From fd64a5871b671a66f1ba6d6e3aa83ed24d92c099 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Thu, 5 May 2022 23:48:50 +0200
Subject: libxtables: Drop xtables_globals 'optstring' field

Define the different optstrings in xshared.h instead, they are not
relevant for other libxtables users.

This is a partial revert of commit 65b150ae382a8 ("xshared: Store
optstring in xtables_globals") to avoid breaking libxtables' ABI
compatibility.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 include/xtables.h      |  1 -
 iptables/ip6tables.c   |  1 -
 iptables/iptables.c    |  1 -
 iptables/xshared.c     | 17 ++++++++++++++++-
 iptables/xshared.h     |  3 +++
 iptables/xtables-arp.c |  1 -
 iptables/xtables-eb.c  |  3 +--
 iptables/xtables.c     |  1 -
 8 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/include/xtables.h b/include/xtables.h
index a93e8f6e..8c1065bc 100644
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -420,7 +420,6 @@ struct xtables_globals
 {
 	unsigned int option_offset;
 	const char *program_name, *program_version;
-	const char *optstring;
 	struct option *orig_opts;
 	struct option *opts;
 	void (*exit_err)(enum xtables_exittype status, const char *msg, ...) __attribute__((noreturn, format(printf,2,3)));
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index 5806a13c..75984cc1 100644
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -90,7 +90,6 @@ static struct option original_opts[] = {
 struct xtables_globals ip6tables_globals = {
 	.option_offset = 0,
 	.program_version = PACKAGE_VERSION " (legacy)",
-	.optstring = OPTSTRING_COMMON "R:S::W::" "46bg:h::m:nvw::x",
 	.orig_opts = original_opts,
 	.compat_rev = xtables_compatible_revision,
 };
diff --git a/iptables/iptables.c b/iptables/iptables.c
index edde604c..e5207ba1 100644
--- a/iptables/iptables.c
+++ b/iptables/iptables.c
@@ -87,7 +87,6 @@ static struct option original_opts[] = {
 struct xtables_globals iptables_globals = {
 	.option_offset = 0,
 	.program_version = PACKAGE_VERSION " (legacy)",
-	.optstring = OPTSTRING_COMMON "R:S::W::" "46bfg:h::m:nvw::x",
 	.orig_opts = original_opts,
 	.compat_rev = xtables_compatible_revision,
 };
diff --git a/iptables/xshared.c b/iptables/xshared.c
index e959f203..fae5ddd5 100644
--- a/iptables/xshared.c
+++ b/iptables/xshared.c
@@ -1340,6 +1340,20 @@ static void check_inverse(struct xtables_args *args, const char option[],
 	}
 }
 
+static const char *optstring_lookup(int family)
+{
+	switch (family) {
+	case AF_INET:
+	case AF_INET6:
+		return IPT_OPTSTRING;
+	case NFPROTO_ARP:
+		return ARPT_OPTSTRING;
+	case NFPROTO_BRIDGE:
+		return EBT_OPTSTRING;
+	}
+	return "";
+}
+
 void do_parse(int argc, char *argv[],
 	      struct xt_cmd_parse *p, struct iptables_command_state *cs,
 	      struct xtables_args *args)
@@ -1370,7 +1384,8 @@ void do_parse(int argc, char *argv[],
 	opterr = 0;
 
 	xt_params->opts = xt_params->orig_opts;
-	while ((cs->c = getopt_long(argc, argv, xt_params->optstring,
+	while ((cs->c = getopt_long(argc, argv,
+				    optstring_lookup(afinfo->family),
 				    xt_params->opts, NULL)) != -1) {
 		switch (cs->c) {
 			/*
diff --git a/iptables/xshared.h b/iptables/xshared.h
index e69da735..14568bb0 100644
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -68,6 +68,9 @@ struct xtables_rule_match;
 struct xtables_target;
 
 #define OPTSTRING_COMMON "-:A:C:D:E:F::I:L::M:N:P:VX::Z::" "c:d:i:j:o:p:s:t:"
+#define IPT_OPTSTRING	OPTSTRING_COMMON "R:S::W::" "46bfg:h::m:nvw::x"
+#define ARPT_OPTSTRING	OPTSTRING_COMMON "R:S::" "h::l:nv" /* "m:" */
+#define EBT_OPTSTRING	OPTSTRING_COMMON "hv"
 
 /* define invflags which won't collide with IPT ones */
 #define IPT_INV_SRCDEVADDR	0x0080
diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index bf7d44e7..71518a9c 100644
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -86,7 +86,6 @@ static struct option original_opts[] = {
 struct xtables_globals arptables_globals = {
 	.option_offset		= 0,
 	.program_version	= PACKAGE_VERSION " (nf_tables)",
-	.optstring		= OPTSTRING_COMMON "C:R:S::" "h::l:nv" /* "m:" */,
 	.orig_opts		= original_opts,
 	.compat_rev		= nft_compatible_revision,
 };
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index a7bfb9c5..3d15063e 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -220,7 +220,6 @@ struct option ebt_original_options[] =
 struct xtables_globals ebtables_globals = {
 	.option_offset 		= 0,
 	.program_version	= PACKAGE_VERSION " (nf_tables)",
-	.optstring		= OPTSTRING_COMMON "hv",
 	.orig_opts		= ebt_original_options,
 	.compat_rev		= nft_compatible_revision,
 };
@@ -734,7 +733,7 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table,
 	opterr = false;
 
 	/* Getopt saves the day */
-	while ((c = getopt_long(argc, argv, xt_params->optstring,
+	while ((c = getopt_long(argc, argv, EBT_OPTSTRING,
 					opts, NULL)) != -1) {
 		cs.c = c;
 		switch (c) {
diff --git a/iptables/xtables.c b/iptables/xtables.c
index 41b6eb48..70924176 100644
--- a/iptables/xtables.c
+++ b/iptables/xtables.c
@@ -88,7 +88,6 @@ static struct option original_opts[] = {
 struct xtables_globals xtables_globals = {
 	.option_offset = 0,
 	.program_version = PACKAGE_VERSION " (nf_tables)",
-	.optstring = OPTSTRING_COMMON "R:S::W::" "46bfg:h::m:nvw::x",
 	.orig_opts = original_opts,
 	.compat_rev = nft_compatible_revision,
 };
-- 
cgit v1.2.3