diff options
| author | Phil Sutter <phil@nwl.cc> | 2026-01-29 19:35:24 +0100 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2026-01-30 17:25:16 +0100 |
| commit | 758cfe51968a1fbd78cc7a6041c467e64f090d3a (patch) | |
| tree | 2ed35ba491fbd3aec46f47cde91a5a049a1979c5 | |
| parent | 412d5659d398e419f45ae490caba41e978483f95 (diff) | |
configure: Auto-detect libz unless explicitly requested
If user did not pass --with-zlib and it is not available, simply turn
off rule compat expression compression. It is not strictly necessary and
users may not care.
While at it, drop the conditional AC_DEFINE() call: In fact,
AC_CHECK_LIB() does that already.
Fixes: ff5f6a208efcc ("nft-ruleparse: Fallback to compat expressions in userdata")
Signed-off-by: Phil Sutter <phil@nwl.cc>
| -rw-r--r-- | configure.ac | 9 | ||||
| -rw-r--r-- | iptables/nft-compat.c | 6 |
2 files changed, 8 insertions, 7 deletions
diff --git a/configure.ac b/configure.ac index d42588c8..2a8abf21 100644 --- a/configure.ac +++ b/configure.ac @@ -79,11 +79,12 @@ AC_ARG_ENABLE([profiling], [enable_profiling="$enableval"], [enable_profiling="no"]) AC_ARG_WITH([zlib], [AS_HELP_STRING([--without-zlib], [Disable payload compression of rule compat expressions])], - [], [with_zlib=yes]) + [], [with_zlib=check]) AS_IF([test "x$with_zlib" != xno], [ AC_CHECK_LIB([z], [compress], , - AC_MSG_ERROR([No suitable version of zlib found])) - AC_DEFINE([HAVE_ZLIB], [1], [Define if you have zlib]) + [if test "x$with_zlib" != xcheck; then + AC_MSG_ERROR([No suitable version of zlib found]) + fi; with_zlib=no]) ]) AC_MSG_CHECKING([whether $LD knows -Wl,--no-undefined]) @@ -297,7 +298,7 @@ Iptables Configuration: nftables support: ${enable_nftables} connlabel support: ${enable_connlabel} profiling support: ${enable_profiling} - compress rule compat expressions: ${with_zlib} + compress rule compat expressions: ${with_zlib/check/yes} Build parameters: Put plugins into executable (static): ${enable_static} diff --git a/iptables/nft-compat.c b/iptables/nft-compat.c index 632733ca..dfcc05b8 100644 --- a/iptables/nft-compat.c +++ b/iptables/nft-compat.c @@ -16,7 +16,7 @@ #include <string.h> #include <xtables.h> -#ifdef HAVE_ZLIB +#ifdef HAVE_LIBZ #include <zlib.h> #endif @@ -64,7 +64,7 @@ pack_rule_udata_ext_data(struct rule_udata_ext *rue, const void *data, size_t datalen) { size_t datalen_out = datalen; -#ifdef HAVE_ZLIB +#ifdef HAVE_LIBZ compress(rue->data, &datalen_out, data, datalen); rue->flags |= RUE_FLAG_ZIP; #else @@ -144,7 +144,7 @@ __nftnl_expr_from_udata_ext(struct rule_udata_ext *rue, const void *data) static struct nftnl_expr * nftnl_expr_from_zipped_udata_ext(struct rule_udata_ext *rue) { -#ifdef HAVE_ZLIB +#ifdef HAVE_LIBZ uLongf datalen = rue->orig_size; struct nftnl_expr *expr = NULL; void *data; |