libnftables: Support buffering output and error

When integrating libnftables into Python code using ctypes module,
having to use a FILE pointer for output becomes a show-stopper.
Therefore make Python hackers' lives (a little) less painful by
providing convenience functions to setup buffering output and error
streams using fopencookie() and retrieving the buffers.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

2 files changed, 16 insertions, 0 deletions

diff --git a/include/nftables.h b/include/nftables.h
index 1b368971..5c181be5 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -7,6 +7,13 @@
 #include <utils.h>
 #include <nftables/nftables.h>
 
+struct cookie {
+	char *buf;
+	size_t buflen;
+	size_t pos;
+	FILE *orig_fp;
+};
+
 struct output_ctx {
 	unsigned int numeric;
 	unsigned int stateless;
@@ -15,6 +22,8 @@ struct output_ctx {
 	unsigned int echo;
 	FILE *output_fp;
 	FILE *error_fp;
+	struct cookie *output_cookie;
+	struct cookie *error_cookie;
 };
 
 struct nft_cache {
diff --git a/include/nftables/nftables.h b/include/nftables/nftables.h
index 1e930682..652e0ca9 100644
--- a/include/nftables/nftables.h
+++ b/include/nftables/nftables.h
@@ -57,7 +57,14 @@ bool nft_ctx_output_get_echo(struct nft_ctx *ctx);
 void nft_ctx_output_set_echo(struct nft_ctx *ctx, bool val);
 
 FILE *nft_ctx_set_output(struct nft_ctx *ctx, FILE *fp);
+int nft_ctx_buffer_output(struct nft_ctx *ctx);
+int nft_ctx_unbuffer_output(struct nft_ctx *ctx);
+const char *nft_ctx_get_output_buffer(struct nft_ctx *ctx);
+
 FILE *nft_ctx_set_error(struct nft_ctx *ctx, FILE *fp);
+int nft_ctx_buffer_error(struct nft_ctx *ctx);
+int nft_ctx_unbuffer_error(struct nft_ctx *ctx);
+const char *nft_ctx_get_error_buffer(struct nft_ctx *ctx);
 
 int nft_ctx_add_include_path(struct nft_ctx *ctx, const char *path);
 void nft_ctx_clear_include_paths(struct nft_ctx *ctx);