diff options
| author | Phil Sutter <phil@nwl.cc> | 2017-11-13 15:08:16 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-11-16 14:35:35 +0100 |
| commit | 9200bfc50653612033d58774f422fc20150d3301 (patch) | |
| tree | 04b81823a43a38cf67fe10b7dd836cbbef85f567 | |
| parent | 657fdefc7d5c70056b8738da214d3d78f421b19c (diff) | |
libnftables: Unexport enum nftables_exit_codes
Apart from SUCCESS/FAILURE, these codes were not used by library
functions simply because NOMEM and NONL conditions lead to calling
exit() instead of propagating the error condition back up the call
stack.
Instead, make nft_run_cmd_from_*() return either 0 or -1 on error.
Usually errno will then contain more details about what happened and/or
there are messages in erec.
Calls to exit()/return in main() are adjusted to stay compatible.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | include/nftables.h | 7 | ||||
| -rw-r--r-- | include/nftables/nftables.h | 10 | ||||
| -rw-r--r-- | src/libnftables.c | 10 | ||||
| -rw-r--r-- | src/main.c | 22 |
4 files changed, 23 insertions, 26 deletions
diff --git a/include/nftables.h b/include/nftables.h index d69079fe..3bfa33e5 100644 --- a/include/nftables.h +++ b/include/nftables.h @@ -35,6 +35,13 @@ struct nft_ctx { uint32_t flags; }; +enum nftables_exit_codes { + NFT_EXIT_SUCCESS = 0, + NFT_EXIT_FAILURE = 1, + NFT_EXIT_NOMEM = 2, + NFT_EXIT_NONL = 3, +}; + struct input_descriptor; struct location { const struct input_descriptor *indesc; diff --git a/include/nftables/nftables.h b/include/nftables/nftables.h index 4211be76..8e59f2b2 100644 --- a/include/nftables/nftables.h +++ b/include/nftables/nftables.h @@ -38,16 +38,6 @@ enum nft_numeric_level { */ #define NFT_CTX_DEFAULT 0 -/** - * Exit codes returned by nft_run_cmd_from_*() - */ -enum nftables_exit_codes { - NFT_EXIT_SUCCESS = 0, - NFT_EXIT_FAILURE = 1, - NFT_EXIT_NOMEM = 2, - NFT_EXIT_NONL = 3, -}; - struct nft_ctx *nft_ctx_new(uint32_t flags); void nft_ctx_free(struct nft_ctx *ctx); diff --git a/src/libnftables.c b/src/libnftables.c index dc6a5fdf..e8fa6742 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -272,7 +272,7 @@ static const struct input_descriptor indesc_cmdline = { int nft_run_cmd_from_buffer(struct nft_ctx *nft, char *buf, size_t buflen) { - int rc = NFT_EXIT_SUCCESS; + int rc = 0; struct parser_state state; LIST_HEAD(msgs); void *scanner; @@ -284,7 +284,7 @@ int nft_run_cmd_from_buffer(struct nft_ctx *nft, char *buf, size_t buflen) scanner_push_buffer(scanner, &indesc_cmdline, buf); if (nft_run(nft, nft->nf_sock, scanner, &state, &msgs) != 0) - rc = NFT_EXIT_FAILURE; + rc = -1; fp = nft_ctx_set_output(nft, stderr); erec_print_list(&nft->output, &msgs, nft->debug_mask); @@ -306,18 +306,18 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename) rc = cache_update(nft->nf_sock, &nft->cache, CMD_INVALID, &msgs, nft->debug_mask, &nft->output); if (rc < 0) - return NFT_EXIT_FAILURE; + return -1; parser_init(nft->nf_sock, &nft->cache, &state, &msgs, nft->debug_mask, &nft->output); scanner = scanner_init(&state); if (scanner_read_file(scanner, filename, &internal_location) < 0) { - rc = NFT_EXIT_FAILURE; + rc = -1; goto err; } if (nft_run(nft, nft->nf_sock, scanner, &state, &msgs) != 0) - rc = NFT_EXIT_FAILURE; + rc = -1; err: fp = nft_ctx_set_output(nft, stderr); erec_print_list(&nft->output, &msgs, nft->debug_mask); @@ -183,11 +183,11 @@ int main(int argc, char * const *argv) switch (val) { case OPT_HELP: show_help(argv[0]); - exit(NFT_EXIT_SUCCESS); + exit(EXIT_SUCCESS); case OPT_VERSION: printf("%s v%s (%s)\n", PACKAGE_NAME, PACKAGE_VERSION, RELEASE_NAME); - exit(NFT_EXIT_SUCCESS); + exit(EXIT_SUCCESS); case OPT_CHECK: nft_ctx_set_dry_run(nft, true); break; @@ -202,7 +202,7 @@ int main(int argc, char * const *argv) fprintf(stderr, "Failed to add include path '%s'\n", optarg); - exit(NFT_EXIT_FAILURE); + exit(EXIT_FAILURE); } break; case OPT_NUMERIC: @@ -211,7 +211,7 @@ int main(int argc, char * const *argv) fprintf(stderr, "Too many numeric options " "used, max. %u\n", NFT_NUMERIC_ALL); - exit(NFT_EXIT_FAILURE); + exit(EXIT_FAILURE); } nft_ctx_output_set_numeric(nft, numeric + 1); break; @@ -241,7 +241,7 @@ int main(int argc, char * const *argv) if (i == array_size(debug_param)) { fprintf(stderr, "invalid debug parameter `%s'\n", optarg); - exit(NFT_EXIT_FAILURE); + exit(EXIT_FAILURE); } if (end == NULL) @@ -257,7 +257,7 @@ int main(int argc, char * const *argv) nft_ctx_output_set_echo(nft, true); break; case OPT_INVALID: - exit(NFT_EXIT_FAILURE); + exit(EXIT_FAILURE); } } @@ -272,19 +272,19 @@ int main(int argc, char * const *argv) strcat(buf, " "); } strcat(buf, "\n"); - rc = nft_run_cmd_from_buffer(nft, buf, len + 2); + rc = !!nft_run_cmd_from_buffer(nft, buf, len + 2); } else if (filename != NULL) { - rc = nft_run_cmd_from_filename(nft, filename); + rc = !!nft_run_cmd_from_filename(nft, filename); } else if (interactive) { if (cli_init(nft) < 0) { fprintf(stderr, "%s: interactive CLI not supported in this build\n", argv[0]); - exit(NFT_EXIT_FAILURE); + exit(EXIT_FAILURE); } - return 0; + return EXIT_SUCCESS; } else { fprintf(stderr, "%s: no command specified\n", argv[0]); - exit(NFT_EXIT_FAILURE); + exit(EXIT_FAILURE); } xfree(buf); |