRST, BASE_DEC,
- &exthdr->offset, NFT_TYPE_U32) != 0)
+ &exthdr->offset, NFT_TYPE_U32,
+ NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_EXTHDR_OFFSET);
/* Get and set <len> */
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
- &exthdr->len, NFT_TYPE_U32) != 0)
+ &exthdr->len, NFT_TYPE_U32, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_EXTHDR_LEN);
diff --git a/src/expr/immediate.c b/src/expr/immediate.c
index 0556999..facb8f5 100644
--- a/src/expr/immediate.c
+++ b/src/expr/immediate.c
@@ -232,10 +232,7 @@ nft_rule_expr_immediate_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
e->flags |= (1 << NFT_EXPR_IMM_DREG);
datareg_type = nft_mxml_data_reg_parse(tree, "immediatedata",
- &imm->data);
- if (datareg_type < 0)
- return -1;
-
+ &imm->data, NFT_XML_MAND);
switch (datareg_type) {
case DATA_VALUE:
e->flags |= (1 << NFT_EXPR_IMM_DATA);
diff --git a/src/expr/limit.c b/src/expr/limit.c
index bd92cd1..6c06ce5 100644
--- a/src/expr/limit.c
+++ b/src/expr/limit.c
@@ -146,13 +146,13 @@ static int nft_rule_expr_limit_xml_parse(struct nft_rule_expr *e, mxml_node_t *t
struct nft_expr_limit *limit = nft_expr_data(e);
if (nft_mxml_num_parse(tree, "rate", MXML_DESCEND_FIRST, BASE_DEC,
- &limit->rate, NFT_TYPE_U64) != 0)
+ &limit->rate, NFT_TYPE_U64, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_LIMIT_RATE);
if (nft_mxml_num_parse(tree, "depth", MXML_DESCEND_FIRST, BASE_DEC,
- &limit->depth, NFT_TYPE_U64) != 0)
+ &limit->depth, NFT_TYPE_U64, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_LIMIT_DEPTH);
diff --git a/src/expr/log.c b/src/expr/log.c
index 90fb32e..feb4184 100644
--- a/src/expr/log.c
+++ b/src/expr/log.c
@@ -202,7 +202,8 @@ static int nft_rule_expr_log_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
struct nft_expr_log *log = nft_expr_data(e);
const char *prefix;
- prefix = nft_mxml_str_parse(tree, "prefix", MXML_DESCEND_FIRST);
+ prefix = nft_mxml_str_parse(tree, "prefix", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (prefix == NULL)
return -1;
@@ -210,19 +211,20 @@ static int nft_rule_expr_log_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
e->flags |= (1 << NFT_EXPR_LOG_PREFIX);
if (nft_mxml_num_parse(tree, "group", MXML_DESCEND_FIRST, BASE_DEC,
- &log->group, NFT_TYPE_U16) != 0)
+ &log->group, NFT_TYPE_U16, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_LOG_GROUP);
if (nft_mxml_num_parse(tree, "snaplen", MXML_DESCEND_FIRST, BASE_DEC,
- &log->snaplen, NFT_TYPE_U32) != 0)
+ &log->snaplen, NFT_TYPE_U32, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_LOG_SNAPLEN);
if (nft_mxml_num_parse(tree, "qthreshold", MXML_DESCEND_FIRST,
- BASE_DEC, &log->qthreshold, NFT_TYPE_U16) != 0)
+ BASE_DEC, &log->qthreshold,
+ NFT_TYPE_U16, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_LOG_QTHRESHOLD);
diff --git a/src/expr/lookup.c b/src/expr/lookup.c
index 56ab253..b9b0229 100644
--- a/src/expr/lookup.c
+++ b/src/expr/lookup.c
@@ -180,7 +180,8 @@ nft_rule_expr_lookup_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
const char *set_name;
int32_t reg;
- set_name = nft_mxml_str_parse(tree, "set", MXML_DESCEND_FIRST);
+ set_name = nft_mxml_str_parse(tree, "set", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (set_name == NULL)
return -1;
diff --git a/src/expr/match.c b/src/expr/match.c
index b18d594..9f98462 100644
--- a/src/expr/match.c
+++ b/src/expr/match.c
@@ -195,7 +195,8 @@ static int nft_rule_expr_match_xml_parse(struct nft_rule_expr *e, mxml_node_t *t
struct nft_expr_match *mt = nft_expr_data(e);
const char *name;
- name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST);
+ name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (name == NULL)
