summaryrefslogtreecommitdiffstats
path: root/src/datatype.c
diff options
context:
space:
mode:
authorElise Lennion <elise.lennion@gmail.com>2017-02-06 13:53:40 -0200
committerPablo Neira Ayuso <pablo@netfilter.org>2017-02-06 22:14:23 +0100
commitf0f99006d34b29ea4e8ff5b4854347496f879187 (patch)
tree880eedade1f6771956f581e63a461d00ad046777 /src/datatype.c
parent4ae0b6dc90d16b4d93a4e8b6703f23dcf2467b85 (diff)
datatype: Replace getaddrinfo() by internal lookup table
Nftables uses a internal service table to print service names. This table should be used when parsing new rules, to avoid conflicts between nft service table and the local /etc/services, when loading an exported ruleset. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1118 Fixes: ccc5da4 ("datatype: Replace getnameinfo() by internal lookup table") Signed-off-by: Elise Lennion <elise.lennion@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/datatype.c')
-rw-r--r--src/datatype.c18
1 files changed, 10 insertions, 8 deletions
diff --git a/src/datatype.c b/src/datatype.c
index d697a075..f1388dc5 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -597,10 +597,9 @@ static void inet_service_type_print(const struct expr *expr)
static struct error_record *inet_service_type_parse(const struct expr *sym,
struct expr **res)
{
- struct addrinfo *ai;
+ const struct symbolic_constant *s;
uint16_t port;
uintmax_t i;
- int err;
char *end;
errno = 0;
@@ -611,13 +610,16 @@ static struct error_record *inet_service_type_parse(const struct expr *sym,
port = htons(i);
} else {
- err = getaddrinfo(NULL, sym->identifier, NULL, &ai);
- if (err != 0)
- return error(&sym->location, "Could not resolve service: %s",
- gai_strerror(err));
+ for (s = inet_service_tbl.symbols; s->identifier != NULL; s++) {
+ if (!strcmp(sym->identifier, s->identifier))
+ break;
+ }
- port = ((struct sockaddr_in *)ai->ai_addr)->sin_port;
- freeaddrinfo(ai);
+ if (s->identifier == NULL)
+ return error(&sym->location, "Could not resolve service: "
+ "Servname not found in nft services list");
+
+ port = s->value;
}
*res = constant_expr_alloc(&sym->location, &inet_service_type,