return -1;
diff --git a/src/expr/meta.c b/src/expr/meta.c
index d914569..91a689e 100644
--- a/src/expr/meta.c
+++ b/src/expr/meta.c
@@ -205,7 +205,8 @@ static int nft_rule_expr_meta_xml_parse(struct nft_rule_expr *e, mxml_node_t *tr
meta->dreg = reg;
e->flags |= (1 << NFT_EXPR_META_DREG);
- key_str = nft_mxml_str_parse(tree, "key", MXML_DESCEND_FIRST);
+ key_str = nft_mxml_str_parse(tree, "key", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (key_str == NULL)
return -1;
diff --git a/src/expr/nat.c b/src/expr/nat.c
index 1ebecda..da28ede 100644
--- a/src/expr/nat.c
+++ b/src/expr/nat.c
@@ -262,7 +262,8 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
int32_t reg;
int family, nat_type_value;
- nat_type = nft_mxml_str_parse(tree, "type", MXML_DESCEND_FIRST);
+ nat_type = nft_mxml_str_parse(tree, "type", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (nat_type == NULL)
return -1;
@@ -273,7 +274,8 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
nat->type = nat_type_value;
e->flags |= (1 << NFT_EXPR_NAT_TYPE);
- family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (family < 0) {
mxmlDelete(tree);
return -1;
diff --git a/src/expr/payload.c b/src/expr/payload.c
index 38362c4..2b9f5e0 100644
--- a/src/expr/payload.c
+++ b/src/expr/payload.c
@@ -248,7 +248,8 @@ nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
payload->dreg = reg;
e->flags |= (1 << NFT_EXPR_PAYLOAD_DREG);
- base_str = nft_mxml_str_parse(tree, "base", MXML_DESCEND_FIRST);
+ base_str = nft_mxml_str_parse(tree, "base", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (base_str == NULL)
return -1;
@@ -260,13 +261,14 @@ nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
e->flags |= (1 << NFT_EXPR_PAYLOAD_BASE);
if (nft_mxml_num_parse(tree, "offset", MXML_DESCEND_FIRST, BASE_DEC,
- &payload->offset, NFT_TYPE_U8) != 0)
+ &payload->offset, NFT_TYPE_U8,
+ NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_PAYLOAD_OFFSET);
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
- &payload->len, NFT_TYPE_U8) != 0)
+ &payload->len, NFT_TYPE_U8, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_EXPR_PAYLOAD_LEN);
diff --git a/src/expr/target.c b/src/expr/target.c
index a6645ff..8dc752a 100644
--- a/src/expr/target.c
+++ b/src/expr/target.c
@@ -196,7 +196,8 @@ nft_rule_expr_target_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
struct nft_expr_target *tg = nft_expr_data(e);
const char *name;
- name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST);
+ name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (name == NULL)
return -1;
diff --git a/src/internal.h b/src/internal.h
index f93cbc5..3d749b3 100644
--- a/src/internal.h
+++ b/src/internal.h
@@ -30,13 +30,15 @@ enum nft_type {
#ifdef XML_PARSING
#include <mxml.h>
+#define NFT_XML_MAND 0
+#define NFT_XML_OPT (1 << 0)
struct nft_rule_expr *nft_mxml_expr_parse(mxml_node_t *node);
int nft_mxml_reg_parse(mxml_node_t *tree, const char *reg_name, uint32_t flags);
union nft_data_reg;
-int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name, union nft_data_reg *data_reg);
-int nft_mxml_num_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags, int base, void *number, enum nft_type type);
-const char *nft_mxml_str_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags);
-int nft_mxml_family_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags);
+int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name, union nft_data_reg *data_reg, uint16_t flags);
+int nft_mxml_num_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags, int base, void *number, enum nft_type type, uint16_t flags);
+const char *nft_mxml_str_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags, uint16_t flags);
+int nft_mxml_family_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags, uint16_t flags);
struct nft_set_elem;
int nft_mxml_set_elem_parse(mxml_node_t *node, struct nft_set_elem *e);
diff --git a/src/mxml.c b/src/mxml.c
index b77936a..94d26e4 100644
--- a/src/mxml.c
+++ b/src/mxml.c
@@ -83,7 +83,7 @@ err:
}
int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name,
- union nft_data_reg *data_reg)
+ union nft_data_reg *data_reg, uint16_t flags)
{
mxml_node_t *node;
const char *type;
@@ -93,6 +93,9 @@ int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name,
node = mxmlFindElement(tree, tree, node_name, NULL, NULL,
MXML_DESCEND_FIRST);
if (node == NULL || node->child == NULL) {
+ if (flags & NFT_XML_OPT)
+ return 0;
+
errno = EINVAL;
goto err;
}
@@ -107,6 +110,9 @@ int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name,
xfree(tmpstr);
if (ret < 0) {
+ if (flags & NFT_XML_OPT)
+ return 0;
+
errno = EINVAL;
goto err;
}
@@ -114,12 +120,18 @@ int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name,
node = mxmlFindElement(node, node, "data_reg", NULL, NULL,
MXML_DESCEND);
if (node == NULL || node->child == NULL) {
+ if (flags & NFT_XML_OPT)
+ return 0;
+
errno = EINVAL;
goto err;
}
type = mxmlElementGetAttr(node, "type");
if (type == NULL) {
+ if (flags & NFT_XML_OPT)
+ return DATA_NONE;
+
errno = EINVAL;
goto err;
}
@@ -130,8 +142,10 @@ int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name,
return DATA_VERDICT;
else if (strcmp(type, "chain") == 0)
return DATA_CHAIN;
- else
- errno = EINVAL;
+ else if (flags & NFT_XML_OPT)
+ return DATA_NONE;
+
+ errno = EINVAL;
err:
return -1;
}
@@ -139,27 +153,30 @@ err:
int
nft_mxml_num_parse(mxml_node_t *tree, const char *node_name,
uint32_t mxml_flags, int base, void *number,
- enum nft_type type)
+ enum nft_type type, uint16_t flags)
{
mxml_node_t *node = NULL;
node = mxmlFindElement(tree, tree, node_name, NULL, NULL, mxml_flags);
if (node == NULL || node->child == NULL) {
- errno = EINVAL;
+ if (!(flags & NFT_XML_OPT))
+ errno = EINVAL;
+
return -1;
}
-
return nft_strtoi(node->child->value.opaque, base, number, type);
}
const char *nft_mxml_str_parse(mxml_node_t *tree, const char *node_name,
- uint32_t mxml_flags)
+ uint32_t mxml_flags, uint16_t flags)
{
mxml_node_t *node;
node = mxmlFindElement(tree, tree, node_name, NULL, NULL, mxml_flags);
if (node == NULL || node->child == NULL) {
- errno = EINVAL;
+ if (!(flags & NFT_XML_OPT))
+ errno = EINVAL;
+
return NULL;
}
@@ -167,12 +184,13 @@ const char *nft_mxml_str_parse(mxml_node_t *tree, const char *node_name,
}
int nft_mxml_family_parse(mxml_node_t *tree, const char *node_name,
- uint32_t mxml_flags)
+ uint32_t mxml_flags, uint16_t flags)
{
const char *family_str;
int family;
- family_str = nft_mxml_str_parse(tree, node_name, mxml_flags);
+ family_str = nft_mxml_str_parse(tree, node_name, mxml_flags,
+ flags);
if (family_str == NULL)
return -1;
diff --git a/src/rule.c b/src/rule.c
index 2f92e7d..a381469 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -592,14 +592,16 @@ static int nft_rule_xml_parse(struct nft_rule *r, const char *xml)
if (strcmp(tree->value.opaque, "rule") != 0)
goto err;
- family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (family < 0)
goto err;
r->family = family;
r->flags |= (1 << NFT_RULE_ATTR_FAMILY);
- table = nft_mxml_str_parse(tree, "table", MXML_DESCEND_FIRST);
+ table = nft_mxml_str_parse(tree, "table", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (table == NULL)
goto err;
@@ -609,7 +611,8 @@ static int nft_rule_xml_parse(struct nft_rule *r, const char *xml)
r->table = strdup(table);
r->flags |= (1 << NFT_RULE_ATTR_TABLE);
- chain = nft_mxml_str_parse(tree, "chain", MXML_DESCEND_FIRST);
+ chain = nft_mxml_str_parse(tree, "chain", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (chain == NULL)
goto err;
@@ -620,46 +623,38 @@ static int nft_rule_xml_parse(struct nft_rule *r, const char *xml)
r->flags |= (1 << NFT_RULE_ATTR_CHAIN);
if (nft_mxml_num_parse(tree, "handle", MXML_DESCEND_FIRST, BASE_DEC,
- &r->handle, NFT_TYPE_U64) != 0)
+ &r->handle, NFT_TYPE_U64, NFT_XML_MAND) != 0)
goto err;
r->flags |= (1 << NFT_RULE_ATTR_HANDLE);
if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST,
- BASE_DEC, &r->rule_flags, NFT_TYPE_U32) != 0)
+ BASE_DEC, &r->rule_flags, NFT_TYPE_U32,
+ NFT_XML_MAND) != 0)
goto err;
r->flags |= (1 << NFT_RULE_ATTR_FLAGS);
- node = mxmlFindElement(tree, tree, "compat_proto", NULL, NULL,
- MXML_DESCEND);
- if (node != NULL && node->child != NULL) {
- if (nft_strtoi(node->child->value.opaque, BASE_DEC,
- &r->compat.proto, NFT_TYPE_U32) != 0)
- goto err;
-
+ if (nft_mxml_num_parse(tree, "compat_proto", MXML_DESCEND_FIRST,
+ BASE_DEC, &r->compat.proto, NFT_TYPE_U32,
+ NFT_XML_OPT) >= 0)
r->flags |= (1 << NFT_RULE_ATTR_COMPAT_PROTO);
- }
-
- node = mxmlFindElement(tree, tree, "compat_flags", NULL, NULL,
- MXML_DESCEND);
- if (node != NULL && node->child != NULL) {
- if (nft_strtoi(node->child->value.opaque, BASE_DEC,
- &r->compat.flags, NFT_TYPE_U32) != 0)
- goto err;
+ if (nft_mxml_num_parse(tree, "compat_flags", MXML_DESCEND_FIRST,
+ BASE_DEC, &r->compat.flags, NFT_TYPE_U32,
+ NFT_XML_OPT) >= 0)
r->flags |= (1 << NFT_RULE_ATTR_COMPAT_FLAGS);
- }
- node = mxmlFindElement(tree, tree, "position", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node != NULL && node->child != NULL) {
- if (nft_strtoi(node->child->value.opaque, BASE_DEC,
- &r->position, NFT_TYPE_U64) != 0)
- goto err;
+ if (nft_rule_attr_is_set(r, NFT_RULE_ATTR_COMPAT_PROTO) !=
+ nft_rule_attr_is_set(r, NFT_RULE_ATTR_COMPAT_FLAGS)) {
+ errno = EINVAL;
+ goto err;
+ }
+ if (nft_mxml_num_parse(tree, "position", MXML_DESCEND_FIRST,
+ BASE_DEC, &r->position, NFT_TYPE_U64,
+ NFT_XML_OPT) >= 0)
r->flags |= (1 << NFT_RULE_ATTR_POSITION);
- }
/* Iterating over <expr> */
for (node = mxmlFindElement(tree, tree, "expr", "type",
diff --git a/src/set.c b/src/set.c
index a4b644a..7f2ee57 100644
--- a/src/set.c
+++ b/src/set.c
@@ -427,7 +427,8 @@ static int nft_set_xml_parse(struct nft_set *s, const char *xml)
if (strcmp(tree->value.opaque, "set") != 0)
goto err;
- name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST);
+ name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (name == NULL)
goto err;
@@ -437,7 +438,8 @@ static int nft_set_xml_parse(struct nft_set *s, const char *xml)
s->name = strdup(name);
s->flags |= (1 << NFT_SET_ATTR_NAME);
- table = nft_mxml_str_parse(tree, "table", MXML_DESCEND_FIRST);
+ table = nft_mxml_str_parse(tree, "table", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (table == NULL)
goto err;
@@ -447,7 +449,8 @@ static int nft_set_xml_parse(struct nft_set *s, const char *xml)
s->table = strdup(table);
s->flags |= (1 << NFT_SET_ATTR_TABLE);
- family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (family < 0)
goto err;
@@ -455,32 +458,32 @@ static int nft_set_xml_parse(struct nft_set *s, const char *xml)
s->flags |= (1 << NFT_SET_ATTR_FAMILY);
- if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST,
- BASE_DEC, &s->set_flags, NFT_TYPE_U32) != 0)
+ if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST, BASE_DEC,
+ &s->set_flags, NFT_TYPE_U32, NFT_XML_MAND) != 0)
goto err;
s->flags |= (1 << NFT_SET_ATTR_FLAGS);
- if (nft_mxml_num_parse(tree, "key_type", MXML_DESCEND_FIRST,
- BASE_DEC, &s->key_type, NFT_TYPE_U32) != 0)
+ if (nft_mxml_num_parse(tree, "key_type", MXML_DESCEND_FIRST, BASE_DEC,
+ &s->key_type, NFT_TYPE_U32, NFT_XML_MAND) != 0)
goto err;
s->flags |= (1 << NFT_SET_ATTR_KEY_TYPE);
- if (nft_mxml_num_parse(tree, "key_len", MXML_DESCEND_FIRST,
- BASE_DEC, &s->key_len, NFT_TYPE_U32) != 0)
+ if (nft_mxml_num_parse(tree, "key_len", MXML_DESCEND_FIRST, BASE_DEC,
+ &s->key_len, NFT_TYPE_U32, NFT_XML_MAND) != 0)
goto err;
s->flags |= (1 << NFT_SET_ATTR_KEY_LEN);
- if (nft_mxml_num_parse(tree, "data_type", MXML_DESCEND_FIRST,
- BASE_DEC, &s->data_type, NFT_TYPE_U32) != 0)
+ if (nft_mxml_num_parse(tree, "data_type", MXML_DESCEND_FIRST, BASE_DEC,
+ &s->data_type, NFT_TYPE_U32, NFT_XML_MAND) != 0)
goto err;
s->flags |= (1 << NFT_SET_ATTR_DATA_TYPE);
- if (nft_mxml_num_parse(tree, "data_len", MXML_DESCEND_FIRST,
- BASE_DEC, &s->data_len, NFT_TYPE_U32) != 0)
+ if (nft_mxml_num_parse(tree, "data_len", MXML_DESCEND_FIRST, BASE_DEC,
+ &s->data_len, NFT_TYPE_U32, NFT_XML_MAND) != 0)
goto err;
s->flags |= (1 << NFT_SET_ATTR_DATA_LEN);
diff --git a/src/set_elem.c b/src/set_elem.c
index 2b2e414..9ad482b 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -378,41 +378,36 @@ EXPORT_SYMBOL(nft_set_elems_nlmsg_parse);
#ifdef XML_PARSING
int nft_mxml_set_elem_parse(mxml_node_t *tree, struct nft_set_elem *e)
{
- mxml_node_t *node;
int set_elem_data;
if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST,
BASE_DEC, &e->set_elem_flags,
- NFT_TYPE_U32) != 0)
+ NFT_TYPE_U32, NFT_XML_MAND) != 0)
return -1;
e->flags |= (1 << NFT_SET_ELEM_ATTR_FLAGS);
- if (nft_mxml_data_reg_parse(tree, "key", &e->key) != DATA_VALUE)
+ if (nft_mxml_data_reg_parse(tree, "key", &e->key,
+ NFT_XML_MAND) != DATA_VALUE)
return -1;
e->flags |= (1 << NFT_SET_ELEM_ATTR_KEY);
/* <set_elem_data> is not mandatory */
- node = mxmlFindElement(tree, tree, "data", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node != NULL && node->child != NULL) {
- set_elem_data = nft_mxml_data_reg_parse(tree, "data",
- &e->data);
- switch (set_elem_data) {
- case DATA_VALUE:
- e->flags |= (1 << NFT_SET_ELEM_ATTR_DATA);
- break;
- case DATA_VERDICT:
- e->flags |= (1 << NFT_SET_ELEM_ATTR_VERDICT);
- break;
- case DATA_CHAIN:
- e->flags |= (1 << NFT_SET_ELEM_ATTR_CHAIN);
- break;
- default:
- return -1;
- }
+ set_elem_data = nft_mxml_data_reg_parse(tree, "data",
+ &e->data, NFT_XML_OPT);
+ switch (set_elem_data) {
+ case DATA_VALUE:
+ e->flags |= (1 << NFT_SET_ELEM_ATTR_DATA);
+ break;
+ case DATA_VERDICT:
+ e->flags |= (1 << NFT_SET_ELEM_ATTR_VERDICT);
+ break;
+ case DATA_CHAIN:
+ e->flags |= (1 << NFT_SET_ELEM_ATTR_CHAIN);
+ break;
}
+
return 0;
}
#endif
diff --git a/src/table.c b/src/table.c
index 838c5ee..0b51d15 100644
--- a/src/table.c
+++ b/src/table.c
@@ -232,7 +232,8 @@ static int nft_table_xml_parse(struct nft_table *t, const char *xml)
if (strcmp(tree->value.opaque, "table") != 0)
goto err;
- name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST);
+ name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (name == NULL)
goto err;
@@ -242,7 +243,8 @@ static int nft_table_xml_parse(struct nft_table *t, const char *xml)
t->name = strdup(name);
t->flags |= (1 << NFT_TABLE_ATTR_NAME);
- family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST,
+ NFT_XML_MAND);
if (family < 0)
goto err;
@@ -250,7 +252,8 @@ static int nft_table_xml_parse(struct nft_table *t, const char *xml)
t->flags |= (1 << NFT_TABLE_ATTR_FAMILY);
if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND, BASE_DEC,
- &t->table_flags, NFT_TYPE_U32) != 0)
+ &t->table_flags, NFT_TYPE_U32,
+ NFT_XML_MAND) != 0)
goto err;
t->flags |= (1 << NFT_TABLE_ATTR_FLAGS